Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

phpBB strikes again

Discussion in 'cPanel Developers' started by chirpy, Dec 30, 2005.

  1. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    22
    Trophy Points:
    463
    Location:
    Go on, have a guess
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,571
    Likes Received:
    439
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    I couldn't agree with you more.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    870
    Likes Received:
    3
    Trophy Points:
    168
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    Does a decent set of mod_security rules help protect against this sort of stuff, especially the XSS? I don't mean as a long-term solution, but just as a little insurance.
     
  4. kris1351

    kris1351 Well-Known Member

    Joined:
    Apr 18, 2003
    Messages:
    963
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Lewisville, Tx
    I was fighting with someone attempting this a couple of weeks ago. The server was fine, but the customer was having their site shut down repeatedly after we sent in notices of issues.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    7
    Trophy Points:
    318
    Location:
    back woods of NC, USA
    anyone know an easier source for this update across our servers ..then to do all of them by hand? I don't see the .19 in my WHM yet ..cPanel taking their time on this one i think :(
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. Jeff-C

    Jeff-C Well-Known Member

    Joined:
    Mar 16, 2004
    Messages:
    116
    Likes Received:
    0
    Trophy Points:
    166
    It's interesting because the announcement at http://www.phpbb.com/phpBB/viewtopic.php?t=352966 seems to imply that the server is not vulnerable because of these issues:

    # [Sec] fixed XSS issue (only valid for Internet Explorer) within the url bbcode
    # [Sec] fixed XSS issue (only valid for Internet Explorer) if html tags are allowed and enabled

    What does "only valid for Internet Explorer" mean?
     
  7. LP-Trel

    LP-Trel Well-Known Member

    Joined:
    Oct 13, 2003
    Messages:
    184
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Nirvana
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. TitaniumHosting

    TitaniumHosting Well-Known Member

    Joined:
    Dec 11, 2004
    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Ireland
    It's beginning to be so annoying that I am strongly contemplating on disabling PhpBB altogether. It's just annoying to have to keep upgrading it, especially when so many people spend hours installing mods etc.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. Jeff-C

    Jeff-C Well-Known Member

    Joined:
    Mar 16, 2004
    Messages:
    116
    Likes Received:
    0
    Trophy Points:
    166
    vbulletin had the same growing pains until version 3.x introduced the plugin system which makes upgrading while keeping most customizations a breeze.
     
    #9 Jeff-C, Jan 17, 2006
    Last edited: Jan 17, 2006
  10. kris1351

    kris1351 Well-Known Member

    Joined:
    Apr 18, 2003
    Messages:
    963
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Lewisville, Tx
    Vbulletin, IPB or SMF have had as many problems as phpBB. They are to they point they are having to release a major fix each and every month now. Some of these releases have been server threatening even on secured boxes.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. typhon

    typhon Well-Known Member

    Joined:
    Feb 17, 2004
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    156
    You might want to take a look at FUDForum. That is a well written forum :)
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice