So my site got compromised today. Literally 5 minutes before I logged in to check some notes about WordPress Security I had written down earlier. It was pretty neat, actually.
Welp, I got it cleaned, and fixed some permissions. I’ll monitor the situation, and probably have a post about it coming around in a few weeks. I always like something neat to write about.
Without getting into too much detail, I recently wanted to see what the support was like for
static::class, and came across this SO answer that got me to thinking.
» Read more about: PHP: `get_class($this)` vs `static::class` »
If you are a web developer, in this day an age, you will at some point swim a bit in the waters of the land of AWS. It is a fertile land, with many fruit, and exciting things to do, and once there, you will eventually work some with S3. S3 is fairly straight forward in it’s basic use-cases, with
s3fs it’s basically just another drive, with the added bonus that you can share that drive across multiple systems and share files, like cached images or pages.
» Read more about: S3 (in)Sanity: When `info` doesn’t cut it. »
I was wondering, in PHP land, what is more performant? Strict Not Equals (
$var !== null) or Not Strict Equals (
!($var === null)), so I did some digging, in case anyone else was wondering the same.
» Read more about: PHP: Not Strict Equals or Strict Not Equals »
When you host a WordPress site, you should consider that you are pretty much opening a backdoor to your server. It’s not quite that simple, but, as one of the most widely-used Blogging and “CMS” platforms, it is regular target for hackers, and when you consider the vast ecosystem of 3rd party Plugins and Themes (one of the main driving points of it’s popularity), hackers have a massive surface area to attack. Because of this, it is important to do what you can to protect WordPress installations from exploit and abuse. In this post I am not going to go over securing the code that runs on WordPress, but I am going to mention two things you can do using Fail2Ban to protect against unauthorized logins, and abuse of
» Read more about: Protecting WordPress with Fail2Ban »
Yoast SEO is a very capable tool, it makes a lot of the SEO process very accessible to WordPress Administrators, but I discovered just the other day that it is a little lacking when it comes to blocking search engines from pages.
» Read more about: Blocking Search Engines, and Yoast »
If you find yourself spending a lot of time working with/on web-facing servers, you have probably heard of or used this awesome little thing called fail2ban. I am not going to get in to what it is or what it does, if you have never heard of it, you should look into it, as it is a pretty helpful tool for protecting your web-connected machines. I have been using it for some time on my AWS and personal boxes, and considered myself fairly adept at it up until the other day, when I discovered a few little tricks to slimming my jail configurations considerably.
» Read more about: Short-cutting Fail2Ban 8.1 »
So, I got a very nice call from the Fraud Detection department working with Five County Credit Union, yesterday. Turns out, I was ordering Playground Equipment, and they didn’t think that was like me…
Well, it isn’t, and it wasn’t!
That’s pretty much the whole story: Playground Equipment, and some $1 bidding service. The only other odd bit was that the transactions were authorizations, and didn’t carry a value, so I got lucky.
Anyway, the card is flagged, closed, and I am getting a new one. Both transactions happen in the span of two days, and for the life of me I can not figure out where they would have left my sight recently. So I am guessing we are going to hear about another breach soon. Either that, or they were leaked as part of the Hannaford or Target breaches over the past few years, and it was my cards turn to get used. Either way, all is right with the world.
I will say, though. I looked at the website, and it was some pretty awesome playground equipment. I wouldn’t mind having a slide like that in my back yard…
I am very excited to be the new web-host for Between the Sheets Photography, the boudoir arm of Thousand Words Photography, by Laila Valade. She is a phenomenal photographer, and I am super-excited to help and be a minor support in what she does. Currently the site is simply an “Electronic Business Card” of sorts, but we will be working on getting a more full-fledged site up shortly. You can find Laila on Facebook, at Between the Sheets Photography, and Thousand Words Photography. Cheers!
Introducing CoverThis-A-Day! As you may know, I dabble a bit in photography, and I have been decidedly lax on that dabbling as of late. Well, to celebrate my getting my server running again, I have launched a new website! HOPEFULLY, this will be the beginning of a “Photo-a-Day” thingy for me, but who really knows. I already have a few Posts scheduled, so, fingers crossed…