[BangPypers] [OT] language fanaticism

Baishampayan Ghose b.ghose at gmail.com
Thu Jul 14 07:01:30 CEST 2011

>> why ?  any personal bad experience or some technical reasons?
> many bitter experiences - security is a nightmare for php apps. Take a
> look at the number of security updates wordpress has per *month* - more
> than django has had in 6 *years*.
> http://wordpress-security.net/wordpress-software-security-updates/
> <<<--- do you want to live on the edge like this?
> Most LUG sites run php, maintained by 'experts' - they are regularly
> spammed or cracked even when the most draconian lockdown/captchas are
> implemented. Volunteers just do not have the time to spend half their
> nights applying security patches.
> <quote>
> Important note about updating Themes:
> If you have made **any** changes to your theme (tweaking things in
> style.css or changes to the template files), the changes will be
> overwritten when the theme is updated. Be ready to re-do the changes
> after updating.
> <unquote>
> what fun!

I don't understand how Django apps can automatically guarantee a
certain level of security while PHP applications can't. Are you trying
to indicate that each and every Django app that you've built is free
from any security hole?

IMHO if an application is insecure, it's the programmer who is to
blame and not the language/framework.


Baishampayan Ghose
b.ghose at gmail.com

More information about the BangPypers mailing list