I switched one of my web servers over to use SuPHP a few weeks ago, as it's a lot more secure. However moving from mod_php to suPHP does require a small bit of tweaking of files and directories. Under mod_php you can easily end up with a lot of files and directories being owned by the Apache user, which on Debian / Ubuntu is "www-data". You'll need to change the ownership … [Read more...] about Working With SuPHP Permissions and Ownership
security
TimThumb Updated To Version 2
Just a headsup if you're using a theme that uses TimThumb. Due to all the security issues with the plugin / script (it's a single file) the developers issued a number of updates over the last few days which culminated in the release of version 2. You should also update the file in any themes that are not active OR delete the themes, as the vulnerability is potentially … [Read more...] about TimThumb Updated To Version 2
Checking Which Ports Are Doing What On Linux
From time to time it's handy to be able to see exactly which process is using a particular port on a Linux system - especially if you're debugging issues. This command will let you see exactly what's going on - you simply change the port number: lsof -i:80 If you need the standard port numbers you can check this list … [Read more...] about Checking Which Ports Are Doing What On Linux
Fine Gael New Website Defaced
Fine Gael's new website has been defaced.Screenshot below:They were the only major political party to still host their website in Ireland up until very recently.UPDATE 2135: The Fine Gael site is now completely offline with this default holder up instead:By the sounds of things the defacement was due to bad coding. People were able to post comments including Javascript which … [Read more...] about Fine Gael New Website Defaced
Hack Eire and Irish CERT Conference
I hate paying to attend events. More often than not the organisers use the event as a "money spinner" and attendees get very little value from it. So it's nice to see that another event is taking place next month which is going to be free to attend and promises to be interesting.IRISS-CERT's Annual Conference is being held on November 19th in the D4 Berkley Court hotel. While … [Read more...] about Hack Eire and Irish CERT Conference