phpbb seo_phpbb和安全性
phpbb seo
Man, do I have a lot of todos! I was going through my posting drafts on this blog and found this 1 year old piece (from Aug 10th, 2005). I remember I was responding to this blog posting, but at some point I desided that I don't have the time to finish it, so I saved it as a draft. Well, one year was not enough to finish it, so here is the a draft as part of my postings cleanup.
伙计,我有很多待办事项! 我正在浏览此博客上的发布草稿,发现了这件已有1年历史的作品(从2005年8月10日开始)。 我记得我是在回复此博客文章 ,但是在某个时候,我感到我没有时间来完成它,所以我将其保存为草稿。 好吧,一年还不够完成,所以这是草稿清理工作的一部分。
--
-
Nice posting, thanks! I just want to add something on the phpBB part of it. OK, PHP is the most popular, compared to the other web languages, hence the most security issues with it. Well, I can apply the same logic to phpBB and phpMyAdmin. Everybody uses phpMyAdmin and phpBB is probably the most popular BB package out there. phpBB is an open (therefore exposed) source package and being also a bulletin board package makes it a nice target. Any BB site out there has has its kids that hate it and want it hacked, defaced, DB-emptied, userbase-exposed or otherwise dead. So they start digging every single regexp looking for a "door". And they find it, one after the other. It's normal, we all know that there's no such thing as a secure or bug-free software.
不错的帖子,谢谢! 我只想在phpBB部分添加一些内容。 好的,与其他Web语言相比,PHP是最受欢迎的语言,因此它带来了最多的安全问题。 好吧,我可以对phpBB和phpMyAdmin应用相同的逻辑。 每个人都使用phpMyAdmin,而phpBB可能是那里最受欢迎的BB软件包。 phpBB是一个开放式(因此公开的)源程序包,并且它也是一个电子公告板程序包,使其成为不错的目标。 那里的任何BB网站都有其孩子讨厌它,并希望它被黑客入侵,污损,DB清空,用户群暴露或以其他方式死亡。 因此,他们开始挖掘每一个正则表达式以寻找“门”。 他们找到了,一个接一个。 这很正常,我们都知道没有安全或无错误的软件。
I don't say that phpBB's code is perfect (is there a perfect code?!), but I don't think phpBB should pay for all the sins of all PHP devs out there. We all make mistakes, that's nature. And it's not nice to call each other names in such situations. Two examples - PEAR's recent XML_RPC expliot (you cannot say that Stig Bakken can't hack in PHP) and a blog posting about some omissions in this PHP security guide!
我并不是说phpBB的代码是完美的(是否有完美的代码?!),但是我不认为phpBB应该为所有PHP开发人员的所有罪恶付出代价。 我们都犯错误,那是自然。 在这种情况下互相称呼是不好的。 有两个例子-PEAR最近的XML_RPC Expliot(您不能说Stig Bakken不能用PHP入侵)和此PHP安全指南中 有关某些遗漏的博客文章 !
--
-
Update from Aug 31st, 2006: I really like this piece Harry Fuecks wrote ovet at SitePont. Hopefully the "war" is over and people no longer point fingers at each other, but learn from each other's mistakes instead.
2006年8月31日更新:我真的很喜欢哈里·福克斯(Harry Fuecks)在SitePont撰写的《神兽》 。 希望这场“战争”结束了,人们不再互相指责,而是从彼此的错误中学习。
Being able to see many shades of grey rather than black and white could be another point to add to the ideal profile. PHP (and security) is a good case in point—what strikes you as a smarter response: screaming PHP sucks or understanding that it’s popular and doing something to improve the situation?
能够看到许多灰色而不是黑白的阴影可能是增加理想轮廓的另一点。 PHP(和安全性)就是一个很好的例子-令您感到更明智的选择:尖叫PHP很烂或了解它的流行,并采取了一些措施来改善这种情况 ?
Tell your friends about this post on Facebook and Twitter
在Facebook和Twitter上告诉您的朋友有关此帖子的信息
phpbb seo