+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Development Area (/forum-1.html)
+--- Forum: General discussion (/forum-11.html)
+--- Thread: Why is Awstats implemented? -> security risk (/thread-74.html)
Pages: 1 2
RE: Why is Awstats implemented? -> security risk - BeNe - 03-17-2007 01:58 AM
BioALIEN Wrote:I prefer AWStats to Webalizer. I know more newbie sys admins will convert to VHCS Omega because of this fact
They change their Panel only for more Design and nicer stats ?
RE: Why is Awstats implemented? -> security risk - BioALIEN - 03-17-2007 02:00 AM
Of course
Sys admins nowadays are lazy, they want things working nicely out of the box and this includes nicer stats. Isn't this the goal of this project? 
RE: Why is Awstats implemented? -> security risk - BeNe - 03-17-2007 02:48 AM
Full ACK. But i never would change a running system for some new Design or Stats
RE: Why is Awstats implemented? -> security risk - RatS - 03-17-2007 05:15 AM
AWStats 6.6 is secure, there are no known vulnerabilities yet; I use it for at least 11 Month now...
RE: Why is Awstats implemented? -> security risk - petzsch - 03-21-2007 06:35 AM
As far as I remember there was an issue in 6.4 that could be exploited by manipulated URLs in logfiles. So this version was even affected when awstats generated static html files.
It wasn't really the nature of the bug that fuzzed me, but the time that it took to mend it in the public releases. But I guess if one is unforgiving, than even anything labeld VHCS would not be worth considering to be installed because of it's history.
Just my $0.02
I agree that there should be an option for the admin to decide about this, perhaps even to enable both and to let the reseller/customer make an individual choice (if both where enabled by the admin).
RE: Why is Awstats implemented? -> security risk - RatS - 03-21-2007 05:26 PM
there would be the opportunity to choose AWStats or let it. Not more, not less at first!
RE: Why is Awstats implemented? -> security risk - BeNe - 03-21-2007 06:02 PM
I think thats enough at first....