[Pmwiki-users] Easily Hackable?

Patrick R. Michaud pmichaud
Thu Apr 1 11:08:20 CST 2004


On Wed, Mar 31, 2004 at 02:20:03PM -0800, KC Patrick wrote:
> 
>    I  had  a non-profit client reject my proposal for implementing a wiki
>    because  they  heard wikis are "hackable" and are concerned because an
>    affiliate had porn and other stuff put onto their site.

Well, if one goes strictly by what was meant by the term "wiki" -- i.e.,
anyone can edit-- then yes, wikis are hackable.  But almost all wikis today
have facilities to limit the amount of editing and hacking that can take
place.

>    So, besides "the usual lecture" about security (in the documentation),
>    what  are the experiences of more learn-ed PmWiki-ers here on security
>    issues  and what should I communicate to future clients about security
>    and PmWiki?

In over two years of running wikis, those wikis that I've run that are
password protected (over a dozen of them) have never been hacked.  A standard
wiki with no password protection is hackable.  A wiki that is password
protected is no more nor less secure than a web site created via other
means.  Indeed, in some ways the wiki has better security because it's
easy to detect and recover when the passwords have been compromised and the
pages have been hacked.

Pm




More information about the pmwiki-users mailing list