News
 Vandals and Crooks - Brooksville, Florida - Duplicate-Bridge |
|
|
| Pat Clark | ||||||
| Friday, July 03, 2009 | ||||||
|
Some of you may wonder why I bother to require usernames and passwords. In the last month or so, there have been four [five as of 7/7/09] attempts to break into The Daily Recap. Any time the user can enter text in the site, the potential exists that malicious users can enter special text that can circumvent the built-in protection against it. By restricting the entry of comments to registered users, who we trust, that route of trouble-making is blocked. The comment system is perhaps the most vulnerable software. You may remember the second comment system I had installed. One of the reasons I had to get rid of it was that a vandal found a vulnerability. He or she tried to damage the site, but I caught on quickly and stopped it. Another tried to get into my home machine through the "Report to Administrator" function by crafting a message with special characteristics. This didn't work either, but just to be safe, I disabled the Report to Administrator function. You know who I am -- if you need to report something, just report it. This week, two guys tried to register to see if they would get approved, and thus gain access to the comment system, I presume. One was from Zimbabwe and one from China. [Now one from Russia 7/7/09] Naturally, their registration was approved -- with full administrative rights. :)
Only registered users can write comments.
Powered by !JoomlaComment 3.26
3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved." |
||||||
| < Prev | Next > |
|---|