Hi,

I didnt know where to post, so I posted here and in the Programming Forum. Hope this isnt a problem?!

I want to use MOveable Type for a blog. THe host that I am considering using says that MT may be a hackable script. Is this true. Should I be worried about someone hacking the server if I us MT.

ANy help you can offer would be appreciated.

**************************************************
Here was my question:

I was considering using Moveable Type as a CMS for a web site. Are you able to host this? Also, maybe PHP-Nuke? Just thought it would be easier to have one of this systems rather than hard-coding all of the time.

Here was his answer:
**************************************************
Yes, you can use those script but if you do, it is critical that you always keep them up to date with the authors latest versions. Why? Because these are very popular hackable scripts and kids hack or crack them to gain unauthorized access to your hosting account and our server.

You are responsible for its configuration and installation as we do not give technical support on any scripts you install on our servers.

If you follow these guidelines, you'll be fine. Always keep an eye on your script author's websites for their latest news and security patches. Signup for their newsletter if they offer it.
***********************************************

Basically the host is saying that MT is popular. I use it myself on my personal site. The more popular something is the more people are going to try and break it.

Its safe but as with all things keep an eye on the site and if there is a mailing list for product accountsments subscribe to it

Just my $0.02

Rus

PHPNuke is commonly hacked, this I've seen first hand.

MoveableType I've never seen hacked but, that doesn't mean it doesn't happen.

Overall its just a good idea to keep your scripts updated. Like Rus said, signup for the accountsments errr.. I mean announcements. :D

MT has had several well known holes that allow hackers to gain access.

Nuke gets cracked all the time.

Your host is correct it is important that you keep updated versions on your site.

MT has had several well known holes that allow hackers to gain access.


Darn, I'm wrong yet again.. I've got to get better at this.. :D

I personally have a lot of sripts that are used ot hack PHP Nuke's. Even a C++ program that is run from the shell and can sincerely screw up stuff.

EVERYTHING IS HACKABLE.

And dont let anyone tell you any different. Nothing is unhackable. They said DeCSS couldnt be hacked. It was. They said that windows NT was unhackable when it came out. Many a sysadmin has learned otherwise. They said unix was unhackable. It too has exploits.

Thank you all for your feedback...

cheers

Originally posted by kkimmel
EVERYTHING IS HACKABLE.

And dont let anyone tell you any different. Nothing is unhackable. They said DeCSS couldnt be hacked. It was. They said that windows NT was unhackable when it came out. Many a sysadmin has learned otherwise. They said unix was unhackable. It too has exploits.

Truer words were never spoken.

But some things get going in the hackers circles and become easy targets.

If one man can write it, another man can hack it, that simple.

And the more people that use, its more likely it is going to get hacked. Look at windows for example, thats probably why people go looking for exploits. This must be the reason why macs are barely hacked... ;) :p :D

PHP-Nuke has tons of exploits, but look how many sites and nuke users there are.

Regardless of what system you use, keep it updated or you are going to regret it. ;)