Hi Willi, > On Jul 5, 2024, at 2:44 PM, Wilhelm Spiegl via Freedos-devel > <freedos-devel@lists.sourceforge.net> wrote: > > Nevertheless it is strange to have the second attack within a few months > (mail). I just tested it, you do not come into mailing list if you use an > unknown mail address.
Unfortunately, having a website can be a non-stop security battle with malicious actors. To my understanding, many times the cycle generally goes like this. A security vulnerability is discovered in the content management system. A patch is created for the issue is created and applied. Bad guys see the patch and figure out an exploit. Bad guys use the exploit against sites to spam, attach and insert malware. Hours, days, weeks (or even never), the website maintainer notices there is a patch. Website maintainer finds the time to make sure the patch won’t break their site. Eventually, maintainer applies the patch. Sometimes the bad guys are the ones who discover the problem, sometimes it is a do-gooder. This also occurs with software and operating systems in general. The more popular the product, the more effort those bad guys exert to exploit it before the patch has been deployed. Many times they can be exploiting a vulnerability within minutes of it being discovered. A couple of days is an eternity on the internet. So when you are running your own version of a CMS like MediaWiki, WordPress, Drupal, etc., you really need to constantly monitor and apply those security patches immediately. Although some CMS can update themselves automatically, this is not always the best option either. It can be a “full time job” just running any CMS securely. As a general rule, it is usually much safer to not run one yourself and just let a reliable provider host the CMS for your site. They should be applying any security patches immediately and reducing any window of vulnerability. Running my own servers, you would be amazed by how often it is probed for the vulnerabilities of those popular CMS. It is almost non-stop and my sites are small and unpopular by comparison. I don’t run any of those CMS. My servers either use custom code or my own CMS software. I spent a lot of time and effort into the security aspects of my CMS and servers in general. Things like a “honeypot” system that will immediately ban ip addresses that are looking for a different CMS that has never existed on my server. And much, much more. But, I’m not perfect and there is most likely a security hole somewhere in my personal CMS. But, they are not the same as the big CMS and just not worth a bad guys effort to find them. On top of that, most of my sites are just running custom code and a bad actor cannot log in or post things to them. But, even those have to have measures to prevent them from using specially crafted requests to the server to produce undesired results. All in all, it is a great deal of work running a server. :-) Jerome
_______________________________________________ Freedos-devel mailing list Freedos-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freedos-devel
