Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PHP security - PLEASE READ !!

Status
Not open for further replies.
ginx

ginx

Programmer
Feb 1, 2002
8
CA
I have installed a PHP project with IIS :( for a client. He is doing some security testing and is finding that the security software is saying that there are security holes in PHPNUKE which I definitely did not install with the rest of the system. I am not using any component of PHPNUKE and never have. This was a new install of PHP / MySQL. There were a few other projects that also came up in the security check. Can anyone give me some insite as to why this may be happening?

Thanks,
Chris
 
Sort by date Sort by votes
Well, there are security holes in PHPNuke. But PHPNuke is just a bunch of PHP script files to do content management.

Without knowing more information about the hypothetical "security software" your client is using, it's difficult to advise you. It could be that if that security software finds PHP on a system, it automatically complains about PHPNuke. It could be that someone has downloaded and installed PHPNuke.


As an aside -- Thread subjects with "Please Read" are annoying.

Want the best answers? Ask the best questions: TANSTAAFL!!
 
Upvote 0 Downvote
As an aside -- Thread subjects with "Please Read" are annoying.

I dont think so, he just has a problem --that will be hard enough for him without your comments
 
Upvote 0 Downvote
<sarcasm>I agree newbiepg, sleipnir214's comments are useless. There is no reason for him to be listed as this forum's top expert.</sarcasm>

While the statement might be phrased in a more tame manner like please keep subject lines concise, it is important for us all to clearly communicate here. It is difficult for those that want to help to sort through the fluff of unclear subject lines.

In regards to the warning about PHPNuke: most decent security software will offer solutions to repair vulnerabilities. Surely this utility would indicate what needs to be fixed in PHPNuke. Did it warn that IIS was unsecure and recommend that all of IIS should be uninstalled?

If this utility is not of that level then it should not be trusted with the PHPNuke warning.

- - picklefish - -

Why is everyone in this forum responding to me as picklefish?
 
Upvote 0 Downvote
newbiepg:
Phrases such as the following non-exhaustive list are meaningless in a thread title and should be avoided:[ul][li]&quot;newbie&quot; -- the expertise of the poster does not describe the problem[/li][li]&quot;please read&quot; -- someone is going to read the thread sooner or later. That verbiage will not speed the process[/li][li]&quot;help&quot; -- if you hadn't needed help, you wouldn't have posted.[/li][li]&quot;I'm lost&quot; -- your state of being does not describe synopsize the problem[/li][li]&quot;hello&quot; -- just assume you've greeted all 600,000+ fellow members every time you've posted[/li][/ul]

I can't count the number of times fellow TT members have added such verbiage to a subject line at the expense of accurately synopsizing the problem.

Want the best answers? Ask the best questions: TANSTAAFL!!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

cdlvj
  • Question
PHP Debugging
Replies
0
Views
99
cdlvj
cdlvj
SashaBuilder3
  • Locked
  • Question
import CSV file into MySql table in PhpMyAdmin
Replies
0
Views
365
SashaBuilder3
SashaBuilder3
PeDa
  • Locked
  • Question
Unwanted spaces in php HTML mail 1
Replies
4
Views
306
PeDa
PeDa
Mandy_crw
  • Locked
  • Question
How to send sms in PHP using usb gsm modem?
Replies
1
Views
328
vishvajit
vishvajit
lflynnlrf
  • Locked
  • Question
wordpress/ shortcode/ PHP duplicating code
Replies
1
Views
157
spamjim
spamjim

Part and Inventory Search

Sponsor

Back
Top