[wp-trac] [WordPress Trac] #39309: Secure WordPress Against Infrastructure Attacks
WordPress Trac
noreply at wordpress.org
Fri Aug 16 10:57:49 UTC 2019
#39309: Secure WordPress Against Infrastructure Attacks
------------------------------------------+-----------------------------
Reporter: paragoninitiativeenterprises | Owner: pento
Type: task (blessed) | Status: reopened
Priority: normal | Milestone: Future Release
Component: Upgrade/Install | Version: 4.8
Severity: critical | Resolution:
Keywords: has-patch | Focuses:
------------------------------------------+-----------------------------
Comment (by paragoninitiativeenterprises):
I would strongly recommend ''against'' removing the signature verification
for core updates.
Without signatures, WordPress is one 0wned server away from turning the
entire installed base into a DDoS botnet capable of breaking the Internet
backbone. Let's not return to that state, okay?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/39309#comment:98>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list