Sysadmins of the North

Discuss about sysadmin, security, website or WordPress, MySQL optimization, performance, Windows Server and IIS web server

A new look & feel, less plugins and ads, a new WordPress and PHP version — 4 July 2015
My WordPress web.config — 22 June 2015
How to enable HTTP Strict-Transport-Security (HSTS) on IIS — 6 June 2015
High-risk vulnerabilities in TheCartPress leaves WordPress sites at risk — 30 April 2015

High-risk vulnerabilities in TheCartPress leaves WordPress sites at risk

TheCartPress eCommerce Shopping Cart – a popular WordPress e-commerce plugin that is actively used on over 5,000 websites – contains high-risk vulnerabilities that can be exploited to compromise customers’ data, execute arbitrary PHP code, and perform Cross-Site Scripting attacks against users of WordPress installations, claim High-Tech Bridge researchers. Users are advised to disable or remove the plugin.

Continue reading

Load Transposh Translation Filter over HTTPS — 29 April 2015
Tunnel RDP through SSH — 28 April 2015
Send authenticated email over TLS from Zen Cart — 24 April 2015

Send authenticated email over TLS from Zen Cart

Zen Cart is an open source shopping cart software. Unfortunately, Zen Cart has some difficulties sending email from a website. Here is how to let Zen Cart send email over an encrypted TLS connection, when the following condition is met: StartTLS is required. Upon investigating why Zen Cart couldn’t send authenticated SMTP over a TLS secured connection using StartTLS, I noticed two problems: …

Continue reading

Current PHP version: 7.0.0alpha2