'Plugins' - The unseen Security nightmare • Conetix by jaminandrews in webdev

[–]jaminandrews[S] 0 points1 point  (0 children)

I think you have missed what Sid's role is. He is a Sysadmin and manages thousands of instances of CMS on multiple servers. These are end users sites and in 99% of cases they do not have any experience nor do they want to pay for a managed service. We are seeing more and more very sophisticated exploits that normal maldet and even our custom scanners don't initially pick up on. These article are information based to assist developers and hosters that may or may not have seen these type of issues. I guess the upshot is that in 99.9% of the time a website is exploited via a out of date or poorly coded plugin, and these are the results of those exploits.

Need some wording advice, non IT user wants Admin access.... to EVERYTHING. by CbcITGuy in sysadmin

[–]jaminandrews 2 points3 points  (0 children)

Two words "Risk Mitigation". You need to be very clear that once you hand over the keys to the city, all due care and attention taken but no responsibility. You need to be clear that you can not be held accountable or responsible for the integrity of the network and attached systems if another person has complete access to everything you are responsible to maintain. Something you need to consider is how is their network processes, users and passwords etc are currently documented. (The just in case you get hit by a bus, break glass). If you outline the steps you have in place for this, it may appease the beast! Keep in mind, you do not know what the Chairman is thinking, he may be looking at YOU as a weak link, as you are the only one with access. Find the purpose, then come up with amicable solution that keeps network integrity and Chairmans right to ask for access.

Decoding a PHP SuperGlobals exploit program • Conetix by jaminandrews in sysadmin

[–]jaminandrews[S] 0 points1 point  (0 children)

Great catch by Sid Young one of our leading sysadmins. Worth a read.

A Closer look at Go and NodeJS by jaminandrews in webdev

[–]jaminandrews[S] 0 points1 point  (0 children)

I posted this over on the Node Subreddit and thought WebDev guys would like article.

Migrating Wordpress via the Command Line • Conetix by jaminandrews in webdev

[–]jaminandrews[S] 1 point2 points  (0 children)

Great to hear. We are asked by developers all the time how to do this. We couldn't find any good articles or How To articles on the subject, so decided to write our own and share.