{"id":1770,"date":"2013-10-24T14:01:46","date_gmt":"2013-10-24T20:01:46","guid":{"rendered":"http:\/\/www.whitefirdesign.com\/blog\/?p=1770"},"modified":"2013-10-24T14:01:46","modified_gmt":"2013-10-24T20:01:46","slug":"netfirms-running-over-seven-years-out-of-date-version-of-phpmyadmin","status":"publish","type":"post","link":"https:\/\/www.whitefirdesign.com\/blog\/2013\/10\/24\/netfirms-running-over-seven-years-out-of-date-version-of-phpmyadmin\/","title":{"rendered":"Netfirms Running Over Seven Years Out of Date Version of phpMyAdmin"},"content":{"rendered":"<p>One of the most basic measures for keeping websites secure is to keep software running the website up to date, this is something that web hosts know and tell their customers. Unfortunately, many web hosts don\u2019t seem to feel that they need to heed their own advice and run out of date software on their servers. This put their clients at risk of being hacked though exploitation of a known vulnerability in that software. Web hosts use of outdated software also a warning sign that they may not be handling the rest of the security properly as well.<\/p>\n<p>When we do work on a client\u2019s website we do a check of what version of some common software (PHP, MySQL, phpMyAdmin, etc.) is running of the server. This is partly so that we can see how well web hosts are doing at keeping that software up date and also so that we can alert the clients when severely out of date software is in use. We were recently doing work on a website hosted with Netfirms and we found that the server was using over seven years out of date version of phpMyAdmin, 2.8.0.1:<\/p>\n<p><a href=\"http:\/\/www.whitefirdesign.com\/phpmyadmin-version-check\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-1774\" alt=\"Netfirms is Running phpMyAdmin 2.8.0.1\" src=\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2013\/10\/netfirms.png\" width=\"500\" height=\"150\" srcset=\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2013\/10\/netfirms.png 500w, https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2013\/10\/netfirms-300x90.png 300w\" sizes=\"auto, (max-width: 500px) 85vw, 500px\" \/><\/a>That version was released on March 8 of 2006 and the next version, 2.8.0.2, was released eight days later. phpMyAdmin provides a page that provides a listing of <a href=\"http:\/\/www.phpmyadmin.net\/home_page\/security\/\">all security announcements for the software<\/a> (something that other software developers should also be providing). Based on just the announcements for 2006 and 2007, the version of phpMyAdmin Netfirms is using probably contains 16 serious severity security issues and 1 considered \u201c<a href=\"http:\/\/www.phpmyadmin.net\/home_page\/security\/PMASA-2006-3.php\">quite dangerous<\/a>\u201d.<\/p>\n<p>If you want to check if web hosts you or your clients use are running an outdated version of phpMyAdmin you can check with our <a href=\"http:\/\/www.whitefirdesign.com\/phpmyadmin-version-check\">phpMyAdmin Version Check<\/a> extension, which is available for <a href=\"https:\/\/addons.mozilla.org\/firefox\/addon\/phpmyadmin-version-check\/\">Firefox<\/a> and <a href=\"https:\/\/chrome.google.com\/webstore\/detail\/phpmyadmin-version-check\/mgadbnohgoninkdjnknoglajhpgonkje\">Chrome<\/a>.<\/p>\n<p>It is not just phpMyAdmin that Netfirms doesn&#8217;t keep up to date. They are using PHP 5.3.13, which is over a year out of date and also has known security vulnerabilities (including ones that were <a href=\"http:\/\/www.php.net\/archive\/2012.php#id2012-06-14-1\">fixed in the very next release<\/a>).<\/p>\n<p>Amazingly the fact that they have some pretty obvious security problems hasn&#8217;t stop the security company SiteLock from declaring that Netfirms is secure, as can been seen in the footer of Netfirms website:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-1773\" alt=\"SiteLock SECURE Badge Shown on Netfirms Website\" src=\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2013\/10\/netfirms-website-sitelock-secure-badge.png\" width=\"500\" height=\"150\" srcset=\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2013\/10\/netfirms-website-sitelock-secure-badge.png 500w, https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2013\/10\/netfirms-website-sitelock-secure-badge-300x90.png 300w\" sizes=\"auto, (max-width: 500px) 85vw, 500px\" \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>One of the most basic measures for keeping websites secure is to keep software running the website up to date, this is something that web hosts know and tell their customers. Unfortunately, many web hosts don\u2019t seem to feel that they need to heed their own advice and run out of date software on their &hellip; <a href=\"https:\/\/www.whitefirdesign.com\/blog\/2013\/10\/24\/netfirms-running-over-seven-years-out-of-date-version-of-phpmyadmin\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Netfirms Running Over Seven Years Out of Date Version of phpMyAdmin&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[],"class_list":["post-1770","post","type-post","status-publish","format-standard","hentry","category-bad-security"],"_links":{"self":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/1770","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/comments?post=1770"}],"version-history":[{"count":3,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/1770\/revisions"}],"predecessor-version":[{"id":1775,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/1770\/revisions\/1775"}],"wp:attachment":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/media?parent=1770"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/categories?post=1770"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/tags?post=1770"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}