Security

There’s a neat Ubuntu command which allows you to easily import your ssh public keys from Github to your server user account. 1 ssh-import-id-gh <github username> By default, it will append the fetched public key (or keys if you specify multiple accounts) to the current user’s ~/.ssh/authorized_keys file. Once you’ve run the above, you will be able to ssh to your server account using the same key you would use to push code to Github. ...

I’ve just released a new Math CAPTCHA Library for CodeIgniter, which can use plain text English words for numbers and random question phrases. It’s also supports multiple languages (as it uses the core language library) and both addition and multiplication. It’s still in the early stages so it needs to be put through its paces, but hopefully the CodeIgniter community will find this a nice alternative to the regular image CAPTCHA or simple math CAPTCHA. ...

I’ve noticed a recent influx of blog spam which seem, to some degree, relevant to the content it’s posted on. I think spammers are composing comments targeted to specific subject areas and then searching the web for content on that subject so that when they post the comment it appears at first glance to be genuine. Of course the most telling part is the totally unrelated link to men’s watches or postal degrees which seem somewhat out of place in a comment on a php web development framework. Nevertheless, if you’re not careful the comments can slip through the net and appear on your blog. The other issue which has become more of a problem lately is the spammer’s ability to evade CAPTCHA challenges. I’ve increased the level of noise and distortion for the CAPTCHA challenge on this blog but some still get through. It’s as if there is a person actually typing in a response to the challenge, in which it won’t be of much help. There are a few ways in which you can help fight, reduce and manage blog spam, because let’s face it - it’s not going to stop entirely. So let’s have a look at some quick first pointers. ...

I’ve decided to give the web service, Mollom, a try since my CAPTCHA, which I kept tweaking to the point where I nearly couldn’t read it, was letting me down. The problem with CAPTCHA is it logs how many form submissions it blocks, which is great, but this doesn’t necessarily mean SPAM submissions; it could be frustrated people not being able to post a comment on your blog. Mollom works by analysing the form submission for SPAM patterns, then determining whether it is suitable or not....

WPA2 is the latest standard in Wi-Fi security, and it’s considered fully secure (for today at least). It’s a good idea to run the highest level of security you can, even on a home network. I won’t go into the benefits, but as far as I can see there are no reasons not to move to WPA2 - you won’t even notice any difference, but your connection will be more secure. ...