Posts tagged "security"

2 posts found.

March 01, 2026 17 min read

The WordPress Paradox: The Web's Most-Attacked CMS Scores Above the Web Average on Every Quality Dimension

We cross-referenced ~1.06M WordPress sites against SEO, AEO, EEAT, WCAG, readability, privacy, and brand-safety grades in LLMSE's 3.4M-URL index. The CMS that owns 41.9% of the web and 91% of plugin vulnerabilities scores above the web average on all six quality dimensions. Its EEAT pass rate is 59.8% vs 45.4% web-wide — and even on the strictest A+B trust bar it leads 31.0% to 21.5%. Cloudflare-fronted WordPress passes SEO at 3.5x the nginx rate; Vietnamese and Turkish WordPress optimize hardest of all.

February 25, 2026 15 min read

The Infrastructure Concentration Index: Only the Server Layer Is Concentrated — DNS Has De-Concentrated and Email Is Merely Moderate

We recomputed the Herfindahl-Hirschman Index across three infrastructure layers — web servers, DNS, and email — from 3.17M server headers, 1.66M nameserver records, and 1.05M mail records in LLMSE's index. Only the web-server layer (HHI 2,013) clears the antitrust 'concentrated' line, and that is a software artifact: Apache and nginx are open source. DNS has fallen to a competitive HHI of 947 and email is only moderately concentrated at 1,549. No single provider crosses the DOJ 30% structural-presumption threshold in any layer.