According to Netcraft a number of hosting companies are banning the use of phpbb.
Considering the number of security issues that the open source bulletin board software has had in the last 8 months, this move is not particularly surprising. However, as a spokesperson for the developers rightly pointed out:
While phpBB has and no doubt will continue to suffer from exploits (show me a piece of software that doesn’t!) we have consistently addressed such issues very quickly
Although this may be true it is also an obvious source of headaches for hosting companies. Some control panel software, such as cpanel is capable of upgrading existing installs on servers automatically, however this will only work if:
- You have configured it to do so
- The install has not been customised beyond recognition
- The script was installed via cpanel and not manually
In the world of shared hosting it is impossible to maintain complete control over every single script that users install. To do so would add an unwieldy administrative overhead.
So what can hosts do?
Banning phpbb is an option in some cases, but it’s hardly a viable one. It is far too popular to simply turn off.
Unlike form to mail scripts, phpbb is not easily replaced with an alternative, as so many users would rely on hacks and tweaks that only work with it.
Interestingly enough both Netcraft and the phpbb team fail to cite any examples of hosts banning the scripts usage, so you could consider the headline almost anecdotal
Leave a Reply