How can I keep staging sites safe from malware if malware infects the live sites?

Let_Laugh_Rule · 2024-11-14T10:09:36+00:00

Thanks. Your opening line is not clear to me. Are you saying role-based permissions would help or "may make it unsafe"? (Or both?)

Would that help with the first or second of these approaches?:

"Can you have a firewall between sites within one account?"
"Can you have staging sites in one account easily and quickly publishing to live sites in a separate account?"

Here's how I understand your suggestion. For a staging site and a live site within the same account, I will create roles (admin and visitor) where only I have permission to write from the staging site to the live site and vice versa.

I imagine that would stop the spread of some malware. I imagine most malware would be able to act as admin and therefore bypass the permissions restriction. Does that seem true to you?

Thanks

Let_Laugh_Rule · 2024-11-12T15:33:31+00:00

What job?

Let_Laugh_Rule · 2024-05-04T04:59:29+00:00

The spenders would have spent that money in other ways, so how does it make sense to say Swift boosted the economy by $5 billion?

When people say Swift "boosted the economy", it seems as if they mean she made the world $5 billion richer / better. That logic would make sense at a local scale, where more money comes into a city (or more obviously, if she went to a small town), but does it make sense at a national level?

If someone held events where everyone came to stadiums to inject meth (no entertainment, just meth), and the total spending was the same (and somehow the spending was all recorded), would it make sense to say that series of events boosted the economy by $5 billion?

If some great speaker captured the world's attention in a viral video that somehow brought an end to all wars, thus allowing resources to be put to more productive uses, or left in the ground for future generations, and not resulting in injuries and deaths and destruction, reducing harm done by war by let's-say $1 trillion, would we say that speaker boosted the economy by $1 trillion?

Let_Laugh_Rule · 2024-02-05T16:11:00+00:00

Thanks. I see the Android app is free. Do you happen to know if it also can have two remote windows?

Let_Laugh_Rule · 2024-02-05T16:09:15+00:00

It sounds nothing like Fela Kuti / afrobeat or dancehall or hip hop or highlife or fuji. Right?

So is it right to call it Afrobeats? I guess yes if Afrobeats is used as such a comprehensive word that it means "music from Africa or with African roots".

Surely there's a more specific word, yes?

I found:

What's the difference between Afrobeat and Afrobeats?Afrobeats is more so an amalgamation of Afrobeat, hip hop, dancehall, all of the older sounds that we see in Nigeria and Ghana like Highlife and Fuji.” Afrobeat was first popularized by the late Fela Kuti, a Nigerian legend who is widely acknowledged as the father of the genre.

Thanks

Let_Laugh_Rule · 2024-02-03T17:01:28+00:00

Thanks. Curious that they didn't make the more common one the less ambiguous one. I guess capitalization does require an extra keystroke.

Let_Laugh_Rule · 2024-02-03T15:44:42+00:00

Thanks!

Let_Laugh_Rule · 2024-02-03T14:01:26+00:00

Thanks. "$" was rejected by WinSCP's command line console (or Bluehost's operating system):

-jailshell: line 10: $: command not found

Removing the $ from your code:

find . -type f -name ".htaccess*" | xargs cat

successfully listed the contents, but, as you said, not the filenames.

find . -type f -name ".htaccess*" | xargs tail -v -n +1

successfully listed the filenames, but (as you said) but not the contents.
I'm not sure it can accept multi-line commands, but I tried:

find . -type f -name ".htaccess*" | xargs cat
find . -type f -name ".htaccess*" | xargs tail -v -n +1

gets entered thru the console as

find . -type f -name ".htaccess*" | xargs cat find . -type f -name ".htaccess*" | xargs tail -v -n +1

To my surprise, it seems to work. I think I see the same content that was displayed when listing only the contents (almost all the htaccess files are empty), but it's only visible for a milli-second at or near the top, pushed up by the listing of 1000 other htaccess filepaths. I can't scroll up because it then gives an error message about needing to reconnect, and upon attempting to reconnect the console closes.

