SlideShare a Scribd company logo

anatomy of a crash

Download as PPTX, PDF
Valerie Forrestal
Valerie Forrestal

detailing a website crash after hacking. how to secure your site against security vulnerabilities. how to recover after a crash/hacking.

TechnologyDesign
1 of 14
valerie forrestal code4libNYC 2013.10.08 the anatomy of a crash
aw, hell. that„s not supposed to do that.
step 1: check your main index file turkish escorts, anyone?
why would someone hack a library website? (it„s not personal)
step 2: send out an email i„m serious. this is a step. because you will get about a thousand emails and phone calls telling you the site is down.
step 3: put up a temp homepage
i used a free css template, but you can use a framework if you‟re feeling fancy • html5boilerplate: http://html5boilerplate.com/ • bootstrap: http://getbootstrap.com/ • foundation: http://foundation.zurb.com/
step 4: check server logs • replace any files that were recently changed (not by you) with backups • the internet tells me this will find files edited in the past 2 days: find . -mtime -2 -type f
step 5: do a clean install • if none of the above fixes work, you‟re probably going to need to reinstall your cms software • this is a problem if you‟ve made a mess of your file structure and have undocumented customizations, so, in the future…
be prepared! • set up your site so that you are able to restore it from scratch with the newest version of the software. don‟t get tied to a particular version! • some best practices…
best practices? • always keep your software up-to-date • keep your customizations modular • keep your site root organized and your subdirectories clean • have clear documentation on how to restore the site from scratch • back up your backups • minimize your use of plugins • have a simple backup site ready to go
versioning
more tips • google “secure … site” and “common … hacks” • http://www.marcofolio.net/joomla/7_tips_to _optimize_joomla_security.html • http://arstechnica.com/security/2013/02/se curing-your-website-a-tough-job-but- someones-got-to-do-it/ • Open Web Application Security Project (OWASP): https://www.owasp.org/
contact valerie forrestal web services librarian college of staten island/CUNY • vforrestal@gmail.com • vforrestal.com • @vforrestal • slides available at: slideshare.net/vforrestal

Recommended

TDD super mondays-june-2014
TDD super mondays-june-2014TDD super mondays-june-2014
TDD super mondays-june-2014Alex Kavanagh
 
How to build webapps with tools
How to build webapps with toolsHow to build webapps with tools
How to build webapps with toolsPasindu Perera
 
Webdriver.io
Webdriver.ioWebdriver.io
Webdriver.ioSteven Noble
 
Automating Software Releases (Dallas/Ft. Worth Perl Mongers 2004)
Automating Software Releases (Dallas/Ft. Worth Perl Mongers 2004)Automating Software Releases (Dallas/Ft. Worth Perl Mongers 2004)
Automating Software Releases (Dallas/Ft. Worth Perl Mongers 2004)brian d foy
 
How I got my First CVE
How I got my First CVE How I got my First CVE
How I got my First CVE nullowaspmumbai
 
How to make your functional tests really quick
How to make your functional tests really quickHow to make your functional tests really quick
How to make your functional tests really quickMikalai Alimenkou
 
Helpful Automation Techniques - Selenium Camp 2014
Helpful Automation Techniques - Selenium Camp 2014Helpful Automation Techniques - Selenium Camp 2014
Helpful Automation Techniques - Selenium Camp 2014Justin Ison
 
2016 - Fail Proof Ways to Run Beautiful Tests Regardless Of Browser Choice
2016 - Fail Proof Ways to Run Beautiful Tests Regardless Of Browser Choice2016 - Fail Proof Ways to Run Beautiful Tests Regardless Of Browser Choice
2016 - Fail Proof Ways to Run Beautiful Tests Regardless Of Browser Choicedevopsdaysaustin
 

Recommended

TDD super mondays-june-2014
TDD super mondays-june-2014TDD super mondays-june-2014
TDD super mondays-june-2014Alex Kavanagh
 
