Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Updates / Re: Very Strange Update beahviour (every 4 hours), what is going on? (Worried)
« on: July 09, 2016, 01:21:06 PM »Yes code is for reason obviously encrypted... There are hundreds sites like this using same protection to hide code from eyes and keep it hard to see it and find easy bugs and exploit them... This give some time to developers to fix errors if they update panel and missed something.
I'm going to take it easy on you since it is obvious there is a comprehension issue occurring on your part. I am fully aware of the various technologies used to protect source code. That is not the issue. The issue is having a major security flaw present for almost a week now, and having the devs basically say "oh, nothing to worry about - move along!". Along with their nonchalant replies regarding their slow GUI leaves one with a rather......Bad taste in their mouths.
If you are so skilled why do you use free panel when there are something like webmin old enough and known for sure maybe there are not bugs inside?Does Emeril Lagasse go to mcdonalds? I'm sure he does. If he is a master chef - ? That makes him a s#it chef! Same line of thinking on your part. Even though I could, you are right, for-go the control panel all together - I do like to test out new technologies and offerings. It's only human to be curious.
For sure if someone wanna to hack your server and have knowledge you are gonna be fu... does not even mater what are you using.
That is 100% correct. But by using CWP, you and the rest of the users are/will make it considerably easier to let hackers into your systems.
Well maybe its encrypted for some other reason maybe they will sell it later who knows.That would be funny. Doubt there would be any buyers. Not only that - but I'm pretty sure the REAL CENTOS would sue the pants off of them for unauthorized use of their name. Surprised they haven't already.
but don't talk like that and send negative picture to other users.If "product x" kills your cat/blinds you/turns you into a babbling idiot - please do not warn other consumers! You will ruin their experience... Pu-lease. I'm not saying anything that isn't true. And if nobody speaks up - nothing will ever get done to fix the serious security issues for the users that still use this product.
Guy's its free what are you expecting
Just because it is free does not mean one should give the devs a pass on glaringly serious security holes in the code. While it's nice to see that CWP has one cheerleader - taking the "Hide your head in the sand" approach does not better the product. CWP needs to hear from real people in the real world.
What they do with that input is up to them, obviously. Seeing their lack of concern though, is a very troubling sign.
2
Updates / Re: Very Strange Update beahviour (every 4 hours), what is going on? (Worried)
« on: July 08, 2016, 11:31:44 PM »
I've had very good luck with webmin on other systems. So, it was very easy to install and setup for me this go-around.
It also offers more freedom and control.
It also offers more freedom and control.
3
Updates / Re: Very Strange Update beahviour (every 4 hours), what is going on? (Worried)
« on: July 08, 2016, 12:41:50 PM »
I would have to disagree that this issue is "not a problem". I've been getting the weird obfuscated emails every 4 hours. It is apparent that something got seriously mangled on centos-wp's side of things.
I am therefore left with no other option than to wipe our testing server clean and utilize a different panel..
Things to consider:
This issue with the obfuscated code has been ongoing since 07/03/16. Any other company would have had this major concern corrected that same day.
Support requests alerting of the issue shouldn't be ignored, and then discounted wholesale with "don't worry it's ok" type remarks.
The gui has been at a standstill as far as development for the last year. It is slow and buggy. When people bring this to cwp's attention - they are told that their server is too slow. Please. I guess everyone that runs cwp has a slow server.
Centos-wp has absolutely no connection with the Centos Linux operating system. The whole reason I installed it, is because I thought it was a project endorsed by the actual Centos company.
Centos released a statement saying that they are not connected, and they are very unhappy that cwp insists on using their name without their permission.
All of the above, but mostly the shoddy support has lead me to this decision.
I strongly suggest others consider doing the same. Without going too deep into it - if you value the security of your server - you should not let another day go by with cwp installed. This is serious, folks.
If on the other hand, you don't mind that all of your data can be easily compromised - please stay with cwp - and keep your head in the sand.
-A concerned former cwp user
(P.S. I have 30 years coding experience, and have been contracted out by various fortune 500 companies for security audits. So, I do know what I am talking about)
I am therefore left with no other option than to wipe our testing server clean and utilize a different panel..
Things to consider:
This issue with the obfuscated code has been ongoing since 07/03/16. Any other company would have had this major concern corrected that same day.
Support requests alerting of the issue shouldn't be ignored, and then discounted wholesale with "don't worry it's ok" type remarks.
The gui has been at a standstill as far as development for the last year. It is slow and buggy. When people bring this to cwp's attention - they are told that their server is too slow. Please. I guess everyone that runs cwp has a slow server.
Centos-wp has absolutely no connection with the Centos Linux operating system. The whole reason I installed it, is because I thought it was a project endorsed by the actual Centos company.
Centos released a statement saying that they are not connected, and they are very unhappy that cwp insists on using their name without their permission.
All of the above, but mostly the shoddy support has lead me to this decision.
I strongly suggest others consider doing the same. Without going too deep into it - if you value the security of your server - you should not let another day go by with cwp installed. This is serious, folks.
If on the other hand, you don't mind that all of your data can be easily compromised - please stay with cwp - and keep your head in the sand.
-A concerned former cwp user
(P.S. I have 30 years coding experience, and have been contracted out by various fortune 500 companies for security audits. So, I do know what I am talking about)
Pages: [1]
