There have been some interesting exploits out and about, and often sysadmins have a lot of wordpress installs going on the one machine. This can be problematic when it comes to upgrading multiple instances.
So I posted a script up on the Rimuhosting blog that should fix this
wget http://b.ri.mu/files/wordpress-upgrade-patched.sh
sh wordpress-upgrade-patch.sh
Original Article: http://blog.rimuhosting.com/2009/08/20/wordpress-upgrade-script/
I run this on my VPS to throttle SSH connections from dictionary attacks (OR disable keyboard based auth and alow only shared keys. No key, no access!).
Configure your services properly rather than relying on a firewall to secure you against lazy configurations. This is all I use IPTables for.
/etc/network/iptables.conf
#!/bin/bash
# iptables script.
#
# These lines are here in case rules are already in place and the script is ever rerun on the fly.
# We want to remove all rules and pre-exisiting user defined chains and zero the counters
# before we implement new rules.
/sbin/iptables -F
/sbin/iptables -X
/sbin/iptables -Z
/sbin/ip6tables -F
/sbin/ip6tables -X
/sbin/ip6tables -Z
# Drop all IPv6 connections.
/sbin/ip6tables -P INPUT DROP
# Create SSH chain.
/sbin/iptables -N SSH
/sbin/iptables -A SSH -m state --state NEW -m recent --update --seconds 600 --hitcount 3 -j DROP
/sbin/iptables -A SSH -p tcp -m state --state NEW -m recent --set
/sbin/iptables -A SSH -p tcp -j ACCEPT
# Jump ssh trffic to SSH chain.
/sbin/iptables -A INPUT -p tcp --dport 22 -j SSH
I’ve been wanting to move the old debian.co.nz onto a more generic name since its more than just debian. Its about Linux.
Ive also made the move for the first time into using somebody elses software for the site rather than my own home rolled stuff, as i really just dont have the time anymore.
Greets go out to those who helped with migrating posts (you can see who they are by who posted em!).
As for more news. The debian and ubnutu repository is going, and the server is now moved offshore. Orcon refused to respond when asked for more bandwidth and 128k international wasnt enough to maintain it. Also gone is the FTP with ISO images, for the same reason.
I have no hard feelings however, I now host on a rimuhosting VPS which has excellent resources, and saves me the hassle of having to deal with hardware and upgrades (PS, I work as a sysadmin at Rimu – and its the most awesome place to work.)
My goal now is to turn the website into more of a community hub for NZ Linux people both new and old, and geeks in general. I welcome you all to post news, gadgets, your own projects, or even how you managed to install Linux on the toaster.
When you post, just post as a Draft, ill review and approve. If I notice anyone who seems particularly into it, i will happily make you an admin who can approve or help manage the website.