[AusNOG] Borrowed addresses, data retention, court orders

Karl Kloppenborg karl at hyperconnect.com.au
Tue Jan 31 14:12:19 EST 2017 

Amen.

My 2c (from a person who has written and contributed to the Wordpress
codebase).

Wordpress itself is excellent, I’ve never had a problem with it (nor have I
had one compromised) and you shouldn’t either if you adhere to their
recommendations and guides.
The right security installation SuHousin, Nginx, FPM, Fail2Ban and CSX
alongside a review of each plugin that goes into your install and you’ll be
set for life.
Oh and make sure your permissions are correct yeah?

Seriously however, anyone who is blaming the Wordpress codebase (read: the
platform, without any modules) doesn’t understand it well enough and is
actually inadvertently dismissing one of the best open source codebases
(well reviewed, well established and even better code compliance) out
there, it’s an excellent system. period.

The problem directly stems from people running software they shouldn’t be
running, modules being developed in the open community by people with great
ideas, not great coding strengths. (rubbish as Chad Kelly said.)

And unfortunately this problem is not a localised issue just in the
Wordpress ecosystem but also in any codebase of well used open source
software for the general masses. (i.e. CakePHP, Joomla, Magento).

—karl.

On 31 January 2017 at 1:12:32 pm, Chad Kelly (chad at cpkws.com.au) wrote:

This is the main issue with Wordpress, and other similar systems, its not
the core platform that's the issue, it is the first time developers and the
rubbish ones that don't know how to write code properly, so you end up with
bloated websites with security issues, and a bunch of people who think
those broken plugins are awesome, as they don't know about the security
issues so they go and install them.
This is why any decent managed hosting provider won't allow customers to
install random plugins into systems such as Wordpress.
Regards Chad.

On 1/30/2017 11:55 PM, Paul Wilkins wrote:

Pretty sure most everyone is aware that security is easier said than done.
When someone with the resources of Google can be hacked, it's not lack of
knowledge that's the problem. It's that the industry is generally in denial
as to how bad the situation is, and business process steamrollers over the
cracks. Business development sells the customer a service, project managers
push timeframes for a solution on time and under budget, and everyone knows
any hack will be down the track, and be someone else's problem. The problem
is failure to build security integral to IT systems, and that's not really
possible with an internet that's been built on an open architecture. Every
month I'm wondering who will be the high profile hack this month and this
will probably continue without a fundamental rethink of how security is
integrated and end to end delivered.

Kind regards

Paul Wilkins

On 30 January 2017 at 23:04, Nathan Brookfield <
Nathan.Brookfield at simtronic.com.au> wrote:

> After Macquarie Media apparently had 2GB.com and 4BC.com hacked this
> morning, also on WordPress it seems there is a big lack of knowledge on
> this stuff out there.
>
>
> Kindest Regards,
>
> Nathan Brookfield (VK2NAB)
>
>
> ------------------------------
> *From:* Chad Kelly <chad at cpkws.com.au>
> *Sent:* Monday, 30 January 2017 10:44 PM
> *To:* Nathan Brookfield
> *Cc:* ausnog at lists.ausnog.net
> *Subject:* Re: [AusNOG] Borrowed addresses, data retention, court orders
>
>
> I should of provided the following link with my previous post but
> Sucuri.net offer a paid service for cleaning Malware and they offer a
> free scan for websites as well.
> https://sitecheck.sucuri.net/results/theispguy.com
> It looks like a bit of a mess.
>
> Regards Chad.
>
> On 1/30/2017 6:48 PM, Nathan Brookfield wrote:
> > Schooled!
> >
> > Nathan Brookfield
> > Chief Executive Officer
> >
> > Simtronic Technologies Pty Ltd
> > http://www.simtronic.com.au
> >
> > On 30 Jan 2017, at 18:45, Chad Kelly <chad at cpkws.com.au> wrote:
> >
> >> On 1/30/2017 10:34 AM, ausnog-request at lists.ausnog.net wrote:
> >> Apparently so... screw Wordpress... bloody nightmare to manage.
> > Not if you have the right tools in place.
> >
> > Generally now a days you can automate the security updates for Wordpress
> so you don't even need to think about it.
> >
> > Plus you should be using other security measures such as Mod_security
> and things like Fail 2 Ban.
> >
> > https://modsecurity.org/about.html
> >
> > and fail2ban.org
> >
> > Those two tools alone with decent configs will nuke anything that tries
> to hack in.
> >
> > For extra security on top of that you can use CXS, which will scan for
> things like scripts containing malware and quarantine them so that if
> something does manage to get in it doesn't affect your online presence.
> >
> > https://configserver.com/cp/cxs.html i've been using the Config Server
> tools for years now.
> >
> > With those tools and Mod_security configured properly you don't need the
> extra security plugins for Wordpress specifically.
> >
> >
> > When I checked a few hours ago the ISP Guy site was still infected and
> was redirecting to another site.
> >
> > Regards Chad.
> >
> >
> >
>
>
> --
> Chad Kelly
> Manager
> CPK Web Services
> web www.cpkws.com.au
> phone 03 9013 4853
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>


--
Chad Kelly
Manager
CPK Web Services
web www.cpkws.com.au
phone 03 9013 4853

_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20170130/36600952/attachment.html>

More information about the AusNOG mailing list