Mostly Harmless

Mostly about my amusement

Tag

security

WordPress Is About Responsibility

Your WordPress site (or any web site you put on the Internet) has value. Take care of it, it is your front yard and what the neighbors see. It’s your front office where you invite people to talk or do… Continue Reading →

Tin Foil Hat Gravatars

Sometimes I do overthink things. I wrote a plugin to protect Gravatar image URLs.

Yes, but how does Matt really feel?

It reads a little like a rant, but you really can’t blame him. I’m not even going to link any of the articles because they have so many inaccuracies you become stupider by reading them. If you’re a web host… Continue Reading →

Village Idiot wants to punish the Newark Scare guy

Here we go. “He’s really an unwelcome guest,” Lautenberg told The Record of Bergen County. “He should be returned to his homeland.” via Controversy swirls over graduate student who breached security at Newark Airport | New Jersey Real-Time News –… Continue Reading →

Woo, they got the Newark Scare Guy

Nice to see Senator Lautenberg still goes for the sound bite. Is he up for re-election? “This was a terrible deed in its outcome — it wasn’t some prank that didn’t do any harm — it did a lot of… Continue Reading →

Get your red hot WordPress 2.8.6

WordPress 2.8.6 is out and it’s a security release so update now. I’m expecting the usual complaints on the support forum but so far it’s been pretty sedate. I’ve been using WordPress since version 1.5.2 and I’ve never had a… Continue Reading →

DNS excitement! Panic at the office!

Well not really panic, just your usual vulnerability patching day at the office. When I saw Dan Kaminsky demonstrate voice over DNS, I was convinced that he dreams in BIND source code.  It was a neat demonstration. Now he has… Continue Reading →

WordPress file monitoring

Over a week ago I complained about WordPress users crying security wolf and not being able to recover their blog when the “Bad Thing(tm)” happens. Since then a real brawl developed on the support forum that could be summed up… Continue Reading →

Sigh, WordPress users and hacking

If you are not running the latest version of WordPress and you get hacked, don’t go to the WordPress forum and tell the world.  Odds are you invited the disaster yourself. When WordPress 2.5 came out I was disappointed to… Continue Reading →

.htaccess to prevent wp-pass.php redirects

See the BUGTRAQ explanation here. By passing arguments to wp-pass.php, the wp-pass.php file will send the requesting browser to the URL that wp_http_refferer points to. By using a simple script the WordPress installation is easily verified as susceptible.

© 2019 Mostly Harmless — Powered by WordPress

Theme by Anders NorenUp ↑