[Ilugc] do you need a CMS
- From: prem@xxxxxxxxxxxxxxxx (Prem Kurian Philip)
- Date: Thu Sep 10 15:10:36 2009
Take the case of Apache, for example when was the last time you had to
upgrade because of a security issue?
I see your point but Apache has been around a lot longer than WP. In
anycase, there was a vulnerability a few weeks ago:
http://lists.centos.org/pipermail/centos-announce/2009-August/016066.html
Also, I upgraded a Apache Tomcat a few weeks ago due to a vulnerability.
Consider the Centos Security Update Announce list for the past 10 days in
September.
http://lists.centos.org/pipermail/centos-announce/2009-September/thread.html
The link above will indicate why I would consider using CentOS instead of
other distros which don't get these frequent security bug fixes.
If the turn around time for publishing bug fixes from the time when a
vulnerability is listed is too high, it counts against the project. And
that is a better metric of project quality rather than the number of
listed vulnerabilities. That and, of course, the severity of the
vulnerability.
I have used Joomla, WP etc before and I have upgraded due to security
issues a number of times. But then, I have done the same with my OS,
webserver, database, browser etc. If you turn on automatic updates even on
your linux desktop, you will see how often security fixes flow in.
My point is essentially just this - between setting up a website from
ground up using custom developed code and using a popular, frequently
update CMS, my vote goes towards the second option - that is, using a
popular CMS.
Thank you,
Prem
Other related posts:
