ujr

Well-Known Member
Mar 19, 2004
290
0
166
Everything has the potential of being insecure, and not because it is in PHP or some other language. A poorly locked down server, for instance can be a far greater threat, imho, than using any online billing software, regardless of it's strengths and weeknesses.

As SoftDux points out/alludes to, if you need to evaluate the code, and are up to the level, you can take your own precautions using open-sourced solutions, such as SolidState, which in my opinion, has a lot of promise.

Nevertheless, you've got to go with what you feel comfortable with and that fits your business model.
 

kistler

Well-Known Member
Jan 27, 2005
133
1
166
This is a tad of topic...
all written in PHP, the most insecure language on the internet.
It not the language that is insecure, it’s who writes and makes use of the language at hand that makes the script insecure.

Since PHP is much easier to grasp then other languages and a much wider used language I am sure more people will be scripting insecurely. You can’t secure your script if you don’t know the language and how to use it.

Yes there are languages that have been built for security but still you can never have high Usability, Visibility, and Security all equally strong within the same script on any language.

...

Anyway I am awaiting for SilverStar / whoiscart "upgrade" to be relased as I have a feeling this will be the best result. As said before if cost is an issue whoiscart is very nice but is outdated a little.
 
Last edited:

brianoz

Well-Known Member
Mar 13, 2004
1,146
7
168
Melbourne, Australia
cPanel Access Level
Root Administrator
Funnily enough, noone's mentioned AWBS - which I would have thought was very well known and supports all you need.

Either run phpsuexec or run your billing application on a server that does not run customer sites. If you don't do that you're leaving yourself wide, wide open for a horrible, miserable attack (can you say, "they read my entire billing database like a book"?).
 

Host4u2

Well-Known Member
Mar 24, 2002
248
0
316
apology in order...

I agree with the rebuttals on "php being insecure". Comparatively, it is, but again, any language can have vulnerabilities... agreed! It's more of a case of many php developers sacrificing security for functionality (certainly, not all). Yes, we are selectively using php programs, and I should have been much more selective in my choice of words. I offer my public apology for coming off as I did.

AWBS (written in php) is very attractive, and supports everything mentioned in this thread. Also, their track record for support and upgrades/patches is impressive.
 
Last edited: