Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: phpBB https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188410 wtogami@xxxxxxxxxx changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |wtogami@xxxxxxxxxx ------- Additional Comments From wtogami@xxxxxxxxxx 2006-04-09 15:44 EST ------- > Secondly, it complains that there is an htaccess file in the distribution: > E: phpBB htaccess-file /var/www/phpBB2/cache/.htaccess > This is where phpBB stores it cache data, and this .htaccess file explicitly > disallows any direct requests for those files. Thus, this seems reasonable > ignore, also. By default httpd.conf doesn't allow htaccess overrides, so the effectiveness of this .htaccess is not great. I am pretty sure this directory doesn't need to be in a web accessible directory at all. You could patch the default directory so that it uses someplace like /var/cache/phpbb instead (not sure, I haven't tested this)? About PHPBB security, it is actively maintained, but has a long history of repeated security holes. I've seen many Linux servers become compromised by script kiddies due to past PHPBB holes. If PHPBB gets into Fedora, the maintainer(s) *MUST* be vigilant in updating the package quickly when upstream makes a new release. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug, or are watching the QA contact. -- fedora-extras-list mailing list fedora-extras-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-extras-list
