I currently have a client's website on Wordpress, but I have had major issues with the site being hacked several times in the last 2 weeks, despite adding many security measures. I am thinking of changing to SilverStripe. Are there any known problems with hackers on SilverStripe websites? What kind of support could I get if the site was hacked again while using SilverStripe? Is it possible that since the hacker has already been able to access my client's site, they will continue to attack that domain regardless of what CMS I use? My client needs some reassurance - any information I could pass on to him would be most welcome.
We've moved the forum!
Please use forum.silverstripe.org for any new questions
(announcement).
The forum archive will stick around, but will be read only.
You can also use our Slack channel
or StackOverflow to ask for help.
Check out our community overview for more options to contribute.
Well I don't think any system would want to claim it is 100% secure but we do have semi regular security audits of the core and any security issues which are found and emailed to security@silverstripe.org are normally handled with the upmost urgency and any fixes are released ASAP.
You can follow the security releases on http://groups.google.com/group/silverstripe-announce.
But as with any system a whole bunch of ways an attacker can get in. Even through weak passwords and / or insecure project code.
We also have a page dedicated to secure development which any SS developer should read http://doc.silverstripe.org/doku.php?id=secure-development