The mind is not a vessel to be filled, but a fire to be kindled.

Security

Be very, very careful when making changes to your .htaccess file. If you aren’t extremely comfortable with code test this on a development site thoroughly. Some of these options might break some sites and work on others, depending on your server configuration. WordPress creates a .htaccess file during the installation process. Anything […]

.htaccess tips to securing WordPress

March 21, 2016 in Techno Babble by Karsten Pearce

I was in the middle of setting up my developers blog again, and getting everything configured when I lost all connection to it. I contacted my hosting provider and they came back and said: “It looks like you managed to trigger a mod_security rule and get yourself blocked from the server. […]

Mod Security and WordPress

March 10, 2016 in Techno Babble by Karsten Pearce

In the past months I have had clients complain about their websites (all using SSL certificates) loading slowly. During our investigation we discovered that if we disable OCSP on their browsers, the issues goes away. So what is OCSP – it is one of two common schemes for maintaining the […]

Online Certificate Status Protocol Headaches

November 23, 2011 in Techno Babble by Karsten Pearce

I had the pleasure of spending a week trying to fix an issue with one of my sites. We have quarterly security scans on it and this last round they dinged us for not using secure and HTTPOnly cookies. Our server is using J2EE session variables. On ColdFusion 8 there […]

HTTPOnly and Secure Cookies

June 3, 2011 in Techno Babble by Karsten Pearce