New Nuke Security Sentinel: Worth Taking a Chance? - Nuke Community Searches for Answers

(Page 2 of 4 )

Since the launch of PHP Nuke, a number of developers have recognized the security problems and mounted efforts to clean up the code.  Revisions, forks and complete rewrites have been undertaken with varying success rates.  Some focus on a wider set of user modules and functions, but most focus to some degree on better security.

While novices swarmed to get a site or two published with the new program, much of the web development community dismissed the Nuke because of its flaws.  But a recent registered user count at just three of the popular Nuke sites comes to more than 200,000.  Take into account the fact that many users operate multiple sites and it's easy to see there are a horde of sites using this programming code, which means it should not be dismissed or ignored.

Having used a number of the variations of this program myself over the years, as well as the original, I want to talk about one that is worthy of some respect.

RavenNuke™ + NukeSentinel – A Knock-Out Punch

Reportedly, the core group of professionals at RavenNuke™ (RN) spent a year rewriting hundreds of core files to address the well documented security problems with the original code.  This resulted in the current RavenNuke™ code which includes "more than 10,000 fixes/patches" according to distribution documentation.  The NukeSentinel system, the flagship product of RavenNuke™, is a security module developed to work hand in hand with the secured RN release.  

An accurate description of the overall security project would be the RavenNuke™ distribution with NukeSentinel.  They are two programs, and one does not have to be used with the other.  However, the NukeSentinel system works so well with this particular distribution that it is easy to forget they are not one program.

Raven's distribution of Nuke still looks like a PHP Nuke program with all its modules and blocks.  An easy to spot difference from most other versions is that this code involves core files and a select few add-ons.  While some systems offer hundreds of blocks and modules with their systems, RavenNuke™ sticks with the basic operating functions, which have been modified to meet strict security standards.

Next: Repackaging the Management of Difficult Security Concepts >>
 

More Web Authoring Articles
More By Jessica Michaels

Comments On: New Nuke Security Sentinel: Worth Taking a Chance?

· This PHP Nuke system started out on a bad foot. Dedication to the concept of Open...    · Ive used sentinel for a long time but its fair to say its getting...   >>> Post your comment now!