New blog post: Drupal CMS: Making the easy stuff easy https://www.freelock.com/blog/john-locke/2025-01/drupal-cms-making-easy-stuff-easy #DrupalCMS #WordPress #Drupal #ContentManagement
"With that, it's launched!"
Dries just announced the launch of #DrupalCMS
@pcambra was a little alarmed to get a login message from drupal.community with someone else's IP address!
Filed an issue: https://github.com/Drupal-Mastodon/mastodon/issues/15
New blog post: 🕵️♂️ Privacy for website owners, and introducing 💧 Drupal CMS https://www.freelock.com/newsletter/privacy-website-owners-and-introducing-drupal-cms #DrupalCMS #Privacy
New blog post: What website owners need to know about Privacy https://www.freelock.com/blog/john-locke/2025-01/what-website-owners-need-know-about-privacy #Privacy #Policies
New blog post: Creating Product Bundles in Drupal Commerce https://www.freelock.com/blog/john-locke/2025-01/creating-product-bundles-drupal-commerce #Drupal #Commerce
New blog post: Ask Freelock: ECA vs Rules https://www.freelock.com/blog/john-locke/2025-01/ask-freelock-eca-vs-rules #Drupal #ECA #Automation #Rules
@neurer Thanks!
So we have a client site that's seeing repeated, spiky DDOS attacks. They're not flooding the bandwidth -- they are hitting slow, uncacheable (search) pages from thousands of IP addresses. In a 20 minute span:
- > 8000 unique IP addresses
- > 1300 unique URLs
- > 400 unique user agent strings
- up to 127 requests per second handled
Anyone else seeing this? Several times per week in the past 3 weeks, lasting ~20 minutes. #DDOS #Security
@neurer Ha looks like it posted from the wrong server, thanks for the poke
New blog post: Privacy Big Picture: 6 ways privacy is changing https://www.freelock.com/blog/john-locke/2025-01/privacy-big-picture-6-ways-privacy-changing #Privacy #Security #Biometric #AI
So I've gotten a few security issue reports from a researcher. The issues are minor, nothing that even triggers a PCI compliance issue. Now he's asking if there's a reward for his findings.
What are other site owners/agencies doing with these types of requests?
The findings were legitimate, and he obviously spent some time detailing the issues, shared before asking for comp. #security #bounty