Hacker News new | past | comments | ask | show | jobs | submit login

I'm surprised there's no mention of the vulnerabilities in Wordpress or its plugins. I've had nothing but virus infestations on nearly every Wordpress install I've set up. I'm sure the problem lies more with the random plugins, but Wordpress itself sure makes it easy to find and install plugins with no kind of security audit.

Not sure how this is a problem with Wordpress. I'm sure a critical analysis of, say, the Firefox and Chrome plugins sites would turn up some quantity of malware as well.

The trick is to not download random plugins; stick to things with lots of reviews and lots of downloads. Installing some security plugins will help (WebsiteDefender, both the plugin and the service, is a good example), as will putting your site behind a protective CDN like CloudFlare (and since they're free, there's really no good reason not to do this..)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact