On 1/1/07, Jim <arizona.anorak@gmail.com> wrote:
>
> Edward Norton wrote:
> > PLUG cracked AGAIN? Not surprising considering you guys wont consider
> > anything other than a badly coded PHP CMS.
>
> Ed,
>
> Apparently you know more about securing a site than the people who run
> it.  At least that's what your message implies.  I have an idea.  When
> it's time for the next PLUG meeting, come out of the sewer, show up at
> the meeting and offer to help secure the site.
>
> Jim,

As a matter of fact, yes, I do know more about securing websites than the
people running PLUG, so it seems.

>I have an idea.  When
>it's time for the next PLUG meeting, come out of the sewer, show up at
>the meeting and offer to help secure the site.

Hey asshole, you don't even know me. Don't get a fucking attitude. As it
happens, I HAVE BEEN TO THE
MEETINGS, and I HAVE brought up site security. Infact, I've brought it
up in the IRC channel as well,
so before you start being a little prick, know who you're talking to.

Anyways, you wan't some ideas? Ok. How about to start: get the hell away
from shared hosting. Second, invest in "hardened-php," third, look into
GRSecurity and RBAC. Fourth, strip apache down to only the needed modules.
Fifth, don't use shitty CMS's.

Hey Jim, you happy now asshole?