Teaching, rebuking, correcting & training in righteous web design.
Sarah Palin got trashed the other day. Well, actually, an in-tact draft of her speaking contract with California State University got tossed in the trash resulting in some potentially embarrassing details.
The take-away from this incident is not political, but rather it reminds us of some rather some good old fashion security precautions we need to take when dealing with other people’s data.
As once again the TSA reminds us that Christmas Snow Globes a threat to National Security, I thought it might be a good time to talk about the wide-World of bad-guys and some simple things you can do to guard your site from a potentially explosive situation.
I believe it was the slam of a large piece of plywood falling 2 some-odd stories onto other lumber that rudely awoke me at 7:40 AM this Thanksgiving morning. An no, I couldn’t go back to sleep as the hum of a noisy air compressor placed precisely next to the property line driving the pneumatic [...]
Imagine waking up one day to this news flash: “Your pastor’s private e-mail hacked, family photos raided; cesspool blog gloats; feds investigate!” The hack of Sarah Palin’s email account via Yahoo’s password recovery system serves as a wake-up call that screams that no matter how strong a password you use – if you have weak password recovery questions – you’re open for an attack.
Just as good fences make good neighbors, strong passwords make secure users. Put another way, if your pastor is using his first name as a login, and his last name as a password, it won’t be long before your website and/or email system begins spewing spam for various online services not usually associated with a [...]
Want to get hacked? It’s easy, just ‘chmod 777′ everything the next time you install a bbs or photo gallery application. Don’t want to get hacked? Read on and ‘find’ how hackers see, and exploit the unsecured areas of your system.
Spambots and spiders that ignore robots exclusion file can kill your site both in bandwidth and by potentially exposing information you don’t want ‘harvested.’ With that in mind, here is a quick-n-dirty guide to blocking spambots and rogue search engine spiders by using .htaccess. First the essential example codeblock, followed by a working example:
With more church webmasters taking advantage of free, one-click installs provided by inexpensive web hosting solutions, I figure it is time to provide a quick tutorial on how to harvest useful operational, user and security information the error logs using a variety of commands already at your disposal – free.