How to build webapps with tools
How to build webapps with toolsHow to build webapps with tools
How to build webapps with toolsPasindu Perera
 
Webdriver.io
Webdriver.ioWebdriver.io
Webdriver.ioSteven Noble
 
Automating Software Releases (Dallas/Ft. Worth Perl Mongers 2004)
Automating Software Releases (Dallas/Ft. Worth Perl Mongers 2004)Automating Software Releases (Dallas/Ft. Worth Perl Mongers 2004)
Automating Software Releases (Dallas/Ft. Worth Perl Mongers 2004)brian d foy
 
How I got my First CVE
How I got my First CVE How I got my First CVE
How I got my First CVE nullowaspmumbai
 
How to make your functional tests really quick
How to make your functional tests really quickHow to make your functional tests really quick
How to make your functional tests really quickMikalai Alimenkou
 
Helpful Automation Techniques - Selenium Camp 2014
Helpful Automation Techniques - Selenium Camp 2014Helpful Automation Techniques - Selenium Camp 2014
Helpful Automation Techniques - Selenium Camp 2014Justin Ison
 
2016 - Fail Proof Ways to Run Beautiful Tests Regardless Of Browser Choice
2016 - Fail Proof Ways to Run Beautiful Tests Regardless Of Browser Choice2016 - Fail Proof Ways to Run Beautiful Tests Regardless Of Browser Choice
2016 - Fail Proof Ways to Run Beautiful Tests Regardless Of Browser Choicedevopsdaysaustin
 
DCAST Meetup - Washington, DC Feb 2016
DCAST Meetup - Washington, DC Feb 2016DCAST Meetup - Washington, DC Feb 2016
DCAST Meetup - Washington, DC Feb 2016Justin Ison
 
Progressive Enhancement using WSGI
Progressive Enhancement using WSGIProgressive Enhancement using WSGI
Progressive Enhancement using WSGIMatthew Wilkes
 
Scaling Selenium
Scaling SeleniumScaling Selenium
Scaling SeleniumNoah Sussman
 
Setup web-application-testing-environment
Setup web-application-testing-environmentSetup web-application-testing-environment
Setup web-application-testing-environmentNabarun Roy
 
Selenium Israel Meetup
Selenium Israel MeetupSelenium Israel Meetup
Selenium Israel MeetupJustin Ison
 
Belfast Selenium Meetup
Belfast Selenium MeetupBelfast Selenium Meetup
Belfast Selenium MeetupJustin Ison
 
Test-Driven Sitecore
Test-Driven SitecoreTest-Driven Sitecore
Test-Driven SitecoreCaitlin Portrie
 
Architecture of automated test cases for legacy applications
Architecture of automated test cases for legacy applicationsArchitecture of automated test cases for legacy applications
Architecture of automated test cases for legacy applicationsMikhail Vasylchenko
 
Saving Time By Testing With Jest
Saving Time By Testing With JestSaving Time By Testing With Jest
Saving Time By Testing With JestBen McCormick
 
Introduction to jest
Introduction to jestIntroduction to jest
Introduction to jestpksjce
 
Azphp phpunit-jenkins
Azphp phpunit-jenkinsAzphp phpunit-jenkins
Azphp phpunit-jenkinsEric Cope
 
Hibernate, how the magic is really done
Hibernate, how the magic is really doneHibernate, how the magic is really done
Hibernate, how the magic is really doneMikalai Alimenkou
 
STAQ Development Manual (Redacted)
STAQ Development Manual (Redacted)STAQ Development Manual (Redacted)
STAQ Development Manual (Redacted)Mike Subelsky
 
Tomer Shiri - A Bug's Life - How to Avoid Production Catastrophes
Tomer Shiri - A Bug's Life - How to Avoid Production CatastrophesTomer Shiri - A Bug's Life - How to Avoid Production Catastrophes
Tomer Shiri - A Bug's Life - How to Avoid Production Catastrophestlv-ios-dev
 
