Internet: page 5
I recently had a server go offline, taking with it the DNS for my main email domain. I had long suspected this would be a major potential problem in the setup. When the server went down the DNS settings where not backed up by the hosting company so all of a sudden people emailing me started to encounter bounce backs and I could not work out why. Then it dawned on me that when the server died something must have gone missing. Read more โ
I have been looking through my hosts logs of late and I have noticed an ever increasing amount of referrer spam. Now whilst this is of no real concern to me as I do not use referrer logs or display them anywhere it is however really quite annoying to see this type of thing in your logs. Apparently its not a new scam even though I have only started see it from the beginning of this year. Read more โ
Form SPAM (not "HAM") fighting tips
A site that I have up called Alfa Romeo Sprint QV has recently been the target of malicious spammers and/or their robots. The messages mainly consisted of porn and poker sites. Now the script used to generate the Your Sprints section of the site was written a long time ago when spamming forms and blogs was not a common occurrence and my site had a relative small readership and no Google rank or anything like that. Read more โ
I have been asked numerous times in the past how I create this effect in some forum signatures so now I am releasing the code so you can see. It could equally be used as a background image in CSS (like the photo of the excavator above) so you could have a circulating series of background or in this case header images. I am sure you can think of many other neat uses for this script. Read more โ
I have been setting up a mail server of which smtp is an integral part. I could access it through my old net connection at home and I can through work but I am currently staying somewhere with Optus Cable. They block port 25! I called their tech support to confirm, he did say it was possible to have to port re-opened for this individual connection. But I am not the account holder. Read more โ
During a recent project I ended up using ADODB and found it very effective. Especially the wrapper it places around PHPs sessions, it stores them in the DB instead of in the temp directory, which can be less secure. It also handles encryption of the session variables contents, but only using MD5 originally and I prefer to use SHA1. So I hacked the following to allow me to do so and I contributed it to ADODB. Read more โ
A very nice article: Keeping SSH access secure I use the following in /etc/ssh/sshd_config: AllowUsers username PermitRootLogin no Which kills root login access to the server meaning you will need to login as the username provided in AllowUsers and then su to root (eg. su root) or sudo the commands if you have sudo setup (apt-get install sudo). You may also wish to change the port through which SSH occurs by adding: Read more โ
A great little addition to all Apache server installations. Install it via: apt-get install libapache2-mod-security Then create a symbolic link so that the mod is enabled: ln -s /etc/apache2/mods-available/mod-security.load mod-security.load Setup the config for the module in /etc/apache2/httpd.conf Mine looks like the file attached at the end of the article. Then kick over Apache2: /etc/init.d/apache2 restart You can now run the tests to see how well mod security is working for you: Read more โ
Some hints and tips for producing secure PHP code. Some tips are gems others are less so. http://securephp.damonkohler.com/ Read more โ
For a project I am working on at the moment we are using the CamTech Merchant Gateway. A handy note to all is that it will not function on anything but Java 1.4.x. Java 5 does not work. Read more โ