Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Hacking Issues


Go to End


2 Posts   2000 Views

Avatar
Eco

Community Member, 15 Posts

15 March 2010 at 10:16am

I currently have a client's website on Wordpress, but I have had major issues with the site being hacked several times in the last 2 weeks, despite adding many security measures. I am thinking of changing to SilverStripe. Are there any known problems with hackers on SilverStripe websites? What kind of support could I get if the site was hacked again while using SilverStripe? Is it possible that since the hacker has already been able to access my client's site, they will continue to attack that domain regardless of what CMS I use? My client needs some reassurance - any information I could pass on to him would be most welcome.

Avatar
Willr

Forum Moderator, 5523 Posts

15 March 2010 at 12:08pm

Well I don't think any system would want to claim it is 100% secure but we do have semi regular security audits of the core and any security issues which are found and emailed to security@silverstripe.org are normally handled with the upmost urgency and any fixes are released ASAP.

You can follow the security releases on http://groups.google.com/group/silverstripe-announce.

But as with any system a whole bunch of ways an attacker can get in. Even through weak passwords and / or insecure project code.

We also have a page dedicated to secure development which any SS developer should read http://doc.silverstripe.org/doku.php?id=secure-development