Security

One-liner to mail when someone logs in as root

This is a short post describing how to automatically send an email every time someone logs in as root on a linux server. Add the following line to /root/.bash_profile if you are using bash as your default shell interpreter. Refer to /etc/passwd. (echo “Subject: ALERT: servername Root Shell Access from `who | awk ‘{print $5}’`”; […]

Read More
Linux

ufw and IP masquerading

I’ve just upgraded my home server from Ubuntu 8.10 to 9.04 and experienced that my ufw firewall (iptables) would not route traffic from my local network to the Internet. My IP masquerading was not working anymore and since I had not documented the process when I set it up I had to search the Ubuntu […]

Read More
Security

WordPress themes with eval and base64_decode lines

Lately I’ve been downloading and reading myself up on WordPress themes and stumbled upon something curious. Many themes had encrypted code/lines starting with the following code Example 1 eval(base64_decode(‘abcdefgh….’) and other variations like Example 2 eval(gzinflate(str_rot13(base64_decode(‘abcdefgh…’) This made me curious about why would someone make such an effort to obfuscate their code. Personally I would […]

Read More
Web

Enable secure / https SSL login on mediaWiki 1.13.3

This is how I’ve enabled secure SSL login through https on a mediaWiki 1.13.3 installation. This description might work on other versions of mediaWiki, but that has not been tested. mediWiki doesn’t support SSL login out of the box so a little hack has to be performed. First you need to tell the webserver, in […]

Read More