[wp-hackers] Security in wordpress
wphax at nullamatix.com
Fri May 7 14:33:19 UTC 2010
On Fri, May 7, 2010 at 10:27 AM, Ash Goodman <ash at thinkinginvain.com> wrote:
> I would like to set my server up so that the FTP credentials are not
> required for wordpress and plugin updates as shown here:
> This also seems to eliminate the problem of needing to 777 the uploads
> folder in order to upload images.
> Is this safe to do or is it only going to cause other security problems
> and/or cause problems with wordpress?
-----BEGIN PGP SIGNED MESSAGE-----
No - "FTP" is inherently insecure. Consider implementing ftps or sftp
as an alternative.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the wp-hackers