Hi all,
I have a question about RoundCube relating security. Basically it comes down to this, how secure is RoundCube at the moment?
We have a host which had issues with version 0.2 (i think), now we are at version 0.4. Is roundcube vulnarable for exploits? How quick are things fixed? Is RoundCube mature enough to run in a large hosting/reseller environment?
Looking forward to your toughts on security related to RoundCube....
Regards
RoundCube is very secure, as long as you keep it up to date. There have been a couple of security hole in the past but they where fixed very fast. Every script is vulnerable to exploits but Roundcube is safer then a lot of scripts. I think there has been around 4 exploits for RoundCube of its lifespan (5+ years) where as scripts like Wordpress and Joomla have new exploits almost weekly. RoundCube is definitely mature and stable enough for a live environment, I know several different ISPs use RoundCube and RoundCube is included in CPanel witch is used on a LOT of servers. As long as you keep RoundCube up to date I think RoundCube is secure and one of the more stable scripts on the web.