Category Archives: linux

WordPress – try to lock out hackers

WordPress is really a nice software. I use it for websites and blogs. The problem is that WordPress is so common used in the net that hackers aggressive try to enter your site and inject eval php code. This is really terrible and I suffered some times ago because such a hackers attach against main own web sites.

After all I think two things can help to lock out hackers from wordpress.

1) Wordfence Plugin

The Wordfence Plugin is – in my eyes  – really good software. You should install this plugin to understand if your wordpress is under attack.

2) Protect your directories

The important thing running WordPress is to protect your directories. Never allow the apache server to write into the WordPress instalation directory. I know this is for most people an essential feature because this allows to easily update WordPress, install Plugins and Themes. But this also allows hackers to inject bad php code into your installation. And the most secure way to protect your wordpress installation is to disallow the apache server to write into the installation code.

For Linux servers this means:

In your apache web directory create a folder for your WordPress installation and reduce the directory access to a minimum which means only your own linux user account should be the owner and allowed to change content.

ls -l /var/www/
drwxr-xr-x 5 youraccount youraccount 4096 Apr 16 21:12 wordpress

As you can see the apache user (e.g. www-data) can only read but not change directories. Any changes on the wp-config.php or the installation of plugins or themes can still be made by direct ssh access (in this example) from the user ‘youraccount’.

The only exception could be the wp-content/uploads folder which need to be writable from apache when you try to upload an image.

There are a lot of additional tipps and tricks how to protect your WordPress. But I think protecting the WordPress installation from modification by the apache server is the best way.

‘evbug’ auf die Blacklist setzen

Ich hatte das Problem das mein kern.log file mit Meldungen dieser Art geflutet wurde:

Sep 27 18:07:48 r-ultrabook kernel: [ 380.012332] evbug: Event. Dev: input6, Type: 0, Code: 0, Value: 0
Sep 27 18:07:48 r-ultrabook kernel: [ 380.028334] evbug: Event. Dev: input6, Type: 2, Code: 1, Value: -1
Sep 27 18:07:48 r-ultrabook kernel: [ 380.028343] evbug: Event. Dev: input6, Type: 0, Code: 0, Value: 0
Sep 27 18:07:48 r-ultrabook kernel: [ 380.044419] evbug: Event. Dev: input6, Type: 2, Code: 1, Value: -1
Sep 27 18:07:48 r-ultrabook kernel: [ 380.044430] evbug: Event. Dev: input6, Type: 0, Code: 0, Value: 0

Diese Meldungen werden wohl vom Modul  ‘evbug’ erzeugt und dienen als Debug Information. Das Modul sollte im Normalfall eigentlicht im Kernel geladen werden.

Um nun das Modul abzuschalten kann man es auf die blacklist setzen.

Dazu habe ich die (bei mir noch nicht vorhandene) Datei /etc/modprobe.d/blacklist.conf erstellt und folgenden Inhalt eingetragen:

# This file lists those modules which we don't want to be loaded by
# alias expansion, usually so some other driver will be loaded for the
# device instead.
# evbug is a debug tool that should be loaded explicitly
blacklist evbug

Dies führt dazu das das Modul beim nächsten booten nicht mehr geladen wird und die Meldungen verschwinden.

Debian – systemd

Debian Weezy verwendet in der aktuellen version immer noch den Init-Deamon System-V-init. Dieser kann durch den neueren deamon systemd ersetzt werden. Dieser erlaubt einen schnelleren  Bootvorgang, da beim booten mehrere dienste parallel gestartet werden können:

# apt-get update
# apt-get install systemd


Character encoding de_DE on Linux Debian

On my debian server today I run into a problem with the encoding of XSL templates running on a GlassFish server. The problem was that German characters where not displayed correctly.

After a long time of searching, I figured out that the reason for that problem was not my MySQL database, nor my GlassFish installation. It was simply the missing German language support on my linux debian.

You can test the installed locales with the following command:

locale -a

In my case only ‘en_US.utf8’ was listed.

In debian you can simply add the german language support by changing the file /etc/locale.gen. Simply uncomment the lines:

de_DE ISO-8859-1
de_DE.UTF-8 UTF-8
de_DE@euro ISO-8859-15

and run the command:


After restarting my GlassFish server the xsl transformation works fine with german characters.

The command “locale -a” now displays the following locale: