Probably many of you know about the existence of the plugin Contact Form 7, with which you can create virtually any form of feedback on sites built on the popular engine WordPress. Plugin Well, lets get all the data entered visitor to your email. But in front of us recently tasked by complicated, it was necessary to do so after the user has entered their data on a wordpress site, he immediately automatically become a subscriber to one of the mailing lists created by the service unisender.com.
Just need - then do it.
So, what we have: a site on wordpress with multiple forms that work through the Contact Form 7, and only two of them have to sign users mailing unisender. And each to his own.
Long gone are the good old days when websites were made on the bare HTML page and weighing several tens of kilobytes. And the Internet was on dial-up.
Pages of modern websites weigh several hundred kilobytes, and often several megabytes. Images, scripts, stylesheets CSS - everything is indispensable attributes of a normal modern site without them in any way. And all this weighs "happiness" is not enough, and every time visitors coming to your site, download it all to your computer. And until the download is complete, the browser page opens.
Consider the method of dealing with this problem by means of a web server Nginx. The bottom line is that we will do 2 things - sozhmёm all static files (scripts, style files) by gzip, and zakeshiruem them with images in the browser cache visitor to every time they are not downloaded from the site and were taken directly from the cache on your computer visitor.
Of such an attack, we have already written, but in recent days they have intensified with incredible force. The essence of the attack is that the bots of passwords to the admin panel of the website. It is dangerous not only because the password sooner or later they still can pick up, but the fact that it was created a pretty decent load on the server.
Since the attacks in recent days have purchased just incredible strength, the server hosts many simply can not withstand such loads exorbitant. Hosters naturally try to cope with this scourge, but it is they do not always work, as the number of bots is huge and firewalls can not cope with so many locks. Therefore, some of them, as a temporary solution to block requests for files wp-login.php to wordpress and administrator / index.php for Joomla.
August 1, 2013 came the critical updates for Joomla second and third versions. Vulnerability affects all previous versions, ie version 2.5.13 and earlier line 2.5.x, and version 3.1.4 and earlier line 3.x.
Most likely vulnerabilities are also prone version 1.6.x and 1.7.x
Vulnerability is the ability to download file an unauthorized user, which will inevitably will lead to the breaking of your site.
Any owner of a website, which provides for the registration of users, or can post comments or sooner or later confronted with this unpleasant phenomenon as an invasion spambots.
If the resource is in the databases of spammers, then start it every day hundreds of registered boats that leave spam messages. Particularly susceptible to the scourge of various online forums. Naturally, site owners are beginning to struggle with this phenomenon, because the problem is not just that much more complicated work on moderating resource, but appears more one unpleasant moment - a significant increase in load on the server, which usually leads to additional costs for the maintenance of the resource .