2017 stuysplash-build-tools
2017 stuysplash-build-tools2017 stuysplash-build-tools
2017 stuysplash-build-toolsJeanne Boyarsky
 
How to write better tests with Test Driven Development
How to write better tests with Test Driven DevelopmentHow to write better tests with Test Driven Development
How to write better tests with Test Driven DevelopmentAlex Hoffman
 
Sauce Labs for Visual Studio Team Services & TFS
Sauce Labs for Visual Studio Team Services & TFSSauce Labs for Visual Studio Team Services & TFS
Sauce Labs for Visual Studio Team Services & TFSSauce Labs
 
Ruby Concurrency Realities
Ruby Concurrency RealitiesRuby Concurrency Realities
Ruby Concurrency RealitiesMike Subelsky
 
Selenium and Appium Training from Sauce Labs
Selenium and Appium Training from Sauce LabsSelenium and Appium Training from Sauce Labs
Selenium and Appium Training from Sauce LabsSauce Labs
 
BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...
BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...
BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...JosephTesta9
 
Viewers' advisory slideshow (2011)
Viewers' advisory slideshow (2011)Viewers' advisory slideshow (2011)
Viewers' advisory slideshow (2011)Sights & Sounds Department, Enoch Pratt Free Library
 
Humayun ahmed
Humayun ahmedHumayun ahmed
Humayun ahmedStudent
 

More Related Content

What's hot

DCAST Meetup - Washington, DC Feb 2016
DCAST Meetup - Washington, DC Feb 2016DCAST Meetup - Washington, DC Feb 2016
DCAST Meetup - Washington, DC Feb 2016Justin Ison
 
Progressive Enhancement using WSGI
Progressive Enhancement using WSGIProgressive Enhancement using WSGI
Progressive Enhancement using WSGIMatthew Wilkes
 
Setup web-application-testing-environment
Setup web-application-testing-environmentSetup web-application-testing-environment
Setup web-application-testing-environmentNabarun Roy
 
Selenium Israel Meetup
Selenium Israel MeetupSelenium Israel Meetup
Selenium Israel MeetupJustin Ison
 
Belfast Selenium Meetup
Belfast Selenium MeetupBelfast Selenium Meetup
Belfast Selenium MeetupJustin Ison
 
Architecture of automated test cases for legacy applications
Architecture of automated test cases for legacy applicationsArchitecture of automated test cases for legacy applications
Architecture of automated test cases for legacy applicationsMikhail Vasylchenko
 
Saving Time By Testing With Jest
Saving Time By Testing With JestSaving Time By Testing With Jest
Saving Time By Testing With JestBen McCormick
 
Introduction to jest
Introduction to jestIntroduction to jest
Introduction to jestpksjce
 
Azphp phpunit-jenkins
Azphp phpunit-jenkinsAzphp phpunit-jenkins
Azphp phpunit-jenkinsEric Cope
 
Hibernate, how the magic is really done
Hibernate, how the magic is really doneHibernate, how the magic is really done
Hibernate, how the magic is really doneMikalai Alimenkou
 
STAQ Development Manual (Redacted)
STAQ Development Manual (Redacted)STAQ Development Manual (Redacted)
STAQ Development Manual (Redacted)Mike Subelsky
 
Tomer Shiri - A Bug's Life - How to Avoid Production Catastrophes
Tomer Shiri - A Bug's Life - How to Avoid Production CatastrophesTomer Shiri - A Bug's Life - How to Avoid Production Catastrophes
Tomer Shiri - A Bug's Life - How to Avoid Production Catastrophestlv-ios-dev
 
2017 stuysplash-build-tools
2017 stuysplash-build-tools2017 stuysplash-build-tools
2017 stuysplash-build-toolsJeanne Boyarsky
 
How to write better tests with Test Driven Development
How to write better tests with Test Driven DevelopmentHow to write better tests with Test Driven Development
How to write better tests with Test Driven DevelopmentAlex Hoffman
 
