|
Posted by Sander Holthaus - Orange XL on 02/09/05 05:31
> > :-( The downside would be, IMHO, that I would need to pro-actively
> > check everything that is going on concerning PHP, in order
> to prevent
> > any major problems. (one and a halve month ago, some clients on an
> > other installation who hadn't mainted phpBB also caused me the
> > necessary problems). Also, when clients are non-commercial, a good
> > programmer is out of the question (which applies to this
> case too). I
> > wonder how mass hosting companies get arround these issue's?
>
> To add to this -- I suspect some good hosts actively check
> the directories of their clients, and search for known
> security flawed software, such as specific versions of phpBB
> and formmail.pl and so on.
I could write a PERL-script for that :-) For wide-used scripts (such as
PHPBB) automation would be a doable and good sollution, but for custom
scripts, it will be quite a challenge.
> When you find a client running known security flawed
> software, you deal with them, quickly and politely, but with
> clear cut no nonsense
> requirements:
>
> Upgrade it now or lose the account.
That would be the right thing indeed. Though I do find that many times,
people either have severe technical difficulty upgrading (usually installing
was already quite a tough cookie for them, being used to the more point and
click of Windows). Or perhaps just to the fear of it.
It always comes down to a lack of knowledge and understanding from the user.
Educating users in this regard is not easy.
> Non-profits can always find a free programmer or a donor to
> hire the programmer or...
>
> There are even organizations that exist solely to provide
> services like this to non-profits. One small one I know of
> run by guys in Chicago is
> here:
> http://npotechs.org/
>
> I'm sure that there are others.
Thanks! That looks like a very nice addition to my to-do and to-look-at
bookmark list :-)
Kind Regards,
Sander Holthaus
[Back to original message]
|