So after having many wordpress and pivotx blogs hacked lately I will be switching to simple php websites - only using include command. Would they be secure against hacking?
Just having secure scripts does now make your website hack proof, it also depends on how the server is configured on which the website is hosted
But attacks on servers occur when someone targets it specifically it's it? It's much more complicated/time consuming. Usually hackers (or should I say "kids" with too much time on their hands) just use some kind of "hacking toolkit" that targets new-found vulnerabilities in popular scripts. That's why I want to switch to simple php - it should be 99% more secure than wordpress...?
You are right Avezoom, This would make your site a lot more secure if the code is written well(read about remote file inclusion), it wont make your site hackproof though. There is a few ways you can make wordpress more secure: Make sure your DB and you Directory have default wordpress stuff changed, for example if you keep your login at wp-admin then bots/scripts know where to look and if they try blind SQL injection and your database is not default it wont work. Don't have unused plugins installed. ALWAYS UPDATE EVEYTHING
it should be 99% more secure than wordpress...? Honestly, Wordpress as a CORE (not with plugins) is most secured thing created by humans in php. Issues can be on server! Its like 1 rotten tomato spoils the basket. If you want an 'secured' blog site: 1. Buy a VPS from famous companies like GoDaddy, et cetera. 2. Install WordPress and install theme from trusted source. 3. Keep your kernel up-to-date. Always update apache and kernel. Do a cronjob and save database and files in regular intervals and remember to take regular back up. This way, even if ur ass gets kicked, you can still stand still
If you're buying a server like a VPS or something with root control make sure you have a firewall installed or it won't matter how secure your PHP coding is.
Even HTML web sites are hacked, so when you will use out dated/ un reliable scripts, bad coding or give write permissions to files/folders, any web site can be hacked.
Any website is vulnerable to hacking attacks. There are various hacking types. You can never 100% secure your website. But you can minimize. Thats all you can do...