Sauce Labs for Visual Studio Team Services & TFS
Sauce Labs for Visual Studio Team Services & TFSSauce Labs for Visual Studio Team Services & TFS
Sauce Labs for Visual Studio Team Services & TFSSauce Labs
 
Ruby Concurrency Realities
Ruby Concurrency RealitiesRuby Concurrency Realities
Ruby Concurrency RealitiesMike Subelsky
 
Selenium and Appium Training from Sauce Labs
Selenium and Appium Training from Sauce LabsSelenium and Appium Training from Sauce Labs
Selenium and Appium Training from Sauce LabsSauce Labs
 
BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...
BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...
BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...JosephTesta9
 

What's hot (20)

DCAST Meetup - Washington, DC Feb 2016
DCAST Meetup - Washington, DC Feb 2016DCAST Meetup - Washington, DC Feb 2016
DCAST Meetup - Washington, DC Feb 2016
 
Progressive Enhancement using WSGI
Progressive Enhancement using WSGIProgressive Enhancement using WSGI
Progressive Enhancement using WSGI
 
Scaling Selenium
Scaling SeleniumScaling Selenium
Scaling Selenium
 
Setup web-application-testing-environment
Setup web-application-testing-environmentSetup web-application-testing-environment
Setup web-application-testing-environment
 
Selenium Israel Meetup
Selenium Israel MeetupSelenium Israel Meetup
Selenium Israel Meetup
 
Belfast Selenium Meetup
Belfast Selenium MeetupBelfast Selenium Meetup
Belfast Selenium Meetup
 
Test-Driven Sitecore
Test-Driven SitecoreTest-Driven Sitecore
Test-Driven Sitecore
 
Architecture of automated test cases for legacy applications
Architecture of automated test cases for legacy applicationsArchitecture of automated test cases for legacy applications
Architecture of automated test cases for legacy applications
 
Saving Time By Testing With Jest
Saving Time By Testing With JestSaving Time By Testing With Jest
Saving Time By Testing With Jest
 
Introduction to jest
Introduction to jestIntroduction to jest
Introduction to jest
 
Azphp phpunit-jenkins
Azphp phpunit-jenkinsAzphp phpunit-jenkins
Azphp phpunit-jenkins
 
Hibernate, how the magic is really done
Hibernate, how the magic is really doneHibernate, how the magic is really done
Hibernate, how the magic is really done
 
STAQ Development Manual (Redacted)
STAQ Development Manual (Redacted)STAQ Development Manual (Redacted)
STAQ Development Manual (Redacted)
 
Tomer Shiri - A Bug's Life - How to Avoid Production Catastrophes
Tomer Shiri - A Bug's Life - How to Avoid Production CatastrophesTomer Shiri - A Bug's Life - How to Avoid Production Catastrophes
Tomer Shiri - A Bug's Life - How to Avoid Production Catastrophes
 
2017 stuysplash-build-tools
2017 stuysplash-build-tools2017 stuysplash-build-tools
2017 stuysplash-build-tools
 
How to write better tests with Test Driven Development
How to write better tests with Test Driven DevelopmentHow to write better tests with Test Driven Development
How to write better tests with Test Driven Development
 
Sauce Labs for Visual Studio Team Services & TFS
Sauce Labs for Visual Studio Team Services & TFSSauce Labs for Visual Studio Team Services & TFS
Sauce Labs for Visual Studio Team Services & TFS
 
Ruby Concurrency Realities
Ruby Concurrency RealitiesRuby Concurrency Realities
Ruby Concurrency Realities
 
Selenium and Appium Training from Sauce Labs
Selenium and Appium Training from Sauce LabsSelenium and Appium Training from Sauce Labs
Selenium and Appium Training from Sauce Labs
 
BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...
BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...
BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...
 

