Archive - Nov 26, 2003

mt vulnerability

MovableType users, there is a security issue that you need to tend to immediately. Here's what you need to do:

  1. Rename, relocate, or simply remove mt-send-entry.cgi. It's a formmail script, so people are using it* to spam other people. Of course, since it's your server that's sending out the Viagra emails, your server is going to be blacklisted when an anti-spam tracker detects it.
  2. (updated, thanks Adam) Add the following to your .htaccess file:
    <Files ~ "\.(ini|inc|tmpl|cfg)">
| |

multiproject boredom syndrome

Kasia Trapszo writes:

... I suppose programming is much like running a long race.. you start out all excited and full of joy, sweat through the middle, force yourself to keep going towards the end and always manage to find that little push to finish looking strong. After that it's just all joy and pride and happy, good feelings...

I find it both uncanny and reassuring that there are people on the other side of this planet with exactly the same kind of thoughts and experiences as me.

|