top | item 41653267

(no title)

> I'm pretty sure WP Engine could patch Wordpress to use its own infrastructure, so this isn't a really as much of a security risk as people claim.

Patching core WordPress is straightforward, but there's also tens of the thousands of plugins and themes on WordPress.org. Until WP Engine can create a mirror of the plugin and theme repos, there will be security risks.

discuss

porker|1 year ago

Mirroring is not difficult, I've done it in order to perform code analysis on plugins at scale.

martpie|1 year ago

Well, it definitely becomes harder when you cannot (officially) access any of the WP infra, including themes and plugins.