polkocholo

Active Member
Nov 22, 2010
42
0
56
I activated Microsoft Frontpage in easyapache
But in ConfigServer Security & Firewall - csf v5.20 ( CSF ) >>>> Check server security display this alert:

Microsoft Frontpage Extensions were EOL in 2006 and there is no support for bugs or security issues. For this reason, it should be considered a security risk to continue using them. You should rebuild apache through easyapache and deselect the option to build them


Is this a bug is dangerous?
Do you need to do to disable this?


Regards
 

Infopro

Well-Known Member
May 20, 2003
17,091
516
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
The message states:

there is no support for bugs or security issues

In other words it's outdated, not supported by MS any longer and probably should not be installed on your server.

CSF security checklist is a great tool of suggestions. You do not need to comply with every one of them.
 

gkgcpanel

Well-Known Member
Jun 6, 2007
214
1
166
cPanel Access Level
DataCenter Provider
I believe that was true for regular installations of Front Page, but cPanel team once mentioned that *their* installation of Frontpage was not susecptable to the security issues from FrontPage. Is this still the case??? Can someone from cPanel chime in here?
 

gkgcpanel

Well-Known Member
Jun 6, 2007
214
1
166
cPanel Access Level
DataCenter Provider
Thanks. I seem to remember however that cPanel once stated that as long as they can get FrontPage to properly compile via EasyApache, they will continue to support it. The first time that they run into problems trying to compile FrontPage via EasyApache, they will then officially stop supporting FrontPage on cPanel.

That's what I'm trying to figure out. Have they (meaning cPanel) officially stopped supporting it? If so, why is it still listed as an option in EasyApache? If not, is it still susceptable to the security issues that plague FrontPage in general?

I desparately want to get rid of it, but I know that I have a handful of customers that still use it, and these people will most likely leave to find another host that still supports FrontPage. I'm trying to avoid that if at all possible. So if someone from cPanel can chime in here and give their 2 cents, that would be great.
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
40
248
somewhere over the rainbow
cPanel Access Level
Root Administrator
We have not officially stopped supporting FrontPage in EasyApache. We do not recommend installing it or using it (this is why it has [ ] Frontpage *DEPRECATED* in EasyApache), but we do still provide it. We do not yet have any announcement on FrontPage no longer being supported either. This does not make it secure or advisable to use.

For example, we provide DSO and that isn't advisable to use on a shared machine unless you have enabled mod_ruid2 with it. We don't advise using PHP 4 (and did drop it recently but supported it until it was removed). Here support means we will work to get the component working if it doesn't function properly after installation.

As for the customers using FrontPage, you might want to have a dialog with each to get them moved over to an up-to-date system for site changes. FTP clients do most of what FrontPage did and ones like Filezilla are free. File manager allows basic revisions on files.
 

NetMantis

BANNED
Apr 22, 2012
116
1
66
Utah
cPanel Access Level
DataCenter Provider
In other words it's outdated, not supported by MS any longer and probably should not be installed on your server.
Infopro is giving you very good advice here!

To say that Frontpage is obsolete would very literally be the under statement of the decade!

Frontpage was formally discontinued many years ago and should not currently be used by anyone at all.

The extensions themselves, way back when they were last produced or supported, at that time were compatible to the servers and web technologies that were available at that time. Unfortunately so much has changed and evolved since those were written that they are no longer compatible with most of servers out there today posing not only substantial potential security problems but also a great deal of compatibility problems as well.

For the first couple of years after Frontpage was formally discontinued, it was fine to continue to support the extensions on your server for users who needed those extensions but that is no longer the case anymore and Cpanel would actually be wise to go ahead and remove them completely from future releases.

If you have a user who absolutely insists on Frontpage, you could setup WebDAV which provides much of the same functionality as the old Frontpage extensions and the old final releases of Frontpage supported that standard.

Ideally however, it's more than long since past time for all users to of migrated to something other than Frontpage and there is no reason to any longer try to support what for the most part no longer works on most of the servers.