Viewers also liked

Humayun ahmed
Humayun ahmedHumayun ahmed
Humayun ahmedStudent
 
Clinical laboratory-diagnosis-of-leptospirosis
Clinical laboratory-diagnosis-of-leptospirosisClinical laboratory-diagnosis-of-leptospirosis
Clinical laboratory-diagnosis-of-leptospirosisfateh11
 
Imprimir rep pdf
Imprimir rep pdfImprimir rep pdf
Imprimir rep pdfUNEG
 
4. nto’s 7th
4. nto’s 7th4. nto’s 7th
4. nto’s 7thTania Tefl
 
Capnocytophaga canimorsus
Capnocytophaga canimorsus Capnocytophaga canimorsus
Capnocytophaga canimorsus fateh11
 
Презентация №2.4 – «Буровой инструмент Богомолова»
Презентация №2.4 – «Буровой инструмент Богомолова»Презентация №2.4 – «Буровой инструмент Богомолова»
Презентация №2.4 – «Буровой инструмент Богомолова»Igor Golovin
 
Valvula de-controbalance
Valvula de-controbalanceValvula de-controbalance
Valvula de-controbalancesadatiel
 
Importancia de las tics en la educación
Importancia de las tics en la educaciónImportancia de las tics en la educación
Importancia de las tics en la educaciónmayrae24
 
Xcode 7 の新しいところ #cm_ios9
Xcode 7 の新しいところ #cm_ios9Xcode 7 の新しいところ #cm_ios9
Xcode 7 の新しいところ #cm_ios9Tomohiro Kumagai
 

Viewers also liked (20)

Viewers' advisory slideshow (2011)
Viewers' advisory slideshow (2011)Viewers' advisory slideshow (2011)
Viewers' advisory slideshow (2011)
 
Humayun ahmed
Humayun ahmedHumayun ahmed
Humayun ahmed
 
Obituary fys
Obituary fysObituary fys
Obituary fys
 
Guía 1
Guía 1Guía 1
Guía 1
 
Estrés
EstrésEstrés
Estrés
 
La Familia
La FamiliaLa Familia
La Familia
 
Clinical laboratory-diagnosis-of-leptospirosis
Clinical laboratory-diagnosis-of-leptospirosisClinical laboratory-diagnosis-of-leptospirosis
Clinical laboratory-diagnosis-of-leptospirosis
 
Condandlogic
CondandlogicCondandlogic
Condandlogic
 
Imprimir rep pdf
Imprimir rep pdfImprimir rep pdf
Imprimir rep pdf
 
Ficha 1
Ficha 1Ficha 1
Ficha 1
 
4. nto’s 7th
4. nto’s 7th4. nto’s 7th
4. nto’s 7th
 
Capnocytophaga canimorsus
Capnocytophaga canimorsus Capnocytophaga canimorsus
Capnocytophaga canimorsus
 
Презентация №2.4 – «Буровой инструмент Богомолова»
Презентация №2.4 – «Буровой инструмент Богомолова»Презентация №2.4 – «Буровой инструмент Богомолова»
Презентация №2.4 – «Буровой инструмент Богомолова»
 
Ecuaciones de Primer Grado
Ecuaciones de Primer GradoEcuaciones de Primer Grado
Ecuaciones de Primer Grado
 
Valvula de-controbalance
Valvula de-controbalanceValvula de-controbalance
Valvula de-controbalance
 
Tejido nervioso
Tejido nerviosoTejido nervioso
Tejido nervioso
 
Numeros Resales y Operaciones Basicas
Numeros Resales y Operaciones BasicasNumeros Resales y Operaciones Basicas
Numeros Resales y Operaciones Basicas
 
Importancia de las tics en la educación
Importancia de las tics en la educaciónImportancia de las tics en la educación
Importancia de las tics en la educación
 
Xcode 7 の新しいところ #cm_ios9
Xcode 7 の新しいところ #cm_ios9Xcode 7 の新しいところ #cm_ios9
Xcode 7 の新しいところ #cm_ios9
 
Export gel candles
Export gel candlesExport gel candles
Export gel candles
 

Similar to anatomy of a crash

WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security EssentialsAngela Bowman
 
