October, 2004
Well, this is kinda old news, but m0n0wall 1.2b2 was released 10/24/2004. And I upgraded my firewall today.
Whats new (from the beta changelog):
* experimental OpenVPN support -> this will modify the optional interfaces configuration in your config.xml - backup first!
* Dial-On-Demand for PPPoE and PPTP on WAN
* added DHCP relay service
* ICMP type matching for filter rules
* PPTP VPN login/logout logging
For a while now my RSS aggregator wasn't reading Wordpress feeds anymore, and I didn't understand why (not that I tried to, either).
Today I got tired of it, installed Wordpress on my server, and found what was wrong: a typo. Wordpress sends a misnamed header, and the .NET runtime (upon which 90% of RSS aggregators rely on PC) has become very picky with the latest security updates, and it just plain rejects the file.
Soon after changing to WordPress a spambot visited my blog and posted a comment on all my posts. I looks like this problem is new to the WP community so I hope for a official solution soon.
Anyway, here is my try to stop it. Place the following code in .htaccess:
SetEnvIfNoCase User-Agent "^Mozilla\/4.0 \(compatible; MSIE 5.5; Windows 98; Win 9x 4.90\)" denyThis
<limit GET POST>
Order Allow,Deny
Allow from all
Deny from env=denyThis
</limit>
Todays post will be about security, again. Most fresh developers don't focus on security when they develop applications. Many of them don't eaven know what threats that are out there.
My focusing on secure PHP sessions started with a disussion on a norwegian PHP IRC channel. One of my fellow chatters stated that if a session key was disclosed, hijacking the session would be easy as pie, just create a cookie containing the key.
One of the biggest problem with shared servers and PHP (in my opinion) is how to secure your mySQL passwords.
Welcome to my new weblog. This is a fresh install of WordPress, wich I will be using from now on. I will import my old posts from the old blog. So stay tuned.
Well, I's five years since I first started looking into PHP, and one week ago I started my first project that uses
packages from the PEAR repository. Why so late? I don't know.
It's many years since I first learned about PEAR, and for about a year ago I went to a Bergen Linux
(and BSD) User Group meeting where Stig Bakken talked about Pear, where it was
then, and where it was going.
He said many promising things about Pear, and my interest grew, but not enough for me to start using it.
But when I started planning my newest project; a customer control panel for a