Lately I’ve been noticing that my WordPress has been getting hacked constantly (this site is run on WP). Even if I update it, there seems to be some backdoor that gets executed every month.

So recently I took a few extra moments to take a look at these attacks. On the surface these attacks are not sophisticated, they mostly target un-updated WP installations and install malicious payloads that has a signature similar to:
eval(base64decode(123413j234lk1j23adfa ...

Originally i started to write some scripts to remove signatures like this, but it seemed easier to re-use other’s code. I recently stumbled upon this:
Exploit Scanner
basically what this plugin does is it matches the current install with the vanilla version of WordPress and tells you if there are any differences – a very good way to detect modification of php code.

the hashes exist here:
Hashes

The other thing i do is that I track all my wordpress installs with git
everytime I install a plugin / update WordPress – i update my git with a commit, so if any of the WordPress installs get attacked, I can run:
git reset --hard HEAD to revert any changes made to the files and at the very least put me on a good baseline for cleanup

1&1 actually does some nice security scanning now. They detect attacks and then automatically lock the file so that it cant be executed on the web. In order to fix this – i usually do a:
chmod -R 777 * on the WordPress directory so git will have the right permissions to remove/delete files

Gatekeeper

there are times when your organization/company locks down your computer and you have to install software. Here is how to gain access to install software.

Obviously you will need to have root access. Most of the time, if you are configured as an administrator on the Mac, you will be able to gain root.

1. Open up Terminal
2. Run this command $ sudo spctl –master-disable

spctl is the Mac’s SecAssessment System Policy Security.

What we are doing is Disabling the assessment subsystem altogether. Operations that would be denied by system policy will be allowed to proceed; assessment APIs always report success. Requires root access.

see:

Lately I’ve been trying to run some load scripts that basically take data from mySQL and convert them to a Redis Luke Protocol. Part of the reason why I wrote it in Java was because the cached object needed to be Java serialized.

I ran into some issues while running some tests. It seems that my Eclipse memory heap was not big enough. Here are steps to increasing it.

1. Open Eclipse
2. Eclipse > Preferences > Java > Installed JREs

installedJre

3. Select the current JRE
4. Select “Edit”
5. Modify the default JVM properties to something like:
-Xms512M -Xmx1024M

editJre

When attempting to use php micro frameworks on 1and1, the key is having the correct .htaccess file

if should look like this:
Options +FollowSymLinks -MultiViews

AddType x-mapp-php6 .php
AddHandler x-mapp-php6 .php

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [QSA,L]

If you are having concurrency issues as a result of high loads, something to check if the JVM is complaining about:

java.lang.OutOfMemoryError : unable to create new native Thread

$ ps -eLF| grep -c java
$ ulimit -u

When you hear the words IE 8 or any derivative, you shudder at the thought of having to hack away at nice standards compliant code to get it to work. Unfortunately in an enterprise setting, you can’t just ignore the IE users. Microsoft has in-grained themselves in the big enterprises and IE is one of those staple products that you must support.

Today we (some other colleagues) learned that IE 8 running on Citrix, Windows Server 2003, does not like minified javascript. We had instances of it crashing/disconnecting the browser/session when attempting to invoke it inside an ExtJs application. Basically the ExtJs application has a hidden tab, that hits a standalone site, the standalone site contains uglify compressed code, whether its a processing limitation or a strictly IE behavior, we are unsure. we just know that if we don’t minify the code, it no longer crashes.

So beware of minify/compress on javascript if you wish to support IE 8. Also, if you are using grunt or uglify, make sure to turn on es3:true.

This lil hack really helps when using Git cli. Basically the script will auto-detect if you are in a git repository, display the current branch as well as different colors depending on the status.

You will need to put this in your .bash_profile (these are Mac OS X specific instructions, not sure how to do it on a Windows box, on a *nix box- you should be able to use .bashrc)


source ~/.git-completion.sh
source ~/.git-prompt.sh

GIT_PS1_SHOWDIRTYSTATE=1
GIT_PS1_SHOWCOLORHINTS=1
PROMPT_COMMAND='__git_ps1 "\u@\h:\w" "\\\$ "'

You will need to copy git-completion.bash to .git-completion.sh and git-prompt.sh to .git-prompt.sh in your home directory.

You can get it here

I was building stuff for production when I noticed that Coda, screws up javascript. Especially when typing things such as (c) it replaces it with a ©, which makes it difficult to troubleshoot. I’m switching over to TextMate.

so lately Apple has been blocking the java plugin, this is due to some of those crazy java exploits out there. but for those that NEED to have Safari work with the java plugin, here is a little hack that fixes that.

Apple writes out to a file in:
/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist

to block minimum java plugin versions. I attempted to use the one provided by Oracle, but still had issues, so to temporary hack is to change the version.

here is a script that does that (must run as sudo):

#!/bin/bash

echo "default is java version: 1.7.11.22"

JPLUGIN_VERSION="1.7.11.22"
JPLUGIN_NEW_VERSION="1.7.11.1"

if [ -n "$1" ]; then
JPLUGIN_VERSION="$1"
fi

echo "search for: $JPLUGIN_VERSION"

#cd /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources
cp XProtect.meta.plist XProtect.meta.plist.bak
sed 's/$JPLUGIN_VERSION/$JPLUGIN_NEW_VERSION/g' XProtect.meta.plist.bak > XProtect.meta.plist

echo "modified to: $JPLUGIN_NEW_VERSION"

download here:
java_version.sh

usage:

$ sudo ./java_version.sh


$ sudo ./java_version.sh 1.7.11.22