Search:

Type: Posts; User: brianoz

Page 1 of 40 1 2 3 4

Search: Search took 0.08 seconds.

  1. Off the top of my head, here are a few things...

    Off the top of my head, here are a few things that are fairly important:
    Backups - does the host do regular server-wide backups? So if the server dies with all files gone, they can recover? (DR)
    ...
  2. Obviously if they're hitting nonexistent script...

    Obviously if they're hitting nonexistent script paths on your server, they're scanning for vulnerabilities so, knowing that, you might want to block them before they move onto scanning for other...
  3. I'd imagine that if they don't know the new root...

    I'd imagine that if they don't know the new root password, they're using puppet or something similar to reset the root password to the original password. I'd approach them and ask whether they can...
  4. A useful tool for checking your domain setup is...

    A useful tool for checking your domain setup is good is intodns.com. Try that and see what you're missing.

    You might also try using a useful subject when asking for help, a subject like "hey guys...
  5. Essentially, it's impossible to absolutely...

    Essentially, it's impossible to absolutely prevent this. There are some things you can do to help, but bear in mind that any sane admin will know they're going to jail if they try to destroy your...
  6. This is my current list: Critical - Keep all...

    This is my current list:

    Critical - Keep all your plugins regularly updated - most compromises are through old versions, since fixed; this is your single largest point of vulnerability and is...
  7. Lots of great questions above. The only thing...

    Lots of great questions above.

    The only thing I'd add, is lots of people, when working with a new business, come up with huge fancy designs and waste a lot of money. I've heard it cited that...
  8. [FEATURED] The problem is, it's all in the support. A...

    The problem is, it's all in the support. A business operating on this model really isn't a business as such; they simply can't afford the thought, care, and software that enables a service to...
  9. This is exactly what Lastpass for teams/Lastpass...

    This is exactly what Lastpass for teams/Lastpass Enterprise does. It has groups and you can put individual users in any number of groups.
  10. It's fairly common for well-speced servers to see...

    It's fairly common for well-speced servers to see performance problems with just Apache. I had these for years on several servers, very intermittent, sometimes fixed by upgrade. The permanent fix...
  11. It's always surprised me why someone doesn't...

    It's always surprised me why someone doesn't charge a small amount of money to delist an IP; it would be a good way to fund a well-managed RBL.

    Unfortunately RBLs have often been run by the...
  12. This is a bypass of a specific device (vaguely...

    This is a bypass of a specific device (vaguely mentioned as "RSA SecurID"), not a general "2FA bypass".

    It sounds, from the very brief mention, like the specific device may have been designed...
  13. Also, as well as telling us whether the bulk of...

    Also, as well as telling us whether the bulk of the data is in the DB or the files, I'd suggest you do a trial transfer to see how long it takes and what problems you run into. Document those...
  14. Totally agree with everyone who is saying it's...

    Totally agree with everyone who is saying it's always case by case. A few thoughts that I hope I haven't missed above:

    You can disinfect with the site offline and still get full WordPress access...
  15. Like everyone else above, I'd describe this as a...

    Like everyone else above, I'd describe this as a secondary exploit. Once a hacker gets in, they will often plant multiple secondary exploits of different types in your site.

    Often, those...
  16. Of course, if a home network could ever be...

    Of course, if a home network could ever be guaranteed to be secure, you probably don't need SSL as much; but then, it's not unreasonable to say that no home network is secure. The reality is for...
  17. You've posted this on a 10 year old thread;...

    You've posted this on a 10 year old thread; probably worth starting a new thread rather than reopening one on something different from that long ago.

    It's probably from a plugin though, try using...
  18. From a system point of view, this is a bad thing...

    From a system point of view, this is a bad thing to do - why do you need to run a job every 10 seconds? It's going to slow things down, and the potential for a really bad slow down is multiplied...
  19. Replies
    2
    Views
    498

    Many of us have attachment issues. Sign. :) ...

    Many of us have attachment issues. Sign. :) :)
  20. As an additional step, it's probably worth it to...

    As an additional step, it's probably worth it to install Wordfence and use it to check all your site files. Wordfence compares against the original files so should detect anything you've missed or...
  21. As Sparek and jokus and maybe others above have...

    As Sparek and jokus and maybe others above have said, this is the weakness of multi-domain hosting in one cpanel account. That's basically why it's only recommended for very small sites (eg...
  22. Perl is useful, and allows you to do stuff that...

    Perl is useful, and allows you to do stuff that is generally possible in shell, but much harder. It's not necessary to know it really well, even being able to modify it is something.

    If you are...
  23. I think you need to start by designing a syllabus...

    I think you need to start by designing a syllabus first - which is simply a list of the key topics and subjects you need to cover. Once you have that, it should be a matter of checking topics off...
  24. You don't have to memorize ssh keys, you use an...

    You don't have to memorize ssh keys, you use an agent which then allows passwordless login where your keys are registered. When you finish for the day, you clear out the key and password.
  25. As others have said, some sort of WAF at the...

    As others have said, some sort of WAF at the server level is critical. This prevents sites getting infected in the first place. In an unprotected server, it's common after a year or two to have...
Results 1 to 25 of 1000
Page 1 of 40 1 2 3 4