There is currently a worm floating around that looks for phpbb installs with a specific version (2.0.10) that have a security flaw. As a result of this, and knowning that alot of our hosted sites dont really pay much attention to these issues, we've globally disabled viewtopic from working on the hosting servers.

Until we are able to come up with a global fix we are going to leave this disabled, we apologise for any inconvenience that this will cause.

URL to worm and what it does?

http://www.securityfocus.com/bid/10701/exploit

I've stuck a global 'fix' in place but the best thing to do is update phpbb.

This is actually a pretty old exploit, it was fixed in phpbb 2.0.11 and it's now up to 2.0.20. I've noticed it being used on our hosting box before but not to the extent it was last night, it was actually overloading the server trying to spawn commands.

Jim just don't care

I care
So much that I might update apache on there one day

please continue

time for you to put more limits on the amount of penif in your mouf djzort

please continue

trim

get an s3

get a job

your so haX0r LOL

hmm, technically apache is up to date.... but i didnt know php5 built against apache 1.3. that series of apache is just a distant memory... :P

It wasn't until late last year/early this year ( can't remember exact date ) that apache foundation decided httpd v2 was ready for production servers. You must have a very short attention span for that to be a distant memory.

yeah 1.3 is still maintained, and since php strongly advise using the prefork mpm with apache2 anyway, there's no big urgency to move to apache2