Re: php

To: debian-user@lists.debian.org
Subject: Re: php
From: Scott Ferguson <prettyfly.productions@gmail.com>
Date: Sat, 08 Oct 2011 13:06:59 +1100
Message-id: <[🔎] 4E8FB043.4090404@gmail.com>
In-reply-to: <[🔎] 3116FBAC-AC81-44D2-A911-B53080AF2D5E@slsware.com>
References: <[🔎] 3116FBAC-AC81-44D2-A911-B53080AF2D5E@slsware.com>

On 08/10/11 04:24, Glenn English wrote:
> One of my users wants to put up a blog using WordPress. I notice
> there's a package for WordPress in aptitude, but it's in php.

WordPress uses php - regardless of where you get it from.

> 
> I don't do php on my web server because I was told of huge security
> problems in it 

Web servers have huge security problems. The internet has huge security
problems.
You've been given poor advice. Make sure you keep WordPress up-to-date.

> -- and until I turned off the php interpreter in
> Apache, I got many break in attempts involving phpAdmin and such.

Which is why you don't run the login page as default.
Over-simplification == dumbing-down - with a logical conclusion ;-p

It's like arguing the obscurity is inferior to open in regards to
security. It fallacious logic. It's *not* and either/or situation - a
mixture of both is superior to either.

Wordpress is a CMS - almost all CMSs use php (and MySQL). All software
has insecurities - not using software is *not* the solution.

Consider *not* advertising the version or type of software you're using,
don't use www.site.tld/admin as the login page, don't use "admin" as the
administrator name, don't forget to check your file permissions, do keep
your software up-to-date, do keep multiple backups *and* use md5 sums.

> 
> Do any of you know of a similar package in, say, Perl or Python? Or
> can anyone convince me that php is safe?
> 

Those are not answerable questions (the latter is a "are you still
beating your wife?" type question!).

Consider carefully what you want to do, and choose the appropriate
software for it.
EG. if you want to run a blog then WordPress is a fine choice
(provisionally), if you want to run a worm farm then Joomla is an
excellent choice (and you'll have lots of company). If you don't want to
spent the time becoming an expert in Apache etc - use hosting.

WordPress is ideal for people with limited time who want a blog (content
changes regularly). It can be "converted" into a website CMS - and a
Ferrari can be converted into a manure spreader (but it's less than ideal).

I hope that somewhat answers your questions. If not perhaps consider
rephrasing them and telling us what you want WordPress for, and in what
circumstances you wish to run it - and we'll suggest Debian solutions
for it.

Cheers

Reply to:

References:
- php
  - From: Glenn English <ghe@slsware.com>

Prev by Date: Re: `Xorg -configure' failure
Next by Date: Re: Kernel upgraded two or three times since install
Previous by thread: Re: php
Next by thread: Re: php
Index(es):
- Date
- Thread