If you are like me, you want to make sure that the software you run is as secure as possible. My partners and I even subscribe to several third party services that actually scan our servers looking for exploits that could be taken advantage of by hackers or script kiddies. Since one of the most frequent CMS solutions we use is WordPress, this plugin caught my attention. The WordPress Exploit Scanner is a plugin that searches the … [Read more...]
UNIX System Monitoring
September 12, 2009 By Leave a Comment
Matt Critcher recently posted a review of Monit on his blog. We have been trying it out as a monitoring solution on our servers at Pleth. I get the impression from Matt’s post that he likes the software pretty well, I know he’s not a big fan of any kind of bloated software. I checked Monit’s website this morning and was very impressed to see that they also have a free iPhone application that will allow you to track your systems from … [Read more...]
Ruby on Rails Vulnerability
September 4, 2009 By 1 Comment
So apparently there was a XSS vulnerability patched yesterday in Ruby on Rails that affected Twitter and Basecamp. The spin that a lot of people are trying to put on this story is that IE8 was immune to the cross site scripting vulnerability but I think that the focus should be put on the fact that Ruby, while powerful and extremely popular, is still somewhat new and things like this are just going to happen until it matures. A cross-site … [Read more...]
Thoughts on Hacked Facebook Accounts & Security
August 3, 2009 By Leave a Comment
This morning I noticed that a few of my friends had their Facebook accounts compromised over the weekend. Granted, this is not uncommon, and for the most part your friends will understand, but it’s still a nuisance. As a result of this weekends breakout, I had a couple of people ask me to do a blog post on Facebook security since social media consulting is one of my areas of expertise, so here goes. If you have any questions, please feel free … [Read more...]
Locking Down Authentication Inside PHPRunner
July 26, 2009 By Leave a Comment
One of the biggest challenges you face when building hosted applications is how to prevent brute force or guessed password authentications. Especially given the number of warez type applications that are out there that allow unsavory users to do just that. Well, I found a resource on Xlinesoft’s website that demonstrates how to do block a user after three unsuccessful attempts to login to your application. This schema uses visitors I … [Read more...]
I received my SKYWARN® Spotter Certification from the National Weather Service in 2013 and have plans to pursue other certifications in the near future. I'm also a member of Hail's Angels: Central Arkansas Tail Chasers, follow us on 