The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

phpBB strikes again

Discussion in 'cPanel Developers' started by chirpy, Dec 30, 2005.

  1. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,480
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    I couldn't agree with you more.
     
  3. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    Does a decent set of mod_security rules help protect against this sort of stuff, especially the XSS? I don't mean as a long-term solution, but just as a little insurance.
     
  4. kris1351

    kris1351 Well-Known Member

    Joined:
    Apr 18, 2003
    Messages:
    963
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lewisville, Tx
    I was fighting with someone attempting this a couple of weeks ago. The server was fine, but the customer was having their site shut down repeatedly after we sent in notices of issues.
     
  5. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    anyone know an easier source for this update across our servers ..then to do all of them by hand? I don't see the .19 in my WHM yet ..cPanel taking their time on this one i think :(
     
  6. Jeff-C

    Jeff-C Well-Known Member

    Joined:
    Mar 16, 2004
    Messages:
    117
    Likes Received:
    0
    Trophy Points:
    16
    It's interesting because the announcement at http://www.phpbb.com/phpBB/viewtopic.php?t=352966 seems to imply that the server is not vulnerable because of these issues:

    # [Sec] fixed XSS issue (only valid for Internet Explorer) within the url bbcode
    # [Sec] fixed XSS issue (only valid for Internet Explorer) if html tags are allowed and enabled

    What does "only valid for Internet Explorer" mean?
     
  7. LP-Trel

    LP-Trel Well-Known Member

    Joined:
    Oct 13, 2003
    Messages:
    184
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Nirvana
  8. TitaniumHosting

    TitaniumHosting Well-Known Member

    Joined:
    Dec 11, 2004
    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Ireland
    It's beginning to be so annoying that I am strongly contemplating on disabling PhpBB altogether. It's just annoying to have to keep upgrading it, especially when so many people spend hours installing mods etc.
     
  9. Jeff-C

    Jeff-C Well-Known Member

    Joined:
    Mar 16, 2004
    Messages:
    117
    Likes Received:
    0
    Trophy Points:
    16
    vbulletin had the same growing pains until version 3.x introduced the plugin system which makes upgrading while keeping most customizations a breeze.
     
    #9 Jeff-C, Jan 17, 2006
    Last edited: Jan 17, 2006
  10. kris1351

    kris1351 Well-Known Member

    Joined:
    Apr 18, 2003
    Messages:
    963
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lewisville, Tx
    Vbulletin, IPB or SMF have had as many problems as phpBB. They are to they point they are having to release a major fix each and every month now. Some of these releases have been server threatening even on secured boxes.
     
  11. typhon

    typhon Well-Known Member

    Joined:
    Feb 17, 2004
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    6
    You might want to take a look at FUDForum. That is a well written forum :)
     

Share This Page