Security of failed update/rollback

[mahnunchik]

As discussed on the previous devchat in case of failed update/rollback there are email notifications.

Idea is good: any errors related to Core, Plugin or Theme update should be reported to an email of admin as soon as possible.

But in the real world there are too few properly configured mail servers in wordpress and servers at all. Actually there is no good documentation how to set up email: https://wordpress.org/search/mail

In addition there are a lot of lazy administrators with email addresses like admin@example.com or something similar.

Thus so many really important mails about failed update/rollback will be send to /dev/null. It is security issue because website will be inconsistent state indefinite amount of time (for example login plugin not updated and not rollbacked).

1. Do you know how many wordpress installs have properly configured mails?
2. How to motivate admins to use real email addresses?
3. Maybe there is sense to prepare good documentation about mailing in wordpress?
4. Should auto-updates plugin works at all wothout properly configured emergency notifications?

[audrasjb]

Hi, thank you for sharing your thoughts,

This issue (if there is an issue) should be addressed on the whole WordPress project, and not only for this feature plugin. I'd recommend to open a Trac ticket for this 🙂

Also, please note that since WordPress 5.3, there is already an email verification system.

Cheers, Jb

[mahnunchik]

Hi @audrasjb

Ok, I will open a Trac ticket.

Email verification system is good, but there is The email is correct security killer button... I'm fixing right now one more website with admin@admin.com admin email address 🤦

Update: https://core.trac.wordpress.org/ticket/49963