Detailed Post-Mortem of a Website Hack Through WordPress & How To Protect Your WordPress Blog From Hacking

This WordPress blog was hacked for few hours on 24th December (nice Christmas present!) from Russia. The hacker exploited several WordPress vulnerabilities in administrative scripts to gain full access to the website (as permitted to apache user), including the ability to upload & run scripts, delete any file owned by apache user, view the file and directories etc. This is a full disclosure on the how the site was hacked and how I detected and removed the hack along with few comments on the state of WordPress security. I added a WordPress plugin and made modifications to prevent any such hacking attempts in future using WordPress. This is a must read for WordPress bloggers.

Full article (2289 words) »

Free JSP, Servlet Hosting Provider

I was a long time user of mycgiserver.com which is the first and only provider of free JSP Hosting that I am aware of. As some of you know it was saved at the last minute by Rick H of JavaLobby fame, who supported continual survival and health of the company. The site was renamed as MyJavaServer.com.

Full article (249 words) »

How ___ to develop great software: A Guide

This guide is based on years of observations after using thousands of applications, both commercial and open source. Some of the references are to windows based applications. However the principles are universally applicable.
Full article (1618 words) »
Protected by Comment Guard Pro