D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Apache security flaw - my website cracked

 
On 19/07/06, Theo Zourzouvillys <theo@xxxxxxxxxxxxxxxx> wrote:
On Wednesday 19 July 2006 13:09, Ben Goodger wrote:
> And how can it be prevented?

by using microsoft software? :-)

seriously though, going back to our previous discussion, and rubbing it in a
bit, this is an example of what i mean. If it was a microsoft product, we'd
have 50 posts saying MY GOD MICROSOFT ARE LAME! USE OPEN SOURCE SOFTWARE!!!
MICRO$OFT SUXORS!!!

the solution is to keep softeware up to date.  On any platform.  and make sure
you use software that is still maintained by the vendor.

PS: Wordpress has had a fairly bad security history iirc. infact, most PHP
applications have a bad security history, because the sort of people who
*generally* write PHP code generally don't know the concepts of security.

EERK.

Sorry Theo, this point is null and void: the site wasn't compromised.
It was the ISP's DNS server.

God, these people are shits... They go for the people who have no idea and hence will give in. Reminds me of the other hapless idiot who tried to force me to shut this site down, and also got me suspended from school under the Computer Misuse Act, without me using a computer.

--
Ben Goodger
#391382
---------------------

Mi admiras religiajn; ili estas fine ebliĝinta solvi la maljunegan demandon "kiel oni povas vivi sencerbe?". 
-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html