Project InfoSponsor & PartnerInstalling ispCPFAQDocumentationDevelopment
Current time: 05-19-2024, 10:45 PM Hello There, Guest! (LoginRegister)

ispCP - Board - Support / ispCP Omega Development Area / General discussion v / Why is Awstats implemented? -> security risk

Post Reply 
Why is Awstats implemented? -> security risk
Author Message
petzsch Offline
Junior Member
*

Posts: 43
Joined: Mar 2007
Reputation: 1
Post: #15
RE: Why is Awstats implemented? -> security risk
As far as I remember there was an issue in 6.4 that could be exploited by manipulated URLs in logfiles. So this version was even affected when awstats generated static html files.

It wasn't really the nature of the bug that fuzzed me, but the time that it took to mend it in the public releases. But I guess if one is unforgiving, than even anything labeld VHCS would not be worth considering to be installed because of it's history.

Just my $0.02 Smile

I agree that there should be an option for the admin to decide about this, perhaps even to enable both and to let the reseller/customer make an individual choice (if both where enabled by the admin).
03-21-2007 06:35 AM
Find all posts by this user Quote this message in a reply
Post Reply 


Messages In This Thread
RE: Why is Awstats implemented? -> security risk - petzsch - 03-21-2007 06:35 AM

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | isp Control Panel ( ispCP ) | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication