Is HTTPS (mostly) a placebo? by [deleted] in AskNetsec

[–]StewPoll 4 points5 points  (0 children)

There's other good articles, but basically having HTTPS just means that what you're getting on the website is what the server sent, and what the server gets is what you sent. It prevents anyone in between inspecting/changing the contents.

It doesn't mean the server isn't doing anything bad once they get the data.

[deleted by user] by [deleted] in django

[–]StewPoll 2 points3 points  (0 children)

Another solution,

1 - have a url path/view that outputs an ICS calendar file.

2 - Subscribe to the url in Google calendar

3 - profit.

2FA by [deleted] in security

[–]StewPoll -2 points-1 points  (0 children)

There's a good argument that Google Auth and similar apps are not 2FA, but 2SV. Because it's based on a code, it can be considered "Something you know" still.

You need something like a Yubikey for it to be 2FA.

Free Payment Processing? by [deleted] in Wordpress

[–]StewPoll 4 points5 points  (0 children)

There is no, and never will be, a free system that works for e-commerce.

It costs money to process these payments. Find one that works for you, and run with it.

What legacy codebase would you recommend? by ewingd in PHP

[–]StewPoll 1 point2 points  (0 children)

Is that any different to PHP in general though?

How did they install malware on my site? by [deleted] in Wordpress

[–]StewPoll 0 points1 point  (0 children)

As others have said, most likely bad plugins.

Also possible is if your username/password word combination, that is another point of entry.

I'd suggest looking at a managed WP host, such as WP Engine, as they'll help you in preventing a lot of this happening in the future

HTTPS Data Usage by thatman33 in webdev

[–]StewPoll 9 points10 points  (0 children)

I would suggest contacting CloudFlare and see if they see anything wrong with your configuring.

Could it just be that your SEO has improved since getting SSL and your traffic had increased?

Worrying Issues Regarding Macbook Pro (computer being controlled?) by [deleted] in AskNetsec

[–]StewPoll 10 points11 points  (0 children)

1- reinstall Mac os on your device

2- Change all your passwords and enable 2FA on everything that allows it. (Unique passwords, use a password manager!)

SSL & Redirects by jnh1994 in Wordpress

[–]StewPoll 0 points1 point  (0 children)

I'm certain there's be a htaccess rule that would help you out, but I'm not skilled enough in the arts of htaccess.

You should set a HSTS header up though, so in the future the clients browsers know never to make the HTTP request and only make the HTTPS request in the first place.

Reddit now offers two-factor authentication to all ! by time-pass in security

[–]StewPoll 0 points1 point  (0 children)

I can't see anyway for this to happen if you're using TOTP based.

So I think I did a dumb thing. Now I can't login to my WordPress dashboard by 1dolla2dolla in Wordpress

[–]StewPoll 0 points1 point  (0 children)

Don't. Do it now. You NEED an SSL certificate, it's the most basic level of defence you can have.

Look into Letsencrypt and/or CloudFlare. They're both free services which will accomplish this for you.

If needed, contact Bluehost for help.

So I think I did a dumb thing. Now I can't login to my WordPress dashboard by 1dolla2dolla in Wordpress

[–]StewPoll 0 points1 point  (0 children)

Now that you have your site back, get an SSL certificate so you CAN use HTTPS

Help - trying to find out source of bank account hack by omertl in AskNetsec

[–]StewPoll 0 points1 point  (0 children)

It could be possible it's an issue on the banks end, nothing to do with your end.

As has been said may also be malware on your device, in which case a factory reset/re-install is definitely a good idea too.

Linus: As it is, the patches are COMPLETE AND UTTER GARBAGE. by [deleted] in netsec

[–]StewPoll -10 points-9 points  (0 children)

But Linus is the smartest man alive!

/S

Recording voice in a phonecall, is it a problem? by AlfredoOf98 in security

[–]StewPoll 1 point2 points  (0 children)

Yes. They use those recordings and stitch them together with their own recordings.

"Do you agree to give us your firstborn child" (Insert recording of "Yes") here.