Archive for October, 2007
Keeping the bots out
Donncha released a post titled "keeping the libwww-perl bots out" using mod_rewrite and blocking the HTTP_USER_AGENT to help prevent attacks; however, this will not work.
Why wont it work? It is absolutely trivial to change the HTTP_USER_AGENT string, and the attacks you actually have to worry about will more then likely not use a standard libwww-perl [...]
WP Prefix Changer v1.1 released
We are excited to release Version 1.1 of the WP Prefix Changer.
This plugin will allow you to change your database table prefix to mitigate new and automated vulnerabilities that attackers may use to gain access to your blog. Although not recommended, it can also be used in shared hosting environments where a user is only [...]
Joomla gallery module vulnerable
The guys over at security.immerda.ch give a really nice narative of how one of their hosted web sites recently got hacked, and the steps they went through to identify and rectify the problem. Its really honest, and made a great read.
The attackers apparently got in with a third party gallery module for Joomla. Joomla! is [...]
Choosing a hosting provider
So you want to start a blog but are unsure how to go about it and many of us have been burnt making the wrong choices. So what exactly are we looking for when starting a weblog up and how can we prevent having to put an icepack on that finger after making the wrong [...]
September Top 5
We had some great posts in September, here are my top 5:
Spambam Project gets launched – Anyone who is familiar with blogging is more then likely familiar with comment spam. It is a well known fact that 93% of comments are spam! (…)
5 step failsafe upgrade for WP – Roland Rust runs http://wordpress.designpraxis.at and we [...]
