Archive for the “BlogSecurity” Category

As you surely recognized from php-ids.org and BlogSecurity.net already I made a new release of WPIDS. This release fixes several problems with the usability of WordPress, further it fixes some internal bugs and WPIDs comes now with HTML Purifier.

At least one minor release is supposed to happen before entering v.2.0 of WPIDS, as some Problems were reported for the current version. The upcoming Version .2 will be completely rewritten. It will offer more granular Option settings than before, it will give you more information and a much better Documentation will take place as well.

If someone is interested into Beta Testing the latest Version feel free to contact me.

Tags: none

Tags: WPIDS

Comments 2 Comments »

Problems

I just checked my Blog today and what did I notice? At First my Template was set back to the default one, don’t know what caused that…but mostly it has the same reason as the cause of this MySQL error:
WordPress Database Error: WordPress isn’t able to create the following temporary SQL file #sql.2076.txt
or something like that was the Message. I was surprised, as well as I had no clue what the cause was. So I started a search on my Server to find some tmp folders, and luckily I found some. I changed to the /tmp dir, and there was already some #sql file in it. After I dropped the file everything was working fine again. The reason for this issue was mostly caused by the latest Server restart, maybe it was restarted after the file was created, but before the file was dropped again…At least that would it explain for me, as the file wasn’t there any more although after several visits of my website.

New WP version

Since one day there’s a new WordPress Version of the latest trunk available, the version 2.3.2 fixes a possible XSS attack, as well as several information leaks are closed. One of the biggest surprises(positive ones) is that WordPress Error messages are now only displayed if your Blog runs in WP_DEBUG mode, so it’s now by default not so easy to gain Informations about your Database structure in order to perform successful SQL Injection attacks on your Website.

So anyone who runs already WP 2.3 should upgrade to the latest release in order to have the biggest possible Protection. For everyone who uses an earlier version, should run BlogSecurity’s bs-wp-noerrors to have this feature as well.

Download WordPress 2.3.2

Tags: none
Tags: BlogSec, release, Security, Wordpress

Comments No Comments »

Some of you may be visiting my Blog, to get some Info about the status of BlogSecurity.net, as it’s now already a few days down.
But I can assure you that’s only temporary, we’re not gone and we don’t plan to disappear! We have currently only some problems with the move of the Website to a new server, and we hope that it’s fixed soon.
So stay tuned as many new things will come!
Update: The Website is back on duty, we’ve got the DNS Problems fixed(temporary) and we hope that no further problems arise.

Tags: none
Tags: BlogSecurity, down, temporary

Comments No Comments »

Bad Behavior has blocked 1269 access attempts in the last 7 days.