As you may notice that vnsecurity.net server has been taken offline since the beginning of last week for the server upgrade. Our new server has a much better HW specs compare to the old one.
We’ve also replaced the great Plone/ZODB/Python with the buggy WordPress/Mysql/PHP for our website. I myself really like the Zope Workflow and Zope Object Database with the great fine-grained access control but many members doesn’t like Plone and it’s a bit slow especially on a few years old HW with only 1GB RAM (there were 03 Plone’s instances running for vnsec, vnsecon and vithon.org websites which used all of the 1GB memory).
I don’t trust PHP & PHP Apps. WordPress/PHP, with a massive number of security bugs in the past, makes me feel unsafe :). Secunia has a good list of WordPress 2.x vulnerabilities and 07 bugs are still unpatched.
But on the other side, WP has some really nice plugins and themes which save my time. It’s like replacing the great & responsible old lady babysitter to a new sexy but “dangerous” young college girl. I hope that some additional protection layers and access restriction to the backend would help to save my a$$ from WP’s bugs.