My memory is horrible and this weblog acts as the remedy, if you find some of the articles messy and incomplete it's because it was written for myself. However, if you find any use of it then feel free to do so. Just beware that you are using it on your own risk!

xmlrpc.php

I was seeing lots of Warnings about POST-request to xmlrpc.php in the logfiles of modSecurity for apache.

Turns out that wordpress uses the XML-RPC protocol that was created in 1998, the problem with having this enabled is that it encourages hackers to try and guess your password by making hundreds or thousands of login attempts in one single request. Continue reading “xmlrpc.php”

Minified Chroot for WordPress & Joomla with PHP FPM on Debian 9 Stretch

For months i was giving up on this project and used Debootstrap to get a 300Mb+ minbase version of debian, but…

…i finally got it working and here is the code for a chroot under 50Mb. Continue reading “Minified Chroot for WordPress & Joomla with PHP FPM on Debian 9 Stretch”