We stopped using Really Static after upgrading to WordPress 3. However I have re installed it and it is working with WordPress 3.2
We switched back because Alexa said it was taking 2.3 seconds to load a page and sometimes it would even take longer than that. I could tell that web pages were loading faster immediately! Everything seems much faster with Really Static! I will post some graphs as soon as Google updates their web stats to reflect the change in caching programs.
Thursday, September 29, 2011
Wednesday, September 21, 2011
More WordPress attacks, some sort of CSS attack?
Notice below that Wordpress is in four of the top 10 Vulnerabilities that are currently under attack!
Note below that there is some sort of CSS attack going on against WordPress sites. I do not know what the CSS vulnerability is that they are trying to exploit. I wonder if going to a plug-in like "Really Static" would be advisable as it hides the Wordpress installation and serves normal HTML files instead?
Note below that there is some sort of CSS attack going on against WordPress sites. I do not know what the CSS vulnerability is that they are trying to exploit. I wonder if going to a plug-in like "Really Static" would be advisable as it hides the Wordpress installation and serves normal HTML files instead?
Tuesday, September 20, 2011
More webmaster attacks
Monday morning I was greeted with about 80 emails from webmaster to myself. I was excited to see what I had written to myself! Needless to say it was all spam!
I made a few changes in Cpanel and they have all gone away. I decided to set it so that company email can only come from our companies IP address. So then here is my number 2 change that I will make when I become "web security czar", you should NEVER allow email to be sent without first logging in! Number 1 would be to BAN JAVA!
I made a few changes in Cpanel and they have all gone away. I decided to set it so that company email can only come from our companies IP address. So then here is my number 2 change that I will make when I become "web security czar", you should NEVER allow email to be sent without first logging in! Number 1 would be to BAN JAVA!
Wednesday, September 14, 2011
More Wordpress Attacks going on! Using TimThumb vulnerability
They are really going after the TimThumb vulnerability. There were over 80 attempts to hack one site using the vulnerability this month! I wrote my own version last year, and this year I discovered that TimThumb was still installed so I deleted it as we are not using it.
Here is another strange "insert strange data" attack going on. It looks like a long string of garbage but I am sure it means something to someone?
Now I am thinking of not using WordPress or using a "static" version of WordPress to avoid all vulnerabilities. The biggest problem with totally static web pages is that the search function would not work, it has to have a dynamic response. You can use Google site search to get about the same results.
Here is another strange "insert strange data" attack going on. It looks like a long string of garbage but I am sure it means something to someone?
Now I am thinking of not using WordPress or using a "static" version of WordPress to avoid all vulnerabilities. The biggest problem with totally static web pages is that the search function would not work, it has to have a dynamic response. You can use Google site search to get about the same results.
GoDaddy versus HostGator as a web hosting company
Recently I set up a web site on GoDaddy. After using Hostgator and similar cPanel web hosting services, I have to say that GoDaddy is much more difficult to navigate and set up. I can create a web site and email accounts on HostGator in my sleep.
GoDaddy requires that you navigate through many screens to do almost anything, with HostGator you can do almost anything you want right from the Control Panel. This picture is the top 2/3's of the Control panel.
GoDaddy requires that you navigate through many screens to do almost anything, with HostGator you can do almost anything you want right from the Control Panel. This picture is the top 2/3's of the Control panel.
Tuesday, September 13, 2011
Why are we loosing our Kids?
Why our kids are leaving the church:
1. We tell them Santa is for real
2. We tell them the Easter Bunny is for real
3. We tell them the Tooth Fairy is for real
4. Then we try to tell them God is for real?
We should tell them:
1. Santa died 1200 years ago and Christmas is to celebrate the birth of Christ.
The wise men brought the first gifts.
2. Easter is to celebrate the Resurrection of Christ.
3. The tooth fairy is to convince them to remove loose teeth.
4. That a bolt of lighting hitting a mud puddle produces life is a Really Big fairy tale.
1. We tell them Santa is for real
2. We tell them the Easter Bunny is for real
3. We tell them the Tooth Fairy is for real
4. Then we try to tell them God is for real?
We should tell them:
1. Santa died 1200 years ago and Christmas is to celebrate the birth of Christ.
The wise men brought the first gifts.
2. Easter is to celebrate the Resurrection of Christ.
3. The tooth fairy is to convince them to remove loose teeth.
4. That a bolt of lighting hitting a mud puddle produces life is a Really Big fairy tale.
Friday, September 9, 2011
Another triple inbound Solar Storm!
There is another triple inbound Solar Storm! Just like last month. Some suspect that this solar storm has something to do with the California power outage. This image below is from the POES satellite as seen at electricquakes.com.
This impact started on Friday September 9, and there are some readings that are very unusual. The picture below is the solar wind over the last seven days.
This impact started on Friday September 9, and there are some readings that are very unusual. The picture below is the solar wind over the last seven days.
Wednesday, September 7, 2011
America's Got Talent TV show Idea
I have an idea for America's Got Talent. Take several of my devices and fire them all off at once, with some music in the background. Here is what my setup might look like.
The first thing I am going to make is a double headed Tesla coil. I have two 2 foot by 4 inch coil forms for the secondary. My old "big coil" used a three inch pipe. Here is a picture showing the new forms compared to the old ones.
I have made a new top load with 4 inch flexible duct glued to an aluminum pie plate.
Then I will make my washer launcher into a double headed model to launch two washers in rapid sequence. I may add LED's to the washers to make them look like UFO's as they fly through the air. Here is a picture of me making the new flat coil for the launcher.
Next in my vertical can crusher. I have two 15uf at 5KV capacitors to add to it, they will replace the Defibrillator capacitor, they are 4 times the size of the defibrillator capacitor. Its going to be hard to fit them in the case!
Also new is the idea of adding some soda can launchers. They will use some 3 inch PVC pipes to fit the soda cans.
The first thing I am going to make is a double headed Tesla coil. I have two 2 foot by 4 inch coil forms for the secondary. My old "big coil" used a three inch pipe. Here is a picture showing the new forms compared to the old ones.
I have made a new top load with 4 inch flexible duct glued to an aluminum pie plate.
Then I will make my washer launcher into a double headed model to launch two washers in rapid sequence. I may add LED's to the washers to make them look like UFO's as they fly through the air. Here is a picture of me making the new flat coil for the launcher.
Next in my vertical can crusher. I have two 15uf at 5KV capacitors to add to it, they will replace the Defibrillator capacitor, they are 4 times the size of the defibrillator capacitor. Its going to be hard to fit them in the case!
Also new is the idea of adding some soda can launchers. They will use some 3 inch PVC pipes to fit the soda cans.
Thursday, September 1, 2011
More WordPress Hacking / Attacks going on
They are at it again, trying to hack Wordpress. Notice that there were over 5,327 log in attempts to 38 successes. We are using LoginLockDown, but its logs show nothing, even when I went into the SQL database. I am not sure why it does not do a better job of tracking the bogus log in attempts?
Here they are trying to guess the theme and then inject a line of code. Note the addition of "/wp-content/themes/theme name/temp/lots of garbage".
Here they are trying to guess the theme and then inject a line of code. Note the addition of "/wp-content/themes/theme name/temp/lots of garbage".