From: Dan F. <dfr...@cs...> - 2005-01-13 16:29:23
|
The machine that runs wikilens.org was hacked through an old unpatched instance of PhpBB2. This delayed our release of MoonBadger, which by the way Reini, has a few primitive auto-complete textboxes, though not through the cool server-side XML-RPC. We'd love that, although it would require PhpWiki responding quickly. I don't know performance now, but our pages are around 1s, pretty slow for autocomplete, although page render is probably more work than returning a few autocomplete results. Aside from that, it made me wonder about the security of PhpWiki. If I get hacked again, our systems support will frown at me even more, and we have several PhpWikis running, some externally visible (like wikilens). Are there known exploits in 1.3.7 or 1.3.9? Has somebody thought about security? Is there a writeup somewhere I can read? Thanks in advance. Dan |