Modern blogging software is so sophisticated that it's possible to add kinds of features, from elaborate commenting to complex video widgets. While that can make a site more appealing, it can also increase your level of risk. One of the most rapidly growing problem areas in security is malware which attaches itself to otherwise innocuous web pages. Security software developer Sophos estimates that one new page is infected every 4.5 seconds, and interactive sites like blogsare a major part of the problem. As Sophos' AP head of technology Paul Ducklin explained to me in a recent interview:
If you've decided you need a certain level of modern interactive style functionality web site, you should aim to achieve just what they require and no more with the absolute simplest code base you can. The more ancillary features you have lying around, the more things there are to go wrong. Try to restrict yourself to what it actually needs. Look at how you can install the 5% that you need on the grounds that the less you have lying around, the less you'll need to patch when there's an update. Let's not try and impress everybody -- let's impress people by having just as much as they need. That's an important thing you need to remember when AJAX-ifying your Web presence.
Something to think about the next time you're working on that new blog idea.