March 19, 2007 at around evening time
· Filed under apache, spam, wordpress
This blog (www.supportsmb.com) received a bunch of spam comments recently. The commenter’s URL looks normal. When you click on the URL, however, it redirects to a search engine to query for ’sex’. To counter comment spam, I initially tried to install secureimage plugin and had trouble forcing it to behave. This stream of spam is difference, since it is by trackback.
When it first started, I changed the URL to some neutral URL such as www.google.com. Once I realized that the commenter’s name itself is tainted & loaded as well, I ended up deleting or marking them as spams. This routine got old really quick. I took a look at the web server log and found a common pattern for these spam comments.
Read the rest of this entry »
Permalink
February 19, 2007 late at night
· Filed under LAMP, apache, fedora core linux, information security, php, wordpress
In part I of this article, we discussed how to secure wordpress server by applying PHP secure configurations such as to switch on safe_mode, and to switch off expose_php, enable_dl, and allow_url_fopen. This time we’ll cover more secure PHP configurations. Read the rest of this entry »
Permalink
February 8, 2007 late at night
· Filed under apache, centos, fedora core linux, linux
When I did a graceful restart of Apache, web server component of this wordpress server, I noticed a bunch of unusual access_log entries (see below). They were all “GET /” requests using HTTP/1.0 protocol, with “Apache (internal dummy connection)” as the USER-AGENT. I’ve administered Apache servers since 1.3 series and had never seen such entries before, not even from the latest 2.0.52 series on CentOS Linux 4. I checked the source code of Apache 2.2.3-5 and found that requests are actually legit.
Read the rest of this entry »
Permalink
February 8, 2007 in the early morning
· Filed under CMS, apache, email, fedora core linux, gmail, google, information security, linux, live journal, postfix, wordpress
Yesterday I noticed a new comment added to an older post on Blix theme bug in sidebar.php, when I navigated down dashboard/Manage/Post/edit to update the live jounal of this wordpress press blog server. The comment was left a day ago and I don’t recall receiving an notification on it. In the past, I receive email alerts for comments added to posts on this server and others. Surprised as I am, I checked around. It turned out Gmail now decides notification emails from this wordpress server are spam emails and promptly drops them into the SPAM filter. Read the rest of this entry »
Permalink
February 5, 2007 around lunchtime
· Filed under LAMP, SELinux, apache, change control, fedora core linux, information security, linux, live journal, wordpress, wordpress plugin, wordpress theme
This post, as a live journal, will document the journey of this self-hosted wordpress blog server: how it gets created, maintained, altered, upgraded, and secured. The live diary will cover the whole spectrum of a wordpress blog server, or as a business-savvy would put it, the blog’s “ecosystem”: the hardware, networking (DNS, routing, firewall), operating system, Apache, PHP, MySQL, wordpress blog server software, security, themes and plug-ins, Google AdSense, backup and restore, disaster recovery, performance boosters, and etc. Read the rest of this entry »
Permalink