EECI 2010: Upgrading to EE 2
EECI 2010: Upgrading to EE 2EECI 2010: Upgrading to EE 2
EECI 2010: Upgrading to EE 2ryanirelan
 
Web hacking series part 3
Web hacking series part 3Web hacking series part 3
Web hacking series part 3Aditya Kamat
 
Http to Https Get your WordPress website Compliant!
Http to Https Get your WordPress website Compliant!Http to Https Get your WordPress website Compliant!
Http to Https Get your WordPress website Compliant!Lynn Dye
 
The moment my site got hacked
The moment my site got hackedThe moment my site got hacked
The moment my site got hackedMarko Heijnen
 
WordPress Setup and Security - WordCamp, Charleston 2014
WordPress Setup and Security - WordCamp, Charleston 2014WordPress Setup and Security - WordCamp, Charleston 2014
WordPress Setup and Security - WordCamp, Charleston 2014Michael Carnell
 
Advanced Error Handling Strategies for ColdFusion
Advanced Error Handling Strategies for ColdFusion Advanced Error Handling Strategies for ColdFusion
Advanced Error Handling Strategies for ColdFusion Mary Jo Sminkey
 
Your Site Has Been Hacked, Now What?
Your Site Has Been Hacked, Now What?Your Site Has Been Hacked, Now What?
Your Site Has Been Hacked, Now What?Michele Butcher-Jones
 
macOS Vulnerabilities Hiding in Plain Sight
macOS Vulnerabilities Hiding in Plain SightmacOS Vulnerabilities Hiding in Plain Sight
macOS Vulnerabilities Hiding in Plain SightCsaba Fitzl
 
Troubleshooting: The Two Laws - IXIASOFT User Conference 2016
Troubleshooting: The Two Laws - IXIASOFT User Conference 2016Troubleshooting: The Two Laws - IXIASOFT User Conference 2016
Troubleshooting: The Two Laws - IXIASOFT User Conference 2016IXIASOFT
 
Cross-platform logging and analytics
Cross-platform logging and analyticsCross-platform logging and analytics
Cross-platform logging and analyticsDrew Crawford
 
Modern websites in 2020 and Joomla
Modern websites in 2020 and JoomlaModern websites in 2020 and Joomla
Modern websites in 2020 and JoomlaGeorge Wilson
 
Abraham aranguren. legal and efficient web app testing without permission
Abraham aranguren. legal and efficient web app testing without permissionAbraham aranguren. legal and efficient web app testing without permission
Abraham aranguren. legal and efficient web app testing without permissionYury Chemerkin
 
Architecting Reliability and Visibility into Integrations at Airbnb
Architecting Reliability and Visibility into Integrations at Airbnb Architecting Reliability and Visibility into Integrations at Airbnb
Architecting Reliability and Visibility into Integrations at Airbnb MuleSoft
 

Similar to anatomy of a crash (20)

WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security Essentials
 
EECI 2010: Upgrading to EE 2
EECI 2010: Upgrading to EE 2EECI 2010: Upgrading to EE 2
EECI 2010: Upgrading to EE 2
 
First app
First appFirst app
First app
 
Web hacking series part 3
Web hacking series part 3Web hacking series part 3
Web hacking series part 3
 
Confidence web
Confidence webConfidence web
Confidence web
 
Http to Https Get your WordPress website Compliant!
Http to Https Get your WordPress website Compliant!Http to Https Get your WordPress website Compliant!
Http to Https Get your WordPress website Compliant!
 
