Yo !
> > UBB was quite sloppily written and requires patching and constant
> > monitoring. CGI-Wrapping and 750 solves the problem usually.
> Can you advise us on the patching required and the kind of
> constant monitoring?
1. Modify the password to be saved to be crypt(x,y)
2. Move the Members directory out of CGI. (create an outside
directory to store the members files in)
3. Move all controlpanel.html out of the normal CGI directory)
4. Install CGI-wrap
5. Remove 777 and 755s.. 700 should be enuf since it's running as
owners
6. Monitor via grepping of admin CGIs.
7. Backups
8. Quite a few more i'll to remember and post here...
Elvin
-
