We recently have had our site hacked by means of Awstats. Powweb is running version 5.9. According to awstats own website, users need to upgrade to version 6.3 to fix this security bug. After talking with other victims of this "website defacement" we all have a common theme-- we all run AWstats. Is Powweb going to do anything about this?? Please review the following pages :

http://www.packetstormsecurity.org/0501-exploits/AWStatsVulnAnalysis.pdf

and

http://awstats.sourceforge.net/

Tells all about the security problems... we need to get this fixed!!

Easy solution. Uncheck awstats from powweb and install your own customized one and put an .htaccess file in it to secure it. No more worries about it being hacked.

Is there a tutorial on how to install a "customized" one"? You'll have to excuse me. I am still fairly new at this whole thing and need instructions :)

No problem... You already found the awstats contrib page you listed above @ sourceforge.net.

download it unzip it and read the index.html in the docs directory... follow these instructions and you are good to go.

for even more security once it is uploaded, you can put one of your .htaccess files in the directory so only the proper user / password can access it.

Also, forgot to add... If you install any service, product, script, it is up to you, the site owner to always check for updates for that product etc... and maintain it. The provider is just that. A provider to give you the access to publish your information / site.

Once you install this, if you have any further questions, feel free to ask.

I personally like my own awstats as it is more thourough.

Also note: For your log location, you can find this in your ops manager under packages, website, http: ACCESS LOG: i.e. /logs/access/123456_acces_log . That is where you need to point your personalized awstats to read from logs.

Thanks for the help jschein... I will be making the upgrades. If I have any problems, I know who to ask :)

Anytime... Hit me up.. may take me some time, but I've been floating online all day today. pm me any special help you may need once installed if you have to and I will help.

FYI - our version was patched as soon as the security advisory (http://lists.netsys.com/pipermail/full-disclosure/2005-January/031002.html) came out in January.

One possibility for vulnerability might be if you deactivated awstats in OPS before it was patched...