Sysadmins of the North
Share now!

Minify WP-Super-Cache HTML cache files: WPSCMin a WP-Super-Cache plugin

The WordPress WP-Super-Cache cache plugin doesn’t minify HTML cache files, which I find a disadvantage. Knowing minify libraries, I went looking for an existing solution (why reinvent the wheel?), and found one: WPSCMin. Read on …

Continue reading

Critical 0-day vulnerability in Joomla patched, update to 3.4.6 now!

The Joomla security team have just released a new version of Joomla to patch a critical remote command execution vulnerability that affects all versions from 1.5 to 3.4. This is a serious vulnerability that can be easily exploited and is already in the wild.

Continue reading

SQL Server versions list

How to Identify Your SQL Server version and edition.

Continue reading

Ponmocup – A giant hiding in the shadows

Fox-IT writes in a blogpost Ponmocup – A giant hiding in the shadows: Ponmocup, first discovered in 2006 as Vundo or Virtumonde, is one of the most successful botnets of the past decade, in terms of spread and persistence. The reasons why this botnet is considered highly interesting are that it is sophisticated, underestimated and is currently largest in size and aimed at financial gain.

Continue reading

Generate pseudo-random passwords with OpenSSL

OpenSSL comes in handy when you need to generate random passwords, for example for system accounts and services. In this short post I’ll give you a quick example on how to generate random passwords with OpenSSL in Linux (Bash), Windows and PHP…

Continue reading

Always_populate_raw_post_data setting in PHP 5.6 & Magento 2.0

Does Magento 2 throw an error about always_populate_raw_post_data being set to 0? And are you having problems installing or updating Magento with PHP 5.6 and PHP 7? Then read on, because here is how to fix upgrades to Magento 2.0 in PHP 5.6 and higher: PHP 7+.

Continue reading

10% WordPress plugins in top ~1000 is vulnerable, a PHP static code analysis shows

Marcin Probola conducted a PHP static code analysis of the top ~1000 WordPress plugins, and the results showed 103 plugins were vulnerable to at least one vulnerability type (XSS, SQL injection). This is roughly 10 percent! Marcin Probola writes that scanning results were manually verified in his spare time and delivered to official plugins@wordpress.org from 04.07.2015 to 31.08.2015. Most of reported plugins are already patched, some are not. Vulnerable and not patched plugins are already removed from official wordpress plugin repository.

Continue reading

WordPress Is the Most Attacked CMS Application

Imperva’s Web Application Attack Report shows spam is WordPress’ largest security threat. Imperva, an international cyber security company founded in 2002, published its 2015 web application attack report. The report includes a thorough analysis of attack data obtained through its Web Application Firewall (or WAF).

Continue reading

PowerShell return value, exit code, or ErrorLevel equivalent

Here is how you can verify whether an external command in PowerShell was executed successfully or not by its errorlevel. Simply by verifying PowerShell’s return value, or exit code…

Continue reading

RewriteProxy with .htaccess in IIS

Rewrite and proxy HTTP requests in IIS using a .htaccess

In my case scenario, I had to proxy requests in IIS, because a website was moved from web server A to B, and the DNS wasn’t updated yet. All HTTP requests for the moved website are handled in IIS’ Default Web Site; that’s the wildcard host, and the original host no longer existed there. We needed to match our website and proxy those requests to the new IIS web server. This can either be done using a proxy with URL Rewrite, IIS Application Request Routing (ARR), or a .htaccess file handled by Helicon Ape.

Continue reading

Get Hyper-V guest serial number with PowerShell

How to retrieve the Hyper-V virtual machine’s serial number with PowerShell? Sometimes you need to have the serial number of a Hyper-V virtual machine (VM, or guest). We, for instance, use this serial number in our automatic, unattended deployment of the guest operating system. But then you need to know how to find this serial number…

Continue reading

Feedly Saotn.org RSS feed on Android

Keep Saotn.org posts close to keep ahead.

The feedly news reader app for Android is a great way to have all Saotn.org posts available on your smartphone. Feedly news reader is basically just an RSS-feed reader that you can install on your smartphone or tablet. In just a few steps you add the Saotn.org RSS feed to your favorite newspapers, magazines and blogs.

Continue reading

How to block BaiduSpider bot User-Agent

The Baidu spider (BaiduSpider user agent) can be a real pain to block, especially since it does not respect a robots.txt as it should. The following IIS URL Rewrite snippet blocks the Baidu spider based on its User-Agent string.

Continue reading

How to optimize PHP OPcache configuration

Tune OPcache and make PHP OPcache perform even better! Now that you’ve optimized PHP realpath_cache_size, it’s time to fine-tune OPcache. With just a few tweaks you can tune PHP OPcache to make it perform much better, and here is how…

Continue reading

BIND 9.x vulnerable for remote Denial of Service through a magic packet

A vulnerability in BIND, and all it takes is just one tiny little packet…

BIND 9.x is vulnerable for a remote Denial of Service, where a tiny magic packet can cause BIND 9.x to stop and exit named with a REQUIRE assertion failure. All the attacker needs to send is a specially – and deliberately – constructed packet to exploit an error in the handling of queries for TKEY records. The vulnerability in BIND will crash and take down the BIND named daemon…

Continue reading
1 5 6 7 8 9 19
Skip to content
GMT fNrThai wXiv gmD bv DofV