Category: Security

WordCamp EU – Q&A

https://www.slideshare.net/vsmitka/wordpress-through-the-bad-guys-glasses How do I know that my PHP or Apache version is vulnerable? You can find vulnerabilities for the particular version on CVE details. You should use the lastest versions of server components, currently: Apache 2.4.39 (major version 2.2 is out of suport now)Nginx 1.16 (stable) or 1.17 (mainline)PHP 7.3.6 or 7.2.19 Also keep in … Continue reading WordCamp EU – Q&A

Python & Ruby webserver config – the great misunderstanding

Two months ago I ran a huge global scan for unintentionally exposed .git repositories. I was surprised to find many Python and Ruby applications with this issue. The total number wasn't very high - around two thousand, but when I normalized it according to the market share of these programming languages, the situation was worse … Continue reading Python & Ruby webserver config – the great misunderstanding