Fantastico Automates Web Applications - General Thoughts
(Page 3 of 4 )
Throughout the earlier section we saw most of Fantastico's characteristics and learned its basics and working methodology. In general, Fantastico looks too good to be true, and in fact, quite "fantastic" as its name subtly suggests. In this section we'll go deeper a bit.
The open source community cannot legally prevent the creation of alternate third party installers such as Fantastico de Luxe. That's why many other "auto-installers" are also on the market, out of which Fantastico seems to be on the leading edge. However, usually the authors of the web applications that are supported by these install-script libraries stress that they do not recommending using them.
The main reason is quite intuitive: they have absolutely no control over the third party installation script and, thus, cannot guarantee that their product will work flawlessly to contribute the most to the end-user/client. I'm sure you have also noticed on the previous page that each supported web application was accompanied by a particular version number - heck, some were only RCs (Release Candidates).
Surely, Fantastico does a great job of keeping up-to-date copies of these applications, but another problem can be derived from this. Web hosting companies often acquire Fantastico licenses at some point and then hook up their servers with it, so every user/client/customer receives it preinstalled. That's great, but over time they neglect to update their currently existing versions.
That's why users need to understand that they are responsible for their own web space or dedicated web server. The provider does it job offering the "virtual space" and guaranteeing high up times, but as far as your web site is concerned, they won't bother to update your web applications, install security patches, and so forth.
As presented earlier, Fantastico has a feature related to notifying the administrator (user) about the latest security fixes, issues, and newer versions. This means that if you are aware of the fixes, you can take proper action, logging into your Fantastico and installing the patches, applying the fixes, or even reinstalling the application (backing up and/or maintaining the DB without deleting the tables with entries).
The situation becomes trickier when a particular provider keeps an outdated Fantastico version, combined with really old web application editions, such as years-old Wordpress, Drupal, 4gallery, and you name it. Then the new user registers and signs up for a new plan, logs into his/her cPanel, finds Fantastico, and installs lots of apps. Later on, if this person is lucky, s/he finds out the apps are outdated (if Fantastico notifies). However, those notifications can go unnoticed, or who knows, fail to arrive.
For example, Drupal-the leading and most popular open-source CMS-has a public disclaimer related to Fantastico de Luxe auto-installation scripts. You can read it here. Yes, that entry dates back to August 1, 2006; but the situation still exists and will always exist as long as network operators and hosting providers don't do their best to maintain their copies in order to satisfy their clients and to provide the best service.
Additionally, other issues can spark from the usage of auto-installation scripts. These install scripts always install the apps in the "default" configurations. This means that often overall security of the website and/or server can be hindered. It isn't uncommon for spammers to exploit these flaws, creating spider-bots that post automated messages on a message board, blog, guest book, CMS, and such, due to these scripts...
Furthermore, even if some users want to take matters into their own hands and configure the web applications themselves, as well as maintain their copies up-to-date by installing security patches, fixes, and version updates, this sometimes turns out to be easier said than done when the application was installed with Fantastico's installer rather than with the original script and doing the installation from scratch.
More Web Hosting Articles Articles
More By Barzan 'Tony' Antal