Archive for the ‘Security’ Category

« Older Entries

Google SSL Search Plug-In For Firefox

Sunday, May 23rd, 2010

As of today Google finally supports searching over SSL. Expectedly, you can use it via https://www.google.com/. Firefox’s built-in search capabilities still use the unencrypted search, though. To remedy this I built an OpenSearch plug-in which makes Firefox use the HTTPS-based search: Install Google Secure Search Plug-In (Read more about Google’s SSL Search here)

Tags: , , , , ,
Posted in Mozilla, Privacy, Security | No Comments »

wordpress.org Cracked, Exploit in 2.1.1 Release

Saturday, March 3rd, 2007

As pointed out on the WordPress development blog, a cracker gained access to the wordpress.org servers and replaced the 2.1.1 download with a modified exploitable version. The exploitable download may have been on the site for three or four days! It may be a good idea for the WordPress developers to sign their releases with [...]

Tags: , , ,
Posted in Security, WordPress | 2 Comments »

WordPress SSL Patch Update

Friday, January 12th, 2007

The recently released security update for WordPress introduced some changes that broke my HTTPS patch for it. I have updated the patch for WordPress 2.0.6 and 2.0.7-RC1 now: wp2-ssl.patch. Read the complete SSL setup guide here: Securing WordPress 2 Admin Access With SSL Regarding WordPress security, please note that there still is a possible exploit [...]

Posted in Config, Linux, Security, WordPress | No Comments »

Chrooting Recent MySQL Versions on Debian and Ubuntu

Saturday, December 30th, 2006

I’ve posted a recipe for chrooting MySQL on Debian sarge a while ago. These instructions no longer work out of the box for newer MySQL packages from Debian and Ubuntu. The main problem is that the startup script added a few extra checks and script invocations that don’t understand the chroot environment. So here’s an [...]

Posted in Debian, Linux, Security, Ubuntu | 18 Comments »

Securing WordPress 2 Admin Access With SSL

Sunday, January 22nd, 2006

A few people have asked for an updated version of my Securing WordPress Admin Access With SSL guide. So here is an updated version for WordPress 2! The situation has not changed much since WordPress 1.5: WordPress 2.0 still does not support HTTPS access to the admin area when the rest of the blog is [...]

Posted in Config, Debian, Linux, Security, WordPress | 32 Comments »

« Older Entries