Recent Comments

WordPress SQL injection hack: watch for=> %&({${eval(base64_decode($_SERVER[HTTP_REFERER]))}}|.+)&%/

If you are running a WordPress based blog like I am and suddenly notice your post URLs have something “extra” appended (see the subject line), your blog has been hacked.

You can read more about it here (thanks, UCLABoyz, thanks schang!), where you will also find guidance regarding cleaning the problem up. Unfortunately, […]

The Internet is a weird place…

I run several websites off of my one Linux server sitting here in my house.  I try to keep it reasonably secure: it’s behind a firewall with a limited number of open ports, I try to keep my software somewhat up to date, and I install code to intercept blatant attempts to spam or […]