On 1/1/07, Jim <arizona.anorak@gmail.com> wrote:
Edward Norton wrote:
> PLUG cracked AGAIN? Not surprising considering you guys wont consider
> anything other than a badly coded PHP CMS.
Ed,
Apparently you know more about securing a site than the people who run
it. At least that's what your message implies. I have an idea. When
it's time for the next PLUG meeting, come out of the sewer, show up at
the meeting and offer to help secure the site.
Jim,
As a matter of fact, yes, I do know more about securing websites than the people running PLUG, so it seems.
>I have an idea. When
>it's time for the next PLUG meeting, come out of the sewer, show up at
>the meeting and offer to help secure the site.
Hey asshole, you don't even know me. Don't get a fucking attitude. As it happens, I HAVE BEEN TO THE MEETINGS, and I HAVE brought up site security. Infact, I've brought it up in the IRC channel as well,
so before you start being a little prick, know who you're talking to.
Anyways, you wan't some ideas? Ok. How about to start: get the hell away from shared hosting. Second, invest in "hardened-php," third, look into GRSecurity and RBAC. Fourth, strip apache down to only the needed modules. Fifth, don't use shitty CMS's.
Hey Jim, you happy now asshole?