WordPress has seen its fair share of security related releases this year, so it’s reassuring to hear a third-party whose job it is to penetrate software security praise WordPress’ core.
Netanel Rubin, a vulnerability researcher for Check Point Software recently praised the efforts of the WordPress development team in their ongoing efforts towards securing WordPress.
In contrast to these frequent findings in 3rd party plug-ins’ code, barebones WordPress issues are rare, as WordPress core developers are well-trained to hold high security awareness for all released code.
We can confirm that during our audit of the source code, we witnessed the developers ‘leaving nothing to chance’, and implementing multiple layers of security protecting most attack vectors we could think of.
WordPress developers deserve praise for their efforts to maintain such complex software in this level of security, specifically considering the presence of the notoriously trigger-happy foot-gun called PHP.
It’s comforting to know that WordPress core’s security is taken seriously and that good work is being done on an ongoing basis to maintain and enhance security in all areas.
We build our websites on top of WordPress core just like a house is built on top of a foundation. Just like a house, if the foundation is weak it doesn’t matter how much we try to strengthen the walls, ceilings and floors, the house will always be weak. Knowing that WordPress core is solid gives us confidence as we continue building and maintaining websites that utilize it.
There is much we can do to secure WordPress websites beyond WordPress core. Signing up to a maintenance plan ensures your site is always on the cutting edge of security.