Monday 13 June 2016

Dangerous design flaw in wordpress

Wordpress insists on storing fully qualified URLs all over the place. Especially in the database. This means that if you restore a backup of a wordpress installation onto another machine (a test/dev machine for example), you can unexpectedly end up being switched to the live site at any moment.

Add to this the fact that as previously complained about, the whole thing is stored in the database, so you are logging into a dev machine with the same user account as live, and the potential for catastrophe is huge.

No comments:

Post a Comment