Is Open Source Software like WordPress Secure?
Mostly. But before we begin to discuss the security of Open Source Software (OSS), let’s try and get a good understanding of what Open Source Software actually is. According to Wikipedia, Open Source Software is defined as…
computer software with its source code made available with a license in which the copyright holder provides the rights to study, change, and distribute the software to anyone and for any purpose. Source
Here’s a video that does a great job of breaking down how Open Source Software works. Watch it and meet me after the fold…
The reason why many people argue that OSS is insecure is because the code is freely available to anyone who wants it. Obviously, not every person in this world has good intentions. Bad guys will sprinkle bad code in with good code in order take advantage of the unsuspecting victim. The thing is: this is an inevitable scenario regardless of the openness of the code; ALL code can be hacked. The advantage of OSS is that because there are so many people with a variety of skills all looking at the code simultaneously, finding this bad code is much more expedited. Furthermore, because of it’s open nature, OSS is much more efficient because it can be fixed and re-released much faster than proprietary software.
WordPress is an example of OSS. As reflected in the definition provided earlier, everyone is free to study, change and distribute WordPress whenever and however they want. Additionally, all plugins used in WordPress are also Open Source. Some are free, some are not free, but the code for all of them is open.
The real downside to OSS like WordPress and all its plugins is seen in the form of support and longevity. If the person writing the code decides to stop for any reason, the plugin is no longer supported. Someone else is free to pick up where the previous author left off, but that doesn’t always happen. Fortunately, that’s what we’re here for. We keep up with the plugins used to power the sites we build and if they become unsupported, we’ll find an alternative so you don’t have to.
To summarize, Open Source Software is as secure as the community supporting it. Just ensure that the OSS that you’re using is backed by a committed community. Lucky for our clients, WordPress is backed by a community that spans across the globe! Millions of people use WordPress and many more websites rely on it to serve information to their viewers.
Here’s another resource that will further explain open source software.
About the Author
My professional experience with the web reaches back more than 8 years. During this time, I've been developing sites for individuals and businesses, working on a team of digital experience analysts as well as providing qualitative and quantitative research surrounding web and mobile technology.Jonathan