At the Ref Desk (10/6/18): (Question of the Day): "For how much time can I ask you questions?" I told him we were open till nine. [more...]

Make It Hard to Update Software? Guess What: Then People Won't

Submitted by Leo Klein on Fri, 6/8/18 (2:36am)

Drupalicon Ars Technical reports on the vulnerability of 115,000 Drupal websites to 'hacker takeovers'. This even though a software patch has been available for over 10 weeks.

All I can say is, I'm not surprised. I mean, updating Drupal software is not an easy thing. There is no link or button you can click on which gets the job done. Instead, the programmers have built a command-line interface using Drush (or whatever) thus coming up with a method which only a programmer would love. For this reason, when you go through comparisons of CMS's routinely making the rounds, 'easiness of updating' for Wordpress rates as 'easy' while for Drupal, it rates as 'difficult'.

"Difficult"? Is it any wonder then that an almost predictable result is a significant time lag before updating? This is not rocket science.