Isn’t it interesting that the hackers trying to breach my server, aren’t reading my posts?

Security Updates

I’m happy to report that all security measures integrated so far are being monitored and have proven effective. You should be able to post a comment now, even without signing-up or having to solve puzzles and jump through hoops. And I am almost 100% certain that my blog is NOT about to be bombed with spam, trash talk, pill pushing promos, and dead beats.. well, unless I’m the one posting it!

This is my own server. It’s a 6-core (12 thread) Intel server with 32GB of ECC RAM and 8TB of NVMe storage. It’s not some CLOUD based virtual computer that essentially means you don’t know where the hell your data is and who is looking at it. So when I say in my Privacy Policy that I share my data with no one you better believe that’s true. Not even the data center has access to this box and I like it that way. Backups are over SFTP to remote servers that are also mine, no Cloud crap or Google storage here.

I currently have DDOS mitigation integrated with over 16 fail-safe fall-through IPs spanning multiple zones and about 1.5TB bandwidth.

I’m using ClamAV anti-virus and ConfigServer Security & Firewall.

I’m running Limit Attempts Reloaded, Google reCAPTCHA, and Splorp’s WordPress Comments Blacklist

And just to be on the safe side, for the time being, all posts passing these tests, are queued for moderation before going live.

I’m running reports and monitoring every step along the way and although that probably uses a decent chunk of server resources right now I don’t care, it’s not like the site is so busy that I can’t spare a few CPU cycles for security.

I’ll keep you posted but I think it’s time to move on with CONTENT and in particular, legal policies and disclaimers.

 

Legal Policies & Disclaimers

There was once a time when only developers used the net and you could say pretty much anything about anything (or anyone). Now, just as the CRTC and DOC stepped in to control communications over radio waves, the GOV and censorship groups are telling us what we can say, show, and do on the internet. In the EU it’s actually illegal to run a website without announcing your website uses COOKIES! What kind of idiot thinks that the biggest breeches on the internet are done with cookies? Who could possibly be that simple and still be able to send an email?

Does it make you feel better when a website announces they use cookies, or even gives you the option not to use them – and no matter what you say you already HAVE a cookie?

Cookies are like firecrackers they don’t want kids to play with while they bomb the hell out of countries with Atomic Bombs.

There are legal obligations when you make statements about your data capturing and handling practices because when you post it, it’s like a contract between you and your visitors. So even Google has stated their hesitation to post websites without a Privacy Policy and I have put that to the test.. of course if you buy Google ADs they don’t seem to care but if you want generic ranking, it matters.

So I’ll give you the round-up on the legal crap I’ve prepared for dozens of websites over the years and my version for cyberwip.com next.

I’m sure you can hardly wait! – Kent

 

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *