Move to WordPress from XOOPS ?

Anyone please ?

Normally I’d say ‘don’t bump, if no one answered, obviously no one knows’ but at 2 months… A lot of this you could google and find out, by the way.

DoS – Nothing I know of. That’s server side stuff, not webapp stuff, at the end of the day

Bad Crawlers – Bad Behavior can help there.

SQL Injection, XSS (not all though), System globals pollution – Built in to WP.

Session hi-jacking – I want to say that’s built in, but also use HTTPS. It helps.

Null-bytes – Not sure what you mean here…

Directory Traversal – NO idea what that means in this case.

Some kind of CSRF (fatal in XOOPS <= 2.0.9.2)

Brute Force – There are brute force plugisn. Use Google.

Camouflaged Image File Uploading (== IE Content-Type XSS), Executable File Uploading Attack – Image uploads are restricted to specific file types.

XMLRPC’s eval() and SQL Injection Attacks – Built In

SPAMs for comment, trackback etc. – Akismet.

Hi Ipstenu, thanks for your reply, very informative. We don’t allow new registrations, or comments on the site, so in some ways, it is ‘protected’. Possibly a https login would be better than what I use now.

The server I use ‘catches’ instances of where people try to pass a url/uri from another site, or when people try to pass code in the url, etc. It returns a 406 or a 404 most times, and they get a ‘message’.

I guess when everything is installed, take a backup of the site, and use one of the plugins to see if anything has ‘changed’.

Thanks,

pete

Yeah, generally speaking I say that server security is NOT the job of my web app, but of me, a big stick, and the beefy dudes I hired to protect my server ??

If you’re relying on WP (or ANY web-app) to be the totality of your site protection, you’re a brave, brave man.

If you’re relying on WP (or ANY web-app) to be the totality of your site protection, you’re a brave, brave man.

Yes, that’s for sure. The bottom line is server security, which comes to do how well ‘bedded down’ the server admin person/s can make it. The good thing about XOOPS Protector, though, was that ‘everything’ (every request) went through the Protector module, so whatever modules were added (like WP plugins), they all passed through Protector first.

Well, everything went okay, importing all the XOOPS data into WP. There were a few hiccups of course, but now sorted out, and the security side of things is as bedded down as I can make it at present, but I may do some extras later.

In regards to the XOOPS modules ..

* Headlines – I will look into various plugins soon, no rush there.
* Links – I see there is a simple menu structure within the widgets, that may suffice for now.
* Sitemap – Have installed the plugin google-sitemap-generator. I don’t like the idea of a plugin ‘automatically’ writing to a file on my site, so just ran it once and disabled it. Only to be updated manually from now on.
* Contact Us – I’m sure there will be some plugins to do that.

I installed plugin WP-Optimize, to remove the garbage from the posts table, and used wordpress-importer to load the data from XOOPS.

All in all, I’m happy with WP, it loads much faster than XOOPS, and isn’t so ‘cluttered’.

Sitemap’s can be done to virtual files (I think https://www.ads-software.com/extend/plugins/wordpress-seo/ does that)

Contact us, there are LOADS of plugins ?? I use Grunion.

Thanks, I will have a look at WordPress seo plugin. ??

Hi guys, what about gConverter? My friend has asked them and they’ve converted his XOOPS CMS to WordPress CMS and even XOOPS Forum to Simple:Press forum plugin for WordPress, so he has got nice WordPress site with Simple:Press forum.

chris0m – if you want to pay the money, then do it that way. But it usually wouldn’t be needed, for a ‘content only’ XOOPS site. However, if you have forums or many other XOOPS modules, then the ‘move’ to WP is more complicated, and therefore may require to employ the services of a company like gConveter.