I was wondering about that

An IT security newsletter I get at work led me to a story on SC Magazine. It’s since been edited to correct some of the problems with it.

In its original form, the headline suggested that wordpress.com, the hosted service run by Automattic was suffering from a security problem, and the article ended with a suggestion that this was the second problem the service had had recently.

However, most of the article referred to an alleged problem with the self-hosted software provided by wordpress.org, which is used by many sites including this one. Now as I subscribe to various WordPress related mailing lists, I generally get to hear about actual WordPress issues before they hit the news sites, so I was intrigued enough to wonder what they were talking about to post a comment.

It appears that the actual problem was that whoever runs shared hosting at Network Solutions has been doing it wrong. Somehow, they managed to set the security so that a customer could access other customers’ files, which is generally regarded as a Bad Thing.

Nice to see that the article has been updated to make it clearer that the problem was with the hosting company rather thn WordPress, but I would have hoped that SC Magazine, which in the Ancient Times when it was print-only, used to be rather good, might do a wee bit of fact checking before posting an incoherent and inaccurate story.

Matt has something to say about it on the WordPress Blog.