Nuke Development Sites Offering Webmasters Better Security Alternatives

28/10/2005 Written by felosi

When you see php­nuke in the news now a days all you see is more and more vul­ner­a­bli­ties and weak­nesses dis­cov­ered in all ver­sions, espe­cially 7.7 – 7.9. Most web­mas­ters dont even con­sider php­nuke as a viable cms and most who have had nuke have either moved on to oth­ers or live in fear of being defaced or have been defaced.With work­ing exploits so eas­ily avail­able to any­one, a php­nuke site may be the worst mis­take a web­mas­ter makes.


Well, there is an alter­na­tive, mainly being nuke devel­op­ment sites that are not affil­i­ated with the author Fran­cisco Burzi. These sites patch up all the holes that are found in the stock ver­sions and offer some very effec­tive secu­rity mod­ules such as Nuke­Sen­tinel by Bob Mar­ion at www​.Nuke​Scripts​.net, . It is a com­pre­hen­sive nuke secu­rity mod­ule that blocks all known exploits and even ones that are not known as it block all dan­ger­ous queries such as union, join, bind, and oth­ers. It also has IP Track­ing fea­tures as well as dos pro­tec­tion and script­ing block­ers.

The php­nuke patched series is by Chat­serv at www​.Nuk​eRe​sources​.com, they have patches for all avail­able ver­sions even the vul­ner­a­ble 7.7 – 7.9. When an exploit is dis­cov­ered its not too far behind the patch comes out. The ver­sion that is most highly rec­comended among the nuke devel­op­ment com­mu­nity is the 7.6 ver­sion patch level 3.1. They do patch and pro­vide secu­rity mod­ules for 7.7 – 7.9 although they advise you use those ver­sions at your own risk as the core design is some­what flawed.
Other groups such as www​.Nuke​-Evo​lu​tion​.com are offer­ing a pre-​patched install with Nuke­Sen­tinel and many other use­ful mods and even html com­pli­ance.

I would advise any web­mas­ter who uses nuke to patch their sites with the lat­est patch level and install Nuke­Sen­tinel. Pre-​patched installs are avail­able at a num­ber of sites, one being www​.raven​ph​p​scripts​.com
which stays cur­rent on the lat­est patches in their installs. You can have a secure nuke site despite pop­u­lar belief to the con­trary but there is a small amount of work on your part. Peo­ple may see recent exploits released for nuke 7.8 – 7.9 patch level 3.1 but keep in mind any­one who works with nuke will tell you that your best bet is to stick with the 7.6 ver­sion. Even though 7.7 – 7.9 is the lat­est ver­sions it does not mean they are the most secure.

I wanted to point out to any­one who uses or is con­sid­er­ing using php­nuke there is an alter­na­tive and you can have a secure nuke site, just not a stock one. Check out some of the links I have men­tioned, do the work, and you will be able to enjoy your nuke site with­out fear of being hacked and have some sense of security.