One of the things I do on this site is to monitor requests that produce 404 errors. Originally it was for purely personal reasons (I use a URL shortener for many URLs I post so it was a way to check I’d got the URL-lengthening right), but very quickly it became obvious that script kiddies were the main source of 404 errors (one, two, three, etc). The one that still makes me laugh is the script kiddie trying to access a vulnerability in a long-since-fixed Telerik control on my web site (hello! I’m the CTO for DevExpress!). […]
READ MORESo a couple of days ago, I had a free half hour, so decided to check that the open source JavaScript libraries I use in my various websites were up to date. Rather than open up the base source files and check, I decided to be hip and use Firefox’s Developer Tools console window instead, when suddenly… […]
READ MOREI’ve mentioned this a couple of times: I log 404 errors on this, my blogging site. A couple of valid reasons I suppose: to make sure that the content I upload is accessible, and to ensure that my URL redirections to my older blog (on a new domain) are working properly. […]
READ MOREIn less than a week, after almost ten years (!), the GoDaddy hosting plan I had for this site will expire. Transferring it and all its existing content to Microsoft Azure (and securing it along the way) has been a journey and a half, let me tell you, and over the past month or so – you may have noticed when stuff didn’t work – I’ve been finalizing all the tweaks I had to do. For future reference, here in no particular order were some of the last minute fine-tuning I had to do. […]
READ MOREAfter some time gnawing at my fingernails being properly indecisive, I finally pulled the trigger: moved this blog to Azure, and added an SSL certificate to make it secure. It’s now all done: all the internal links have been updated, the web.config has been properly modified, it works in Firefox and Chrome. In the middle of all this, I also updated my laptop (which didn’t help since Windows Live Writer can no longer be installed and is dead, dead, dead, so hello Open Live Writer, which admittedly also seems to be lying down at the bottom of the cage, feet in the air). […]
Just a quick update after starting this series a couple of months ago: secondboyet.com is now secure and, even better, gets an A+ from securityheaders.com. Even, gasp, the Content Security Policy. […]
READ MORESounds simple, right? After all, I’ve babbled on about how to secure your web sites this past few months, both for AWS and Azure, so it should be a piece of cake for boyet.com. Right? […]
READ MOREOver the past month, I’ve embarked on an update of my blogging sites to make them secure. All told, I maintain three, all using GraffitiCMS as the backend: this site, 64SAINT.com, and my wife’s crafting site. […]
READ MOREA couple of months ago, I read about a new security camera for your house: the remo+ DoorCam. It’s a motion-detected security camera, but waaaaaay simple to install and configure and use. We have stucco and unfinished stone on our outside walls and that makes it a pain in the neck to install security cameras and the like, and that’s even before you have to worry about the power line. I’ve even had a Ring doorbell sitting in its box for the last six to seven months, because to install it would require chipping away at some stonework – no thanks. […]
READ MOREThere I was, minding my own business, when I came across this article in ArsTechnica: “Dear Asus router user: You’ve been pwned, thanks to easily exploited flaw”. I read on avidly, because, well, I have an Asus router, an RT-N66U to be precise and the subject of this article. […]
READ MORE