Happy New Year from WordPress
Today I received this ‘Happy New Year’ message from Matt Mullenweg, creator of WordPress:
First off, happy holidays. :) …
My last message to you this year is an important but unfortunate one: we’ve fixed a pretty critical vulnerability in WordPress’ core HTML sanitation library, and because this library is used lots of places it’s important that everyone update as soon as possible.
I realize an update during the holidays is no fun, but this one is worth putting down the eggnog for. In the spirit of the holidays, consider helping your friends as well.
Webvanta is Inherently More Secure
We frequently are asked about whether Webvanta is vulnerable to the same sorts of security issues that plague WordPress sites. The answer is NO.
We would never be so foolish as to claim that Webvanta cannot be hacked, but we can say this:
- It has not been hacked yet.
- Because Webvanta is built with Ruby on Rails and imposes an abstraction layer between all front-end code and server’s file syatem and database, it is inherently more secure than systems built with PHP, which allow any file to run back-end code.
- Whenever updates are needed, that’s something we do for you automatically, not something you need to do.
- If there ever is a hack, it is our problem, not yours, to correct it and restore everything from backups.
We believe that security issues are one of the factors that will lead to a dramatic rise in the use of hosted content management systems in the coming years.
So Happy New Year to all the designers who switched to Webvanta in 2010. You won’t need to spend your holidays updating software installations.