The moment my site got hacked
The moment my site got hackedThe moment my site got hacked
The moment my site got hacked
 
Rails scaling
Rails scalingRails scaling
Rails scaling
 
WordPress Setup and Security - WordCamp, Charleston 2014
WordPress Setup and Security - WordCamp, Charleston 2014WordPress Setup and Security - WordCamp, Charleston 2014
WordPress Setup and Security - WordCamp, Charleston 2014
 
Advanced Error Handling Strategies for ColdFusion
Advanced Error Handling Strategies for ColdFusion Advanced Error Handling Strategies for ColdFusion
Advanced Error Handling Strategies for ColdFusion
 
Git Makes Me Angry Inside
Git Makes Me Angry InsideGit Makes Me Angry Inside
Git Makes Me Angry Inside
 
Your Site Has Been Hacked, Now What?
Your Site Has Been Hacked, Now What?Your Site Has Been Hacked, Now What?
Your Site Has Been Hacked, Now What?
 
macOS Vulnerabilities Hiding in Plain Sight
macOS Vulnerabilities Hiding in Plain SightmacOS Vulnerabilities Hiding in Plain Sight
macOS Vulnerabilities Hiding in Plain Sight
 
Troubleshooting: The Two Laws - IXIASOFT User Conference 2016
Troubleshooting: The Two Laws - IXIASOFT User Conference 2016Troubleshooting: The Two Laws - IXIASOFT User Conference 2016
Troubleshooting: The Two Laws - IXIASOFT User Conference 2016
 
Cross-platform logging and analytics
Cross-platform logging and analyticsCross-platform logging and analytics
Cross-platform logging and analytics
 
Modern websites in 2020 and Joomla
Modern websites in 2020 and JoomlaModern websites in 2020 and Joomla
Modern websites in 2020 and Joomla
 
Abraham aranguren. legal and efficient web app testing without permission
Abraham aranguren. legal and efficient web app testing without permissionAbraham aranguren. legal and efficient web app testing without permission
Abraham aranguren. legal and efficient web app testing without permission
 
Migrating big data
Migrating big dataMigrating big data
Migrating big data
 
CSS 201
CSS 201CSS 201
CSS 201
 
Architecting Reliability and Visibility into Integrations at Airbnb
Architecting Reliability and Visibility into Integrations at Airbnb Architecting Reliability and Visibility into Integrations at Airbnb
Architecting Reliability and Visibility into Integrations at Airbnb
 

Recently uploaded

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 

Recently uploaded (20)

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 

anatomy of a crash

  • 2. aw, hell. that„s not supposed to do that.
  • 3. step 1: check your main index file turkish escorts, anyone?
  • 4. why would someone hack a library website? (it„s not personal)
  • 5. step 2: send out an email i„m serious. this is a step. because you will get about a thousand emails and phone calls telling you the site is down.
  • 6. step 3: put up a temp homepage
  • 7. i used a free css template, but you can use a framework if you‟re feeling fancy • html5boilerplate: http://html5boilerplate.com/ • bootstrap: http://getbootstrap.com/ • foundation: http://foundation.zurb.com/
  • 8. step 4: check server logs • replace any files that were recently changed (not by you) with backups • the internet tells me this will find files edited in the past 2 days: find . -mtime -2 -type f
  • 9. step 5: do a clean install • if none of the above fixes work, you‟re probably going to need to reinstall your cms software • this is a problem if you‟ve made a mess of your file structure and have undocumented customizations, so, in the future…
  • 10. be prepared! • set up your site so that you are able to restore it from scratch with the newest version of the software. don‟t get tied to a particular version! • some best practices…
  • 11. best practices? • always keep your software up-to-date • keep your customizations modular • keep your site root organized and your subdirectories clean • have clear documentation on how to restore the site from scratch • back up your backups • minimize your use of plugins • have a simple backup site ready to go
  • 13. more tips • google “secure … site” and “common … hacks” • http://www.marcofolio.net/joomla/7_tips_to _optimize_joomla_security.html • http://arstechnica.com/security/2013/02/se curing-your-website-a-tough-job-but- someones-got-to-do-it/ • Open Web Application Security Project (OWASP): https://www.owasp.org/
  • 14. contact valerie forrestal web services librarian college of staten island/CUNY • vforrestal@gmail.com • vforrestal.com • @vforrestal • slides available at: slideshare.net/vforrestal