forgotz writes:  

Recently an annonymous poster at http://dadanuke.org asked about our project and in particular, security. I'll re-post my rersponse here.

As you know, total security is illusive. Just ask M$, and that is my point. The popularity of PHP-Nuke is such, that hackers and mischievients are chewin' at the bone to find more holes in the code. Good and bad. Good, because it (PHP-Nuke) in time will become much more robust in it's coding. Bad of course, because us users and programers must remain aware and vigilant all the time, against attacks and resolutions to prevent further such events.In other areas of this site, http://dadanuke.org I have explained why I do what I do with this (DaDaNuke) project. Quickly, not to reinvent the wheel, but build off an already established standard, that being the PHP-Nuke Patched Series. This bundle is as safe as what is released from http://nukefixes.com and http://nukeresources.com because my/our goal is to leave core nuke files alone and work with mods and addons that respect the same. We currently make one exception for NukeSentinel(tm) http://nukescripts.net and at that, any core file edits are up to the user. We will help of course, but will not make priority, issues stemming from serious alterations to core file edits. Last word and a bit of advise, to use the recent devastation in gulf coastal United States and most importantly the response, again we are reminded, that when it comes to security, you are your first best line of defence with regards to your security.

-dadaBIT