Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

phpbb autoinstallation security problem

Discussion in 'Security' started by Radio_Head, Dec 19, 2002.

  1. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    343
    Hello,

    the autoinstallation of phpbb 2.0.2 with cpanel has a security problem , in fact at the end of installation it mantains following
    files and dir

    update_to_202.php
    upgrade.php
    install.php
    contribs directory

    In fact the installation manual report this ;

    ========================
    8. Important (security related) post-Install tasks for all installation methods
    Once you have succssfully installed phpBB 2.0.2 you MUST ensure you remove install.php, upgrade.php and update_to_202.php files. Leaving these in place is a [b:0617a44257]very serious potential security issue[/b:0617a44257] which may lead to deletion or alteration of files, etc. [b:0617a44257]Additionally you MUST remove the contrib directory once you have utilised any files it contains[/b:0617a44257]. This directory may include files which though very useful, could compromise your board or account. Beyond these essential deletions you may also wish to delete the db/schemas and docs/ directories if you wish.
    With these files deleted you should proceed to the administration panel. Depending on how the installation completed you may have been directed there automatically. If not, login as the administrator you specified during install/upgrade and click the &Administration Panel& link at the bottom of any page. Ensure that details specified in General -& Configuration are correct!
    ========================


    Another good idea should be to provide 2.0.3 instead of 2.0.2 since it fixes some security problem on 2.0.2 .


    Thank you
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    343
    Anyone interested ?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    316
    Location:
    Spain
    Have you contacted Darkorb about this?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice