[clue-talk] warning regarding phpBB
Nate Duehr
nate at natetech.com
Fri May 27 14:18:10 MDT 2005
Angelo Bertolli wrote:
> Yeah, I don't know which is worse: risk getting hacked, or having to
> upgrade every freakin month. I figure this is why they've stopped
> putting the version number on the front page.
It seems that the phpBB folks simply can't write secure code. I
wouldn't put a "production" phpBB site up on a dare -- after seeing
their history of security problems.
Same thing with phpNuke and PostNuke.
Fun software to play with - not so fun to have to keep safe. Seems to
hold true to the old axiom that the more flexible and feature-ful the
software is, the more security holes it probably has lurking in it.
Nate
More information about the clue-talk
mailing list