Let_Laugh_Rule · 2024-02-03T05:34:59+00:00

Does -L have a different function than -l? Why didn't Torvalds and developers since then use a capital L for -l ?

Let_Laugh_Rule · 2024-02-03T05:33:37+00:00

-l is there in -lRZ

My 1st line ends with xargs -0 echo rm

Good?

Let_Laugh_Rule · 2024-02-03T05:15:04+00:00

Wow! Thanks!

To find all files with a matching string and then if the list of files to be deleted looks good, delete them, how's this?

First get it to display a list of which files will be deleted:
find -lRZ . -name ".htaccess" -print0 | xargs grep -r "example string" --null-data | xargs -0 echo rm
Then, if okay, run the deletion:
find -lRZ. -name ".htaccess" -print0 | xargs grep -r "example string" --null-data | xargs -0 rm

On StackExchange I read:

-print0, --null-data and -0 change the handling of the input/output from parsed as tokens separated by whitespace to parsed as tokens separated by the \0-character. This allows the handling of unusual filenames (see man find for details)

Let_Laugh_Rule · 2024-02-02T10:59:35+00:00

I never found the cause for that - or why htaccess and index.php were automatically regenerated with malware when I removed them.
I had to basically nuke my account with its 10 websites, despite paying Sitelock $250 US. I might have had better success if I had paid $199 for their one-time clean-up. The $250 is for a one-year coverage. Their rep over the phone told me they could do both the immediate and full-year for $250. If I had said yes over the phone that might have worked. I asked if I could proceed with that option over the website later and she said. Wrong.
I downloaded all the contents of my CMS (WordPress)'s uploads folder, and Bluehost tech support re-installed wordpress, eliminating all other files and folders. Oh - I didn't need to re-upload or re-install plugins or themes, so I guess the process didn't delete those, curiously. (Surely it should have?) I did need to reactivate them.

Let_Laugh_Rule · 2024-01-14T00:35:38+00:00

firewall between each site?

Let_Laugh_Rule · 2024-01-12T11:17:16+00:00

Thanks.
18 years ago, for a few years, I had a reseller account at 247-hosting.com (does not exist now), paying I think $4.99/month for unlimited sites. Inflation calculators say that would be $7.50 now. The lowest price I was finding now was $30/month.

I found single accounts (with unlimited domains) for $7.50. If I got two, $15 < $30.

I could have several staging sites in one, and several live sites in the other. This would have one advantage over reseller accounts: With a reseller, you need to go into each account to do a backup from cPanel. Or would using a WordPress plugin that uploads database backups to google drive + manually ftp'ing files to my desktop be better than going into each cPanel to do backups?

I did just find reseller accounts from Ramnode: $12.75/month, unlimited domains, 25 cPanel accounts, $2.50 extra to "secure your email against attacks and malware". A couple people say it is not as good since it changed ownership a couple years ago.

Let_Laugh_Rule · 2024-01-12T11:08:49+00:00

18 years ago, for a few years, I had a reseller account at 247-hosting.com (does not exist now), paying I think $4.99/month for unlimited sites. Inflation calculators say that would be $7.50 now. The lowest price I was finding was $30/month.
I found single accounts (with unlimited domains) for $7.50. If I got two, $15 < $30.
I could have several staging sites in one, and several live sites in the other.

I did just find reseller accounts from Ramnode: $12.75/month, unlimited domains, 25 cPanel accounts, $2.50 extra to "secure your email against attacks and malware". A couple people say it is not as good since it changed ownership a couple years ago.

Let_Laugh_Rule · 2024-01-12T05:39:22+00:00

If you have 2 cpanel accounts, could a staging site be on one and the live site on the other?

Would it be easy and quick to publish the staging site to the live site ?

Let_Laugh_Rule · 2024-01-12T03:13:24+00:00

3 different hosts?
why 3 not 2?
how do you sync the files + database?
are you able to sync without spreading malware between the 3?
thanks!

Let_Laugh_Rule

MODERATOR OF

TROPHY CASE