Ilia Alshanetsky has a great new post with some good news from the web hostin g world - it seems that some web hosts out there have wised up and are banning the use of phpBB on their servers.

It seems web hosting companies are finally coming to grips with something most security experts have known for quite some time, phpBB is inherently insecure. According to Netcraft some are taking the steps to prevent further exploitation via this application by banning its usage on their servers.

As per usual phpBB developer's response, they are denying blame and claim such moves are unwarranted, but given their security record during the past 6 months alone this is hardly surprising. Not only are new issues being found, because the developers can't seem to do an security audit, but new versions re-introduce bugs (2.0.15 re-introduced the flaw exploited by Santy worm) that have previously been solved.

It's unfortunate to see that the phpBB developers haven't taken the time to really plug the holes that have come up in their software. It's good, though, that web hosts out there are getting with it and understanding that running it could represent a serious security hole for their servers...