[WPMU DEV Dashboard] WPMU Dashbord security issues

Hi, we have a bank client who has to have specially secured hosting. We want to use Hummingbird and Smush Pro on their site but their server admin is concerned about security of giving the WPMU Dashbord to the site. Is there something special that you tell bank clients to do to configure WPMU Dashbord securely? Please let me know if I need to ask the server admin any specific questions to make sure eveything is secure.

  • Ash
    • WordPress Hacker

    Hello there Blue Zoo

    hope you're doing good today and thanks for reaching us! :slight_smile:

    After having some feedback from our developers, I can confirm that we're using the general WP coding recommendations, as well as PHP standard practices regarding security. These are our internal code quality and security guidelines that our developers are following.
    We are also doing a fully security audit before initial release, and on major rewrite/releases. For minor releases there's a peer code review. We also use practices that prevent Javascript exploits.
    And of course, if any kind of security bug comes up, it's becoming a high priority for us!

    About connection to our server, the plugin uses curl method, so curl has to be enabled on the server.

    Hope that was some help!
    Have a nice day!

    Cheers,
    Ash

  • Tony G
    • Mr. LetsFixTheWorld

    They trust WordPress but aren't sure about WPMU DEV? Tween us, I think that could be a little backwards. I hope they are as rigorous in checking any other plugins, from independent developers, "somewhere in the world on the internet". Please let us know if you find out exactly what standards they're using to satisfy their security concerns. We have HIPAA, SOX, etc. I don't know what regulatory compliance specs apply to banks in different parts of the world.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.