Server security compromised with an Open Source plugin
A new security issue has become evident, this time through a plugin used on the Open Source platform, potentially opening a back door to the entire server
Open Source software is a collection of code, widgets and plugins written by a multitude of different developers and published in the public domain to encourage code re-use and sharing of functionality.
This is a great approach in theory and works well until the issue of security comes up. The source code is available to other developers to build on as well as potential hackers. Having access to the source code means that it is easier for them to find system vulnerabilities in the first place.
Most Open Source websites are based on a core system with additional functionality provided by plugins and widgets. while security issues with core systems (such as WordPress and Joomla) are well known and regular security fixes are posted, this particular hack affects a plugin.
More details can be found here link to The Register.
More details on website security can be found here on the SITP website.
Hacking is much less of an issue with Licensed software, as source code is not readily available in the public domain.
If you are looking to upgrade your website and are considering going the Licensed route, please give us a call.