UPDATE on Jill’s blog. To recap, Jill’s Personal finance blog https://frugalhoney.com was suffering a denial of service (DOS) brought about by a Brute Force attack. A brute force attack is when the website is made so busy trying to serve pages that it essentially hangs.
After I backed up the
site and made it run on my laptop I went to work. Brute force can be
done in multiple ways and slowly I started to fix issue after issue. I
was careful not to overdo it because I wanted to know exactly how the
site was being attacked via trial and error. First I started to protect
Wordpress essential files and placed captchas. When that didn’t work I
stopped wp-cron.php. When that didn’t work I installed a high end plugin
that hid system pages even more and stopped certain procedures
altogether that were not essential. After that I finally cloudflared my
DNS to block and document attacks. I was working with my US host to fix
the issue and overall we traded close to 30 emails.
Continue reading “Frugalhoney.com Attacked Part III – Moved It To Blogspot”
So i’ve confirmed that Jill’s site https://frugalhoney.com is going through a brute-force attack. A brute force attack is software that does two things. 1. keep trying to guess a password and 2. tie up the login page of the website disallowing anything else. Think of yourself as a bad guy and you do not want people to call the police. While you cannot destroy the phone system you can instead keep calling the police’s phone so when anyone tries to call them they keep getting a busy signal effectively disabling it.
Continue reading “Frugalhoney.com Attacked Part II”
So jill’s Personal Finance website https://frugalhoney.com may or may not have been hacked. I say ‘may have been’ because Server logs showed classic hack signs such as brute-forcing wp-login.php and wp-admin.php, the key wordpress files to try and access the dashboard.
a site that gets only less than 200 visits a day that’s suspicious.
Most random type hacks try to access every possible file but in this
case it seemed very specific.
Continue reading “Frugalhoney.com Attacked”
Whether you are using Windows or a Apple computer, there’s a feature called Accounts. Accounts allow you to set up your computer so that another person can use it. That other person will have his own Desktop, his own wallpaper, his own Documents etc. as if it was his own computer, all protected by a different password than the main account.
Continue reading “How To Avoid Showing Girls In Bikinis On Your Presentation”
In my case I was using the Entity Auto Term module, which issued a patch fixing a known issue. The patch i’m trying to apply is https://www.drupal.org/files/issues/2018-09-28/no-duplicate-terms-2945343-5.patch and part of it looks like this:
To apply it, you have to edit your composer.json located at your website root, pictured here via Filezilla FTP:
I right click view/edit to edit it in Notepad++ here:
I will need to add the red part below. You will most likely have the green part already present, so just edit the red “patches” section to fit your needs.
"Drupal EAT fix duplicate terms": "https://www.drupal.org/files/issues/2018-09-28/no-duplicate-terms-2945343-5.patch"
Next run Composer Update, and the output should look like this:
That’s it you should be all set.
Every year small to large villages called barangays, villages or LGUs (Local Government Units) all over the Philippines issue annually renewed stickers to the public allowing entry into their villages. Tenants pay a regular fee while non – tenants are charged more for the privilege, a common practice for villages used as shortcuts for drivers to skip traffic or are home to schools or offices that non tenants need to visit.
Annual renewal is an arduous process especially for larger villages and the process is akin to car registration renewal – yet another one of the many annoying things car owners have to go through. I always thought IT could help so here’s a web based facility that may automate the process:
Sign Up and fill up a Profile
Here is the sign up process:
- Tenant or Not?
- Business or Individual?
- Full name / Company / Organization Name
- Date of Birth
- Mobile / Telephone Number
- Government ID (Driver’s License, Passport, etc.); or DTI / Mayor’s Permit
Continue reading “My Idea for LGUs: Online Village Sticker Administration”
So as a government consultant I am subscribed to the Philippine Government Electronic Procurement System (PhilGeps), and I get an email whenever the keyword ‘consultant’ pops up on any requirement. A few days ago I was quite surprised when I got this:
Continue reading “SSS Assessment & Vulnerability Testing A National Security Milestone AFAIC”
After a few years working at different government agencies I’ve come up with a few ideas. Some I thought of myself, many from discussion with consultants like myself, some seen from abroad, etc. I’ll be writing at least one per week, starting with this one:
Idea: Centralized Document Clearing House
Government agencies send hardcopy letters, memos, invitations, official papers and all sorts of documents to each other all the time. The potential for fraud is medium to high especially for example when LGUs write to ask support from government agencies and Congressmen or Senators for regional projects ie. bridges, buildings, medical facilities and all sorts of infrastructure. Continue reading “Government IT Idea: Centralized Document Clearing House”
I like this ‘jargon free contract‘ I saw recently from Boingboing.net, which I copy here:
You give me money, I’ll give you creative.
I’ll start when the check clears.
Time is money. More time is more money.
I’ll listen to you. You listen to me.
You tell me what you want, I’ll tell you what you need.
You want me to be on time, I want you to be on time.
What you use is yours, what you don’t is mine.
I can’t give you stuff I don’t own.
I’ll try not to be an ass, you should do the same.
If you want something that’s been done before, use that.
If you want your way, you have to pay.
If you don’t pay, I have final say.
Let’s create something great together.
It’s enjoyable because for the most part this boils down my own experiences as a Consultant and Freelancer and more importantly how it relates to expectations while executing work.
Continue reading “‘Jargon – Free Contract’ Boils Down What An Agreement Really Is”