Quite a statement, but then you haven't given a single valid argument to explain why.
I wasn't sure I needed to guide you as well as inform you through the reply.
So you're saying WordPress is more secure because it's constantly being hacked? If you say so.
I am actually saying that, or do you prefer exploits to be their but left uncovered?
So you're saying WordPress is secure ... if you spend a load of time locking it down.
Once again you choose to understand things in a unified manner. Hint: My comment was includes you're other platforms too! E.g. OpenCart will be a piece of cake to hack if the web server is vulnerable. I am not sure on what level of PCI Compliance you had to fulfil previously on your projects but I would assume you didn't have to touch on all aspects of security.
Anyone who knows anything about software development will tell you there's no such thing as "unhackable" software, but it is a fact that WordPress is a target and gets hacked far more frequently than others.
I agree, there is no such thing as unhackable software, but I rather be informed if I have an exploit in my system rather than it popping in my face few years down the line.
I agree - undiscovered by developers and by hackers alike, and therefore more secure.
Back to nonsense, you do realise there are people out there who's job is to hack websites for profit and they are smart enough not to use it excessively, which means they won't be giving away their exploits until a good platform veteran finds the exploit and reports it! Therefore, any of your platforms is more likely to be sitting on a major exploit being used by a few hackers with little chance of it being discovered because of the small contributor base.
Perhaps, but that doesn't make it any less damaging when your site is hacked.
True, same thing stands true to the rest of platforms. So due diligence is needed.
This should shed some light:
I can't post links yet, so search for "IBM - Data breach statistics - United Kingdom" The infographic should confirm my allegations.
I wouldn't really call it an exploit if it's not dangerous and doesn't allow the hacker to do any damage.
True, but again what is damaging? Just monetary theft? Defaced website? What about stolen patient information from a dentist booking system? Perhaps something to consider, it all depends on the application.
So for every plugin you install you have to change it so it appears you're not using it? Sounds like a lot of expensive developer work.
Once again, you sound like you have rarely used WordPress. One plugin can hide everything for you! No developers, no custom work, one cheap plugin. I would suggest you get yourself accustomed with it before giving advice!
True. But you can use that on any site, WordPress or not.
Indeed. It is as important to WordPress as other platforms.
Back to my first point - if you want a blog, use blogging software like WordPress. If you want a CMS site, use CMS software like Concrete5. If you want a forum, use forum software like PHPBB. If you want an ecommerce site, use ecommerce software like OpenCart or Prestashop. Quite simple logic really.
Once again I disagree, because sadly as much as I would want to use one thing for everything it doesn't always fulfil my goals. Not all standalone eCommerce solutions have the options needed by certain applications. The same applies to forum software.
Things can get more messy when you would like an eCommerce platform that integrates with a forum where a single login would be used. You would endup having to create custom integrations inbetween, which is highly likely to not be as good as having many plugins which were made to connect to the same skeleton (WordPress).