I needed some simple PHP MySQL CRUD and found www.phpscaffold.com. Perfect!
Oracle tried to buy MySQL. Sun bought MySQL. Oracle buys Sun.
MySQL will become Cinderella with the ugly stepmother Oracle mistreating her.
I’ve been running gld for more than two months now and it is truly efficient. The current statistics say:
# of entries in the database : 16077
# of one hit entries in the database : 15100
Oldest entry in database : 65 days ago
This means that almost 94% of the attempts to send mail through my server are only made once!
Unfortunately Facebook and Google Mail do not play well with greylisting, as attempts that are told Service temporarily unavailable, please try later by greylisting are very likely to be retried from a different IP. I’ve made a little script that scans /var/log/mail.log for such mail servers and add them to the gld whitelist table.
When I got to work and viewed this blog I noticed that Sidebar Widgets was disabled. I thought "That’s weird!"
When I tried to login to the administration interface I was told that my WordPress database needed upgrading. I thought "That’s weird!"
Some further investigation revealed that someone managed to upload a PHP script called ro8kfbsmag.txt (MD5 sum df3b74cd38c717d9d7bbf0cd1910baa1) to my /tmp directory. It starts like this:
/*Magic Include Shell by Mag icq 884888*/
//TODO: ñëèòü ôàéëî íà ñâîé ôòï (!)
This gave me enough information too start googling. A must-read is Detailed Post-Mortem of a Website Hack Through WordPress & How To Protect Your WordPress Blog From Hacking, as it describes a very similar attack. There is also a support thread at wordpress.org: Weird and Dangerous : ro8kfbsmag.txt.
The attack vector on my server looked like this, originating from 18.104.22.168 with HTTP/1.0 as protocol version and "Opera" as User-Agent. I wish I logged POST data!
Needless to say, I have restored a backup and taken certain precautions to prevent this from happening again.
As a follow-up to my post about MySQL support for UTF-8 in PHP, here is the very same information for Ruby on Rails. In Rails it is a simple configuration entry in config/database.yml. I use the development configuration as an example:
development: adapter: mysql database: dev username: dev password: secret socket: /var/run/mysqld/mysqld.sock encoding: UTF8
UTF-8 is obviously configured with the encoding setting. Don’t forget to update the test and production databases too!
Originally published in Swedish in my Folkmun.se Blog, a handy tip to make sure that you are reading and writing UTF-8 when connecting to a MySQL database:
mysql_query("SET NAMES utf8"); mysql_query("SET CHARACTER SET utf8")