The software development madness known as Code PaLOUsa happens next week, April 25th-27th, in Louisville, KY! We are proud to be an esteemed sponsor for the event again this year.
This year’s event is headlined by Richard Campbell and Carl Franklin from .NET Rocks!, and backed by 83 sessions. Topics range from in-depth explorations of Microsoft, Java, Ruby, and other platforms, to high-altitude development sessions, to role-specific sessions for analysts, testers, managers, and more.
If you still haven’t gotten your ticket, we have one left to give away here! Get in free, save the $250 for the ponies!
We have seen an influx of attacks against WordPress sites. The attack is an old method called brute force attack. The main targets are WordPress sites that still use the default administrative login “Admin.” With half of the credentials pretty much solved, the attacker repeatedly inputs a password until it finally finds the right one.
This lapse in security has been well known in the WordPress community. It has been asked by Tony Perez why WordPress themselves have not offered a stronger password restriction and require that the Admin login be changed; the response he and the WordPress community received was “it’s just not a relevant issue.”
The fix for this is fairly simple. First make sure you update the administrative credential from the default “Admin” user name to something more personal. Second step is to update the password to be more sophisticated. It is recommended that you have a minimum length of 8 characters, including letters, numbers, and special characters such as “#”, “$”, or “%”. Incorporating lower case and upper case characters in your password will also help strengthen it.
The exploit has had a substantial impact on web hosting companies like DiscountASP.NET. When a personal computer gets compromised, there is a limit in the bandwidth that computer may have, but with a web hosting company the bandwidth is almost unlimited. When a WordPress site is compromised, the hacker then uses that site to send out attacks on other servers and hosting companies.
With the nearly unlimited bandwidth at their disposal, the effects can be devastating. The owner of the account is affected as well. With high bandwidth consumption, they may be charged to pay extra for the bandwidth usage their WordPress site utilizes.
Another security measure that can be employed to mitigate this attack is to incorporating WordPress 2 step authentication. This is an optional new feature you can enable for your WordPress site. It uses the Google Authentication App.
It is a second verification input on top of the password that obtains a random generated code from Google Authentication App. This verification code is updated every 30 seconds making it impossible to guess. You may want to read more on this new security feature on this WordPress link.
Make no mistake that WordPress themselves are taking this attack seriously, and the effects have been wide spread among many hosting companies.
If you want to find out more about this wide spread attack against WordPress sites, here are a couple of links that you might find helpful:
http://ma.tt/2013/04/passwords-and-brute-force/
http://www.bbc.co.uk/news/technology-22152296
Coincidentally this attack not only targets WordPress but Joomla web applications as well. I did not research any Joomla attacks, but if you have a Joomla site and you are using it’s default administrative login “Admin”, you may want to update the login name, and provide it a more complex password just in case.
We are avid supporters of the development community and actively sponsor Code Camps, GiveCamps and developer conferences all across the country.
Sometimes even outside the country.
This May 4th brings the Ottawa IT Camp 2013. Speakers are coming from all parts of eastern Canada to the Algonquin College. If you want to attend, registration is open right up to the day of the event.
This year, the enthusiastic organizers have even made a Windows Phone app!
I know, it’s been quiet around these parts for a few weeks. It isn’t because we’ve suddenly lost interest in writing or ran out of things to talk about. That will never happen because we’re full of it. I mean, full of ideas!
It’s been a little slow on the blog front because a lot of us have been involved in preparing for a significant beta launch. “Oh yeah?” I hear you wondering, “Like what?“
Like…like I can’t tell you yet.
How’s that for anticlimax?
What I can tell you is this new project has been more than a year in the making, and it’s going to make a lot of you very, very happy, because it will make your life easier. Your development life anyway. We can’t help with the messy real-world bits. Yet, anyway.
So stay tuned. The coming weeks and months are going to be interesting.
We’ve gotten a bunch of requests through tickets and surveys, and today we are happy to announce that SQL 2012 Reporting Services is available as a new add-on option.
You can add this service through the control panel – visit the new Reporting Services 2012 section. After its activation, the Reporting Services 2012 section of the control panel will display tools to manage additional SQL Reporting Services users. Also, the Reporting Services servers are separate from customer website servers and SQL 2012 servers.
We try to keep things simple and predictable so we do not charge a per hour rate for this service. Our pricing for SQL 2012 Reporting Services is the same as our SQL 2008 Reporting Service hosting pricing - that is, $5 per month.
Enjoy!
