So I was minding my own business while connected to my VPN service when I noticed several blocked outbound network connections appearing in my firewall log. For some reason my wifi adapter (wlp3s0) was trying to connect directly to the internet without having traffic routed through my VPN interface (tun0). Was this my reward for not reviewing AUR PKGBUILD files, or was there another explanation as to why wlp3s0 wanted to disclose my real IP address?
There has been a long and tedious debate among slackers over whether the distribution should stick with KDE4 or move to Plasma 5. According to Slackware’s KDE maintainer Eric Hameleers, a decision has been made and Slackware 15.0 will ship Plasma 5.
So today I’ve experienced a more significant than usual attack against WordPress installations hosted on one of our company servers. So far I’ve blocked more than
17000 21000 unique IP addresses, but the attackers seem to have an endless supply and they’re not slowing down. Note: This article was updated on January 27, 2018.
I recently added support for the HTTP/2 protocol on this server and I am really pleased with the additional performance gains. This VPS was already running a functional LAMP stack, so the following steps describe the necessary configuration changes for my setup which relies on Apache with PHP-FPM.
Now that I’ve been running this blog on Gentoo Linux for a while, I’ve discovered a few new potential gotchas when failing to pay attention while interacting with Portage. The latest addition to my list was nearly removing my running PHP installation with
Having a strict content Content Security Policy (CSP) can be a useful addition for your website security. However, when running a content management system (CMS) like WordPress, you’re often forced to make a few a undesired compromises.
I’ve received a few hundred requests originating from bots setting site.ru as their referrer. These attacks are scanning for compromised WordPress installations and PHP based shells and backdoors. The attacking IP’s belong to compromised hosts and websites from service providers around the world.