We recently had a new client contact us and ask if we could move their sites over to Pantheon so they could do some in-house development work. Of course we can do that for you!
The short answer: Not Vulnerable.
We've been asked by several customers about whether they or we are affected by the recently discovered Bash ShellShock vulnerability. And to the best of our knowledge, we are completely unaffected.
Everybody is writing about Heartbleed this week. The reason? It probably affects more people than any other vulnerability we've ever seen. If you ever log into any web site, anywhere, your password might be revealed -- and that is just the start. The biggest problem?
It goes something like this: (Client): I want to add a shopping cart to my site. I heard that xyz cart is free, can you add that for me? (Developer): Sure! That looks easy. (Months and a couple thousand dollars later): Okay, I think it finally works, and is all hooked up, ready to go.
If there's one thing that's constant in the web world, it's change.
Yesterday Drupal.org got hacked, and potentially all the password hashes on the site fell into malicious hands.
Sometimes bad things happen to good people. And sometimes people get in over their head and need help. At Freelock, we are here to help. If your previous web developer jumped ship and left you high and dry, don’t panic, just pick up the phone and call us for help!
Why do websites get hacked? Websites get hacked for a bunch of different reasons:
At Freelock, we're huge fans of Drupal. But we keep running into customers (or potential customers) who are terrified of it. So here's our take on why.
A question came across the Drupal Developer's list today asking whether Drupal could auto-update itself, like WordPress. As someone who thinks about security a lot, the very thought of this horrifies me.
It's a bad idea for several reasons, but the biggest reason:
That's the essence of a question I got today. And it's not one that can be answered easily, because there's no such thing as a site being "secure." It's not an either/or question, it's really a "how much" type of question. How hot is it today?
Not 2 weeks after my newsletter calling out how people take for granted that nothing bad will happen to their web sites, two of the biggest providers went down yesterday, Amazon and Akamai, in several separate incide
