While the popular media have jumped on the Heartbleed Bug as if the sky were falling causing mass panic, it is actually quick and easy to fix for us CentOS users. Red Hat released a patched version of OpenSSL on 8th April and it has already filtered down to the CentOS updates repository, so all …
This morning I took the opportunity to install mod_evasive on my Apache Web Server after being hammered by zombies last night. Quote from [www.nuclearelephant.com]: mod_evasive is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to …
Since writing my SpamKit Plugin I have been keeping a keen eye on the comment/trackback spam subject and have guinea pig’d my ideas on my own blog. Recently I noticed a distinct change in the sophistication of comment-spammers. The early comment-spammers were using very basic HTTP clients, mostly without thinking about what’s going on ‘under …
A month has past since I made a change to my WordPress templates to experiment with Google bot (see previous post) and I can proudly report that it works like a charm. My original problem was that Google was returning search results pointing to index-style pages on my Blog instead of the post’s themselves. These …
Since moving my OpenSSH server down to its standard port number I have been hit daily by service scanning software and brute force password attacks. Gerry pointed out that sshdfilter can help. sshdfilter blocks the frequent brute force attacks on ssh daemons, it does this by directly reading the sshd logging output and generating iptables …
This is one of the main reasons I hate running SSH on the standard port numbers, every day I get log-alerts like these. As per usual I notify the originating ISP, at least I have an email template for it. Failed logins from these: invalid user abdul (password) from 203.98.XXX.XXX: 2 Time(s) invalid user abort …
In my previous post ‘Blogs are fundamentally flawed…‘ I noted an observation that more often than not search results would direct a user to an index-style page containing the post instead of directly to the ‘permalink’ location of the post. This leads to a poor user-experience from the visitor’s point of view, on busy blogs …
It may seem a little sad but I can honestly say that reading my access_log is far more interesting than any soap opera on TV; they are filled with exotic foreigners, futuristic robots, drama, intrigue and personal tragedy. The best thing about it is that it’s all real; these are (mostly) real people who stumble …
Blogs are fundamentally flawed for the typical Grandma-User Read More »
Horde is an application framework used by a web-based email client IMP I use to read my email. From the Horde site [www.horde.org]: The Horde Project is about creating high quality Open Source applications, based on PHP and the Horde Framework. The guiding principles of the Horde Project are to create solid standards-based applications using …
Having written my own WordPress logging / statistics plug-in over the weekend – which still in prototype, consider it a ‘coming soon’ – I have started to notice more and more peculiar User-Agents visiting my blog. I quite like to keep an eye on what spiders / bots visit my sites, how often they return …
‘NASA Search 1.0’ ??? Something Google should worry about ??? Read More »