Gosh, some things really shouldn’t be done!
One thing for example is that stupid attitude to “scramble” PHP code by nesting it a zillion times using eval(), gz_deflate(), base64_encode() and str_rot13.
You find this in some “freely” available PHP scripts and some WordPress Themes as well. Actually nobody seems to care, that this may be well worth considering as a huge security hole!
Read more…
Thinking about security risks of obfuscated PHP code found in some freely available PHP scripts and WordPress themes, I wrote a quick’n'dirty De-Scrambler.
Read more…
Back in 2002, the guys at init7 have developped a concept to protect anonymous dial-in from being abused by spammers.
The original concept as outlined here consists basically of three combined efforts:
#1 Redirect SMTP Connections to a SMTP proxy on the core router
#2 Enforce rate limits on the SMTP proxy
#3 Temporary reject source IP which have exceeded their limits
Inspired by the basic concept I started to implement it at our site.
Read more…
|
Gianpaolo Del Matto »Conquering Murphy on every day!« |