Comment Re: wait, what? (Score 1) 89
Wordpress provides a large amount of hardening functions like this
...which are completely freaking worthless if they're turned off by default. 99.9% of users will never visit and study every available config option, and the other
Your post is like those who insist that MySQL has safe data settings for those who know how to enable them, while ignoring the fact that almost everyone uses the configuration as shipped. Unsafe by default is an insane and undefensible way to distribute software. In fact, I can't think of a good justification for ever allowing the unsafe values to be set.