Oddbean new post about | logout
0d1533db | 1 years ago (raw) | export | reply | flag +1 
 From the Siteground Security plugin for WordPress. It's no wonder RSS struggles to maintain traction. (I'm not disabling my feeds, I don't care how "insecure" it might be).

https://media.social.lol/media_attachments/files/111/148/657/494/182/265/original/c417aecf9fe4a16c.png
Haelwenn /элвэн/ :triskell: | 1 years ago (raw) | root | parent | reply | flag 
 @8714de25 Attacks via RSS/Atom? What the hell.

And the entirety of the web pretty much means that scrapping is an occasional hazard (and quite a feature when it comes to archiving).
11fb17e5 | 1 years ago (raw) | root | parent | reply | flag 
 @jbaty this seems somewhat odd and anti open net.

I am wondering about the insecurity claims. Is there anything about attacks via rss feeds? I suppose wordpress may generate it on demand, but it typically is just static content like CSS, html, images, etc. There is no interactivity from the client side.

Does anyone know if these claims are in the slightest based in reality?
7624500e | 1 years ago (raw) | root | parent | reply | flag 
 @8714de25 I complained to their support team when I noticed that the feature was listed as “recommended”.

I don’t necessarily mind it being an option, but it definitely shouldn’t be framed as a security issue or be listed as “recommended”.

I’m more than a little annoyed that they haven’t changed that.