Skip to content

Commit 6200071

Browse files
kswanskswans
committed
Update tale2.html
1 parent 14b5d6f commit 6200071

File tree

1 file changed

+5
-7
lines changed

1 file changed

+5
-7
lines changed

tales/tale2.html

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -16,9 +16,9 @@ <h2>Background</h2>
1616
<p> The site was set up on a new development server, dedicated just to Harpers’ dev sites</p>
1717
</section>
1818
<section>
19-
<h2>How It Began </h2>
19+
<h2>How It Began…</h2>
2020

21-
<p class="fragment">On the third day of developing the site, Jeremy, the content manager, was going to set up the content types.</p>
21+
<p class="fragment">On the third day of developing the site, Jeremy, the content manager, was going to set up the content types.</p>
2222

2323
<p class="fragment"> He stopped in horror. The site had porn all over the front page.</p>
2424
<p class="fragment">Jeremy was not happy.</p>
@@ -36,7 +36,7 @@ <h2>What’s Going On?</h2>
3636
</section>
3737

3838
<section>
39-
<h2> Two Days Later </h2>
39+
<h2> Two Days Later…</h2>
4040

4141
<p>Jeremy checked the site again. More porn spam.</p>
4242

@@ -53,8 +53,6 @@ <h2>Jean searched the logs again — and found only the same trusted IP’s.</h2
5353

5454
<p> The scan was clean.</p>
5555

56-
<p> The scan was clean</p>
57-
5856
<p> Jean had no idea what was going on.</p>
5957
</section>
6058

@@ -70,7 +68,7 @@ <h2>Jean did not know</h2>
7068

7169
</section>
7270
<section>
73-
<h2>What Happened </h2>
71+
<h2>What Happened…</h2>
7472
<p> So, it wasn’t a ghost.</p>
7573
<p> Someone had compromised another site on the server.</p>
7674
<p> Using that site, they were able to read settings.php and connect to the new Drupal site's database.</p>
@@ -79,7 +77,7 @@ <h2>What Happened …</h2>
7977
<section>
8078
<h2>Lessons Learned </h2>
8179
<p> Do not allow a single apache instance to access multiple sites. Configure privilege separation. </p>
82-
<p> Apache config is outside the scope of this presentation, but look into suphp, php-fpm and mod-itk </p>
80+
<p> Apache config is outside the scope of this presentation, but look into suphp, php-fpm and mod-itk. </p>
8381
<p> Be careful of using shared hosting without proper configuration.</p>
8482
<p>Don't bring a site back online after a compromise unless you understand how it was hacked, and how to prevent future compromises.</p>
8583
</section>

0 commit comments

Comments
 (0)