Quoting Kay <li...@coffeehabit.net>:
On 01/02/10 17:09, j debert wrote:
it seems that roundcube is popular.
It seems to be most popular among bots as well, according to what my
apache logs say. I don't have roundcube but there are frequent
attempts to get to php scripts down in the roundcube directories. I'd
probably see orders of magnitude more if it weren't for fail2ban. I
wonder what it is that makes it so popular?
In my job (hosting company) I see boxes exploited via roundcube all
the time. Squirrelmail? Not one so far. Part of the reason is that
squirrelmail comes with RHEL, so it's kept up to date automatically,
while customers install their own roundcube and then don't maintain
it. That said, it's not the only webmail client (or any other web
app) that gets the install&neglect treatment, it's just the one most
frequently exploited.
Squirrelmail works nicely, as does Horde, which seems to be quite a
bit more complete (integrated calendar, sharing,etc.), however I
wouldn't put any web app out on the net without using SSL, HTTP Auth
and faiil2ban in front of it. Hacks are much more difficult if the
attacker can't get to the application directory without a valid login.
The http auth box is ugly and somewhat annoying, however there's a lot
to be set for a very stable, low-level, simple authentication mechanism.
Terry
