Security (more)

  • Recently, an issue arose with a remote injection attack vulnerability within one of another blog app’s import scripts. This is NOT a wordpress specific issue, but it’s worth mentioning here, because sites that are not running that blog app are seeing hits from attackers, all the same.

    Folks, probing for exploits, or potential exploits, is as illegal as successfully completing an exploit.

    Atleast in the country, I happen to live in.

    Ive provided information out of my own Apache logs for November, as well as provided ways to prevent sketchy user-agents from accessing your site within a post dated today.

    Follow my the link behind my name on the forums if you are interested,

    Please, I cannot say this enough, read your logs, educate yourself, stay informed.

Viewing 1 replies (of 1 total)
  • Thread Starter whooami

    (@whooami)

    I should add that the post is titled “how you got here in November”. I post snippits out my logs around the first of the month, usually showing some of the more interesting search engine queries. This month I took a different route since it seemed so timely.

    And honestly, before anyone suggests it, I am not trolling for hits. I harp on security constantly here but feel alot of what I say doesnt sink in enough. Maybe the more I say it, the more ppl might read it.

Viewing 1 replies (of 1 total)
  • The topic ‘Security (more)’ is closed to new replies.