iBlog - Ilia Alshanetsky

Entries from Friday, July 8. 2005


Quicksearch
Calendar
Back July '05 Forward
Sun Mon Tue Wed Thu Fri Sat
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31            
Syndicate This Blog

Friday, July 8. 2005

Webhosts have had enough! Posted by Ilia Alshanetsky in PHP at 15:54

Comments (9)
Trackback (1)

Webhosts have had enough!

It seems web hosting companies are finally coming to grips with something most security experts have known for quite some time, phpBB is inherently insecure. According to Netcraft
some are taking the steps to prevent further exploitation via this application by banning its usage on their servers.

As per usual phpBB developer's response, they are denying blame and claim such moves are unwarranted, but given their security record during the past 6 months alone this is hardly surprising. Not only are new issues being found, because the developers can't seem to do an security audit, but new versions re-introduce bugs (2.0.15 re-introduced the flaw exploited by Santy worm) that have previously been solved.

I hope other hosting providers will take notice and adopt the same strategy, not only for phpBB2 but for any application with a consistent history of security faults for which the developers do not wish to take responsiblity for. As well as failing to take the time to conduct an extensive security audit of their code.
  • Twitter
  • Bookmark Webhosts have had enough! at del.icio.us
  • Facebook
  • Digg Webhosts have had enough!
  • Bookmark Webhosts have had enough! at reddit.com
  • Stumble It!
« previous page   (Page 1 of 1, totaling 1 entries)   next page »
Frontpage
Guide to PHP Security
Categories
Archives

Blog Administration