[PLUG] PLESK - was Joe Jobbed

[m0gely]

Ronald Chmara wrote:

> Plesk is incompatible with secure servers, because it just about  
> *requires* one to run vulnerable software, in order for Plesk to keep  
> working right, and does not self patch so more secure versions in a  
> timely manner.

What is a secure server?  By your other post, it seems more that the 
level of security on a server is by effort of the admin to keep it up to 
  date in the context of security.  Why does running Plesk not allow 
this?  I am on a couple security mailing lists and semi-regularly check 
a few security sites for reports, but am by no means an expert.  I don't 
know you, but it's possible that you could make me look silly in this 
arena, and no doubt there is always a bigger fish that could make your 
efforts look ameture.  So it's difficult to draw a line here.  Security 
requires multi-facet, multi-level prevention, and sometimes running 
something that has a bad track record is mitigated by other counter 
measures.

I guess my point is, most people (hopefully) sit and put a lot of 
thought into what they want to run on their servers/machines.  Some of 
the decisions yield to business plans and goals, but in any case, 
security should alway be a concern, and effort is required to lessen the 
risk.  SWsoft does provide means for keeping Plesk up to date.  The 
level of effectiveness could be argued, but it's something.  You're not 
wrong, I just think there's more to it.

-- 
- m0gely