How to secure your CMS without patching


In as little as four hours, the bad guys can reverse engineer a software patch for an open-source content management system (CMS) and build an exploit capable of turning millions of websites into spammers, malware hosts or DDoS attackers. 

“There’s just not enough time for normal site owners to apply the updates,” said David Jardin, a member of the German association CMS Garden, which promotes the use of open source CMS software including Drupal, Joomla, WordPress and others.

To help ordinary users patch more quickly, CMS Garden is participating in a government-funded project, Secure Websites and Content Management Systems (Siwecos), to make the websites of SMEs more secure. 

Siwecos is a three-pronged effort, Jardin said.

Leave a Reply

Your email address will not be published. Required fields are marked *