On 01/02/10 17:09, j debert wrote:
it seems that roundcube is popular.
It seems to be most popular among bots as well, according to what my
apache logs say. I don't have roundcube but there are frequent
attempts to get to php scripts down in the roundcube directories. I'd
probably see orders of magnitude more if it weren't for fail2ban. I
wonder what it is that makes it so popular?
In my job (hosting company) I see boxes exploited via roundcube all the
time. Squirrelmail? Not one so far. Part of the reason is that
squirrelmail comes with RHEL, so it's kept up to date automatically,
while customers install their own roundcube and then don't maintain it.
That said, it's not the only webmail client (or any other web app)
that gets the install&neglect treatment, it's just the one most
frequently exploited.
So if you want to run it, be diligent about keeping it up to date, and
use something like fail2ban.
K
