From 7b0bdf8fb91fbff140a73830150eaf0066d6c459 Mon Sep 17 00:00:00 2001
From: lapineige <lapineige@users.noreply.github.com>
Date: Sun, 5 May 2019 21:13:00 +0200
Subject: [PATCH 1/2] Add a warant about wordpress risk

Fix #30
---
 README.md | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/README.md b/README.md
index 939fd62..2bdffd5 100644
--- a/README.md
+++ b/README.md
@@ -47,6 +47,15 @@ Supported, with LDAP and SSO.
 
 * Multisite only available on subdirectories.
 
+**Security**
+
+Please be aware that Wordpress is known for being frequently a source of security risks https://en.wikipedia.org/wiki/WordPress#Vulnerabilities, and also as the most popular (source: https://en.wikipedia.org/wiki/WordPress) website management system it is a target for bots and attackers.
+Some vulnerabilities might let an attacker breach into your wordpress, or even your Yunohost server (via privilege escalation).
+
+Don't forget to comply with good security principles (strong password, frequent updates, don't add unknow code in your theme/extensions…). In particular, *please keep your wordpress as up-to-date as possible*.
+
+Furthermore, you might take a look at this guide: https://codex.wordpress.org/Hardening_WordPress. You might see some benefits in the use of wordpress security plugins.
+
 ## Links
 
  * Report a bug: https://github.com/YunoHost-Apps/wordpress_ynh/issues

From b924fea9a19793f0953686463c40ca679639afff Mon Sep 17 00:00:00 2001
From: lapineige <lapineige@users.noreply.github.com>
Date: Sun, 5 May 2019 21:19:17 +0200
Subject: [PATCH 2/2] fix typo

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 2bdffd5..02d2420 100644
--- a/README.md
+++ b/README.md
@@ -49,7 +49,7 @@ Supported, with LDAP and SSO.
 
 **Security**
 
-Please be aware that Wordpress is known for being frequently a source of security risks https://en.wikipedia.org/wiki/WordPress#Vulnerabilities, and also as the most popular (source: https://en.wikipedia.org/wiki/WordPress) website management system it is a target for bots and attackers.
+Please be aware that Wordpress is known for being frequently a source of security risks (https://en.wikipedia.org/wiki/WordPress#Vulnerabilities), and also as the most popular website management system it is a target for bots and attackers.
 Some vulnerabilities might let an attacker breach into your wordpress, or even your Yunohost server (via privilege escalation).
 
 Don't forget to comply with good security principles (strong password, frequent updates, don't add unknow code in your theme/extensions…). In particular, *please keep your wordpress as up-to-date as possible*.