[Warning] TopSites

In the past week there have been issues on several servers which point back to TopSites installations. TopSites is a popular site ranking script which you may be familiar with.

The problem we see is that many different IPs (most are hijacked PCs located in Turkey, used as bot networks) are hammering these TopSites directories, acting as mini DoS attacks against those servers. The last security advisory for TopSites was last year, but apparently it remains unpatched. This does not give us much faith in the developers – it could have been fixed a long time ago, then we would not be dealing with this problem now.

The bottomline is that we are forced to disable the affected directories as we find them. We do recommend replacing this script with a similar one. We are likely disabling TopSites in all Fantastico panels.

This entry was posted in Security, Software. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>