WordPress Form and Comment Spam

As with security in general, escaping the scourge of WordPress form and content spam requires a layered approach. Here is what works. Databases and Behavioral Anti-Spam The first step is the one that nowadays works the least well. In the beginning we had Akismet, and things got better, but this is an arms race, and ... Read more

Telegram + Trello, Github, WP

Telegram is my favorite go-to chat. Unfortunately people are invested in their use of Facebook messenger, Line, Hangouts, etc., and you have to be where they are to chat with them. I have one guy who is only chatting on the apps I don't use: Facebook and WeChat. Sure, I might see a Facebook chat ... Read more

Widespread Hacking

> This is as true today than it was more than five years ago when first posted. Due to the ongoing hacking of accounts and passwords on popular web services, it is a good time to consider the following suggested security practices. If you feel you do not have the time to deal with this, ... Read more

Cloud Security

A development server recently became compromised, and while this isn't necessarily a good thing, it does raise awareness and provides impetus to strengthen security measures. Access Control A few axioms: Access control is better through certificates (what you have) than passwords (what you know) Two-factor authentication is better than both (what you have + new ... Read more