Comments for JournalXtra http://journalxtra.com The crazy little journal of something and nothing Fri, 03 Feb 2012 14:53:00 +0000 hourly 1 Comment on Top 10 Ultimate WordPress Security Plugins by Dion de Ville http://journalxtra.com/websiteadvice/wordpress/top-10-ultimate-wordpress-security-plugins-4262/comment-page-1/#comment-3774 Dion de Ville Fri, 03 Feb 2012 14:53:00 +0000 http://journalxtra.com/?p=4262#comment-3774 Ralph, I read your post about <a href="http://ralphndiaritoch.info/2012/02/making-a-stand-against-anonymous-hackers-and-wordpress/" rel="nofollow">the reasons WordPress blocked the plugin</a>. I hope the repository monitors unblock it soon because it is a very needed plugin. Whether they unblock it or not, please don't stop updating it (will need to rewrite this post if you do). I understand the reason for automatically shutting an infected site down. You are right, that it down is the best approach. Not just from an SEO perspective but also for protecting visitors. An email update would be useful or maybe a private Twitter or Facebook message sent to a site's admin user (I've only just considered those options). Will make time to write something about the plugin been blocked by WP. On the plus side, we say the WP repo gatekeepers have overreacted (and they have) but at least we know they are checking plugins for malicious content; this is something they haven't always done too well and all the more reason for WP to keep your plugin active. Do you know what would be really useful: if WP worked with you by providing you the definitions they discover. Let me know when you post your petition so I can sign it. Ralph, I read your post about the reasons WordPress blocked the plugin. I hope the repository monitors unblock it soon because it is a very needed plugin. Whether they unblock it or not, please don't stop updating it (will need to rewrite this post if you do).

I understand the reason for automatically shutting an infected site down. You are right, that it down is the best approach. Not just from an SEO perspective but also for protecting visitors. An email update would be useful or maybe a private Twitter or Facebook message sent to a site's admin user (I've only just considered those options).

Will make time to write something about the plugin been blocked by WP. On the plus side, we say the WP repo gatekeepers have overreacted (and they have) but at least we know they are checking plugins for malicious content; this is something they haven't always done too well and all the more reason for WP to keep your plugin active.

Do you know what would be really useful: if WP worked with you by providing you the definitions they discover.

Let me know when you post your petition so I can sign it.

]]> Comment on Top 10 Ultimate WordPress Security Plugins by Making a stand against Anonymous hackers and WordPress – ralphndiaritoch :: The Ritochs http://journalxtra.com/websiteadvice/wordpress/top-10-ultimate-wordpress-security-plugins-4262/comment-page-1/#comment-3773 Making a stand against Anonymous hackers and WordPress – ralphndiaritoch :: The Ritochs Fri, 03 Feb 2012 07:10:04 +0000 http://journalxtra.com/?p=4262#comment-3773 [...] http://journalxtra.com/websiteadvice/wordpress/top-10-ultimate-wordpress-security-plugins-4262/#Web_... [...] [...] http://journalxtra.com/websiteadvice/wordpress/top-10-ultimate-wordpress-security-plugins-4262/#Web_... [...]

]]> Comment on FarmVille Tips, Tricks and Cheats: Free FV Cash by Candyxx12 http://journalxtra.com/games/farmville-tips-tricks-cheats-and-free-cash-2794/comment-page-1/#comment-3772 Candyxx12 Thu, 02 Feb 2012 22:11:00 +0000 http://journalxtra.com/?p=2794#comment-3772 in step four the first 2 links did nothing for me in step four
the first 2 links did nothing for me

]]> Comment on Top 10 Ultimate WordPress Security Plugins by Ralph Ritoch http://journalxtra.com/websiteadvice/wordpress/top-10-ultimate-wordpress-security-plugins-4262/comment-page-1/#comment-3771 Ralph Ritoch Thu, 02 Feb 2012 12:45:00 +0000 http://journalxtra.com/?p=4262#comment-3771 Hello Dion. I saw your suggestions and having controls to the plugin was something I was working on but I had some problems finding any documentation on adding controls to the network admin for WordPress multi-user. In multi-user you can't have your users disabling the virus scanner. As for changing the file permissions to 444, I must be completely honest, I don't think that will work because most linux systems will allow you to rename a file that you don't have access to as long as you have write access to the directory. The shutdown is mandatory though because if Google sees a virus on your site you will get temporarily blocked by their anti-malware protections, so technically it is more there as a SEO feature. Ideally I should probably have it also send an email to the admins that the site has shut down. As for the .static files, unless you have a horrible server configuration they are not executable, and will display as text files which are harmless. Worst case you can block access to .static files via .htaccess  . The future of this plugin is unclear, the library which provides the scanner is somewhat separate from the plugin so I may simply switch to a new blogging platform and re-release the plugin for that platform, though I'll continue to at least maintain the functionality of the WordPress version as they change the functionality of WordPress. Not to support WordPress but just to help keep the internet safe. Hello Dion. I saw your suggestions and having controls to the plugin was something I was working on but I had some problems finding any documentation on adding controls to the network admin for WordPress multi-user. In multi-user you can't have your users disabling the virus scanner. As for changing the file permissions to 444, I must be completely honest, I don't think that will work because most linux systems will allow you to rename a file that you don't have access to as long as you have write access to the directory. The shutdown is mandatory though because if Google sees a virus on your site you will get temporarily blocked by their anti-malware protections, so technically it is more there as a SEO feature. Ideally I should probably have it also send an email to the admins that the site has shut down. As for the .static files, unless you have a horrible server configuration they are not executable, and will display as text files which are harmless. Worst case you can block access to .static files via .htaccess  .

The future of this plugin is unclear, the library which provides the scanner is somewhat separate from the plugin so I may simply switch to a new blogging platform and re-release the plugin for that platform, though I'll continue to at least maintain the functionality of the WordPress version as they change the functionality of WordPress. Not to support WordPress but just to help keep the internet safe.

]]> Comment on Top 10 Ultimate WordPress Security Plugins by Dion de Ville http://journalxtra.com/websiteadvice/wordpress/top-10-ultimate-wordpress-security-plugins-4262/comment-page-1/#comment-3770 Dion de Ville Thu, 02 Feb 2012 10:35:00 +0000 http://journalxtra.com/?p=4262#comment-3770 Hello Ralph, I'm sorry to learn WordPress has blocked the plugin from being hosted in its repository. Look at my write up of the plugin again. You will find a possible solution in it. Let me know if disabling executable scripts in the virus definitions directory is an issue for the plugin. It shouldn't be. Hello Ralph, I'm sorry to learn WordPress has blocked the plugin from being hosted in its repository. Look at my write up of the plugin again. You will find a possible solution in it. Let me know if disabling executable scripts in the virus definitions directory is an issue for the plugin. It shouldn't be.

]]>