Author Archives: vetsin

fail2ban WordPress XMLRPC spammers

Poor SEO scripts kept spamming my wordpress install (via xmlrpc.php) and pegging my CPU. I got annoyed, so now they get banned. The configuration in jail.conf: [apache-xmlrpc] enabled = true port = http,https filter = apache-xmlrpc action = iptables[name=http, port=http, … Continue reading

Posted in uncategorized | Leave a comment

Java URL Pattern Matching Gotchas

Many security features in Java rely on endpoint pattern matching which allow for URL pattern matching bypasses if not careful. Additionally Spring MVC and Spring Security together introduces are a few gotcha’s during implementation. Security Constraint Matching The most basic … Continue reading

Posted in java, webapp | Leave a comment

Compiling iOS Libraries using Theos

If you want to compile a shared library for iOS, particularly for Mobile Substrate, here are some easy enough steps to do it all via CLI. Setup You need Theos installed, normally into /opt/theos. Follow the getting started guide http://iphonedevwiki.net/index.php/Theos/Getting_Started … Continue reading

Posted in iOS, mobile | 3 Comments