Archive for January 14th, 2010
I’m back to updating web server, not that anyone cares..
by zitstif on Jan.14, 2010, under Posts
Yet again, I’m back to having copious amounts of free time, so being the ‘Trying-to-be-productive’ person that I am, thought I would get back to updating my web server.
I’ve converted over to WordPress due to the simplicity and not having to deal with html or php. Not that I don’t mind doing that, it’s just that I would rather quickly update this without the fuss. Though for more serious modifications to the layout and design, I will edit the appropriate files with good ol’ vi.
I had some serious reservations before converting over to WordPress. One prime example that I clearly remember from last year is:
http://wordpress.org/development/2009/08/2-8-4-security-release/
Other considerations would be the requirements for running WordPress. You need wordpress itself (really?), apache, php, and mysql.
Oh yeah, doesn’t that look familiar to anyone of you computer geeks out there? LAMP. 🙂
You can also use Microsoft IIS or lighttpd.
Visit here to find out the requirements:Â http://wordpress.org/about/requirements/
Also the WordPress administration page’s default authentication is over http which is clear text. So if I’m not careful and working on my website in a nefarious/untrusted network I could have my website defaced or better yet, have a php proxy installed without my knowing.
One way to mend this issue is by using ssh and tunneling:
ssh -D 1234 blabla@zitstif.no-ip.org
After doing this, I open my browser of choice and hope that it supports SOCKS under the proxy settings. Good ol’ loopback, you won’t judge me. 🙂
You can achieve the same results with putty , if you’re a Windows user. If you would like to know how to, Â check out:
http://oldsite.precedence.co.uk/nc/putty.html
One caveat to consider, is that even though your http / https traffic will be encrypted over the tunnel, your DNS queries will still be viewable to anyone running a sniffer on the network.
I digress… anyways..
Before I simply just ran Apache and had a pretty static web page. By the way if you want to see my crappy old lay out feel free to visit:
http://zitstif.no-ip.org/oldcrap/
I will make a link to this as a reminder to myself of things I need to do better.
When I feel motivated and paranoid enough, I’m going to scrutinize over the source code for my website. As for now though, I’m not too concerned. By no means am I a high level target of any sort. I’m just some random person blogging to try to feel important, but realizing that I’m merely talking to myself.
More updates soon to come, along with tools that may or may not be useful to you!