Toby Inkster wrote:
> Roy Schestowitz wrote:
>
>> I discovered AWStats
>
> I hope you're using a *very* recent version (i.e. 6.4 or above). There are
> some very nasty vulnerabilities in earlier versions.
I am on 6.3. Now you got me worried.
What vulnerabilities? I spot an attempt or two a day to access awstats.pl,
but these attempts are unsuccessful.
> In fact, there are probably a bunch of vulns yet to be discovered, so
> better still put it in its own directory and restrict it by password
> and/or IP address.
Now I am relieved. It is password-protected under my host's servers.
Roy
--
Roy S. Schestowitz
http://Schestowitz.com
|
|