[wp-forums] thread to watch

James Huff macmanx at gmail.com
Mon Sep 13 18:00:30 UTC 2010 

[sarcasm] Look out Otto, he's after you next! [/sarcasm]

:)

Is it wrong that this is actually entertaining? Like Clayton, I too am interested in his lack of success.

________
James Huff
http://www.macmanx.com
http://weblogtoolscollection.com

On Sep 13, 2010, at 10:44 AM, Otto <otto at ottodestruct.com> wrote:

> I will grant him that the wp-config is the easiest and most common way
> to inject code and to hack a WP site, but that assumes you already
> have access to the server's files, in which case you're already in.
> Renaming the wp-config would only stop automated tools, and even then
> it would be trivial for the tools to adjust.
> 
> Educating him on permissions might be a better route to take.
> wp-config should be set to 440 on normal one-site setups, or 400 on
> shared hosting setups using any form of setuid handling (such as suPHP
> or similar). This will prevent most routes of automated attack from
> working.
> 
> -Otto
> 
> 
> 
> On Mon, Sep 13, 2010 at 12:39 PM,  <ipstenu at ipstenu.org> wrote:
>> My Magic 8 ball says 'He's an idiot'
>> 
>> This is the same guy who asked 'What's an API?' when that's something
>> clearly documented in the plugin page:
>> http://wordpress.org/support/topic/wordpresscom-stats-plugin-give-me-error
>> 
>> He also JUST started using WP 4 months ago:
>> http://wordpress.org/support/topic/errors-in-instalation
>> 
>> If he's a hacker, I'll eat my socks.
>> 
>> Quoting James Huff <macmanx at gmail.com>:
>> 
>>> Thanks, Rich! I'll keep an eye on it.
>>> 
>>> ________
>>> James Huff
>>> http://www.macmanx.com
>>> http://weblogtoolscollection.com
>>> 
>>> On Sep 13, 2010, at 9:17 AM, Rich Pedley <elfin at elfden.co.uk> wrote:
>>> 
>>>> I don't know how serious this guy is, but it may be worthwhile  keeping
>>>> an eye on him just in case he is able to do what he says  (hah).
>>>> 
>>>> 
>>>> http://wordpress.org/support/topic/i-dont-need-help-but-i-have-questions?replies=18#post-1688473
>>>> 
>>>> I know esmi has already replied, but you may want to keep an eye on it.
>>>> 
>>>> Rich
>>>> _______________________________________________
>>>> wp-forums mailing list
>>>> wp-forums at lists.automattic.com
>>>> http://lists.automattic.com/mailman/listinfo/wp-forums
>>> 
>>> _______________________________________________
>>> wp-forums mailing list
>>> wp-forums at lists.automattic.com
>>> http://lists.automattic.com/mailman/listinfo/wp-forums
>>> 
>> 
>> 
>> 
>> _______________________________________________
>> wp-forums mailing list
>> wp-forums at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-forums
>> 
> _______________________________________________
> wp-forums mailing list
> wp-forums at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-forums

More information about the wp-forums mailing list