From accessd at shaw.ca Sun Sep 2 06:08:34 2018 From: accessd at shaw.ca (Jim Lawrence) Date: Sun, 2 Sep 2018 05:08:34 -0600 (MDT) Subject: [dba-Tech] How to list the files created today? In-Reply-To: <5B89D14D.20887.3E3E42E0@stuart.lexacorp.com.pg> References: <20180831100237.86c3debdd1c3983866efe200e2feb95f.3bbd050867.wbe@email25.godaddy.com> <5B89D14D.20887.3E3E42E0@stuart.lexacorp.com.pg> Message-ID: <812912071.392177846.1535886514447.JavaMail.zimbra@shaw.ca> I have been using a product called FSearch for a couple of years. I have never seen an app that could search 500K records instantaneously, across a network. Interestingly it was built by a fellow after he had seen "Everything": https://www.omgubuntu.co.uk/2016/10/fsearch-fast-file-search-tool-linux ...and... https://github.com/cboxdoerfer/fsearch Jim ----- Original Message ----- From: "stuart" To: "rockysmolin" , "Discussion of Hardware and Software issues" Sent: Friday, August 31, 2018 4:37:49 PM Subject: Re: [dba-Tech] How to list the files created today? Another vote for Everything. +1 On 31 Aug 2018 at 10:02, RockySmolin at bchacc.com wrote: > > > > I have been using Everytging from voidtools, couldn?nt get through a > day without using it 2-3 times at least. Strongly recommend it. It > will do what you want and much more. And instant results. > > > r > -------- Original Message -------- > Subject: [dba-Tech] How to list the files created today? > From: Arthur Fuller > Date: Fri, August 31, 2018 9:04 am > To: Discussion of Hardware and Software issues > > > Does anyone have an idea for how to do this? I save dozens of files > daily, in various directories, to the point where I forget what I've > saved and where I've saved them. Is there some magic bat or cmd file I > could run to refresh my failing memory? > > -- > Arthur > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From accessd at shaw.ca Sat Sep 8 17:42:09 2018 From: accessd at shaw.ca (Jim Lawrence) Date: Sat, 8 Sep 2018 16:42:09 -0600 (MDT) Subject: [dba-Tech] How to fix your Windows computer In-Reply-To: <1488479641.280166621.1534180702135.JavaMail.zimbra@shaw.ca> References: <976E500DD0AF35409874A413967BFAECA0B204E3@EX2K10-MBX5.ads.qub.ac.uk> <193233447.226880750.1533322379350.JavaMail.zimbra@shaw.ca> <666457984.229445128.1533363272973.JavaMail.zimbra@shaw.ca> <774454008.246952573.1533660876765.JavaMail.zimbra@shaw.ca> <1836330607.246959063.1533660999710.JavaMail.zimbra@shaw.ca> <2031385306.247013067.1533661818763.JavaMail.zimbra@shaw.ca> <631302159.272711396.1534058754971.JavaMail.zimbra@shaw.ca> <1488479641.280166621.1534180702135.JavaMail.zimbra@shaw.ca> Message-ID: <325034159.431481203.1536446529155.JavaMail.zimbra@shaw.ca> If your Windows computer is toasted or borked just use a Ubuntu 18.04 Linux boot CD or USB stick. Boot up via the media, select "live" mode, which runs a full version of Ubuntu in memory and the start the recovery. >From this position a corrupted disk can be repaired, a boot track fixed, drivers added, passwords changed and so on. Below is a link giving instructions on how to solve a couple of Windows issues...and it doesn't cost a fortune or proprietary software. https://www.pcworld.com/article/2147063/linux-to-the-rescue-how-ubuntu-can-help-a-computer-in-distress.html http://bit.ly/2Nv2Q0S Jim From stuart at lexacorp.com.pg Sat Sep 8 20:59:34 2018 From: stuart at lexacorp.com.pg (Stuart McLachlan) Date: Sun, 09 Sep 2018 11:59:34 +1000 Subject: [dba-Tech] How to fix your Windows computer In-Reply-To: <325034159.431481203.1536446529155.JavaMail.zimbra@shaw.ca> References: <976E500DD0AF35409874A413967BFAECA0B204E3@EX2K10-MBX5.ads.qub.ac.uk>, <1488479641.280166621.1534180702135.JavaMail.zimbra@shaw.ca>, <325034159.431481203.1536446529155.JavaMail.zimbra@shaw.ca> Message-ID: <5B947E86.14032.232B8992@stuart.lexacorp.com.pg> I prefer to use Hiren's On 8 Sep 2018 at 16:42, Jim Lawrence wrote: > If your Windows computer is toasted or borked just use a Ubuntu 18.04 > Linux boot CD or USB stick. Boot up via the media, select "live" mode, > which runs a full version of Ubuntu in memory and the start the > recovery. > > From this position a corrupted disk can be repaired, a boot track > fixed, drivers added, passwords changed and so on. Below is a link > giving instructions on how to solve a couple of Windows issues...and > it doesn't cost a fortune or proprietary software. > > https://www.pcworld.com/article/2147063/linux-to-the-rescue-how-ubuntu > -can-help-a-computer-in-distress.html http://bit.ly/2Nv2Q0S > > Jim > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > From accessd at shaw.ca Sat Sep 8 23:14:51 2018 From: accessd at shaw.ca (Jim Lawrence) Date: Sat, 8 Sep 2018 22:14:51 -0600 (MDT) Subject: [dba-Tech] How to fix your Windows computer In-Reply-To: <5B947E86.14032.232B8992@stuart.lexacorp.com.pg> References: <976E500DD0AF35409874A413967BFAECA0B204E3@EX2K10-MBX5.ads.qub.ac.uk> <1488479641.280166621.1534180702135.JavaMail.zimbra@shaw.ca> <325034159.431481203.1536446529155.JavaMail.zimbra@shaw.ca> <5B947E86.14032.232B8992@stuart.lexacorp.com.pg> Message-ID: <1986718276.432673009.1536466491535.JavaMail.zimbra@shaw.ca> Hi Stuart: It sounds like an excellent product. I have used many of the apps individually that are included in this master collection. Jim ----- Original Message ----- From: "stuart" To: "Discussion of Hardware and Software issues" Sent: Saturday, September 8, 2018 6:59:34 PM Subject: Re: [dba-Tech] How to fix your Windows computer I prefer to use Hiren's On 8 Sep 2018 at 16:42, Jim Lawrence wrote: > If your Windows computer is toasted or borked just use a Ubuntu 18.04 > Linux boot CD or USB stick. Boot up via the media, select "live" mode, > which runs a full version of Ubuntu in memory and the start the > recovery. > > From this position a corrupted disk can be repaired, a boot track > fixed, drivers added, passwords changed and so on. Below is a link > giving instructions on how to solve a couple of Windows issues...and > it doesn't cost a fortune or proprietary software. > > https://www.pcworld.com/article/2147063/linux-to-the-rescue-how-ubuntu > -can-help-a-computer-in-distress.html http://bit.ly/2Nv2Q0S > > Jim > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From accessd at shaw.ca Tue Sep 18 00:30:10 2018 From: accessd at shaw.ca (Jim Lawrence) Date: Mon, 17 Sep 2018 23:30:10 -0600 (MDT) Subject: [dba-Tech] Encryption In-Reply-To: <1986718276.432673009.1536466491535.JavaMail.zimbra@shaw.ca> References: <976E500DD0AF35409874A413967BFAECA0B204E3@EX2K10-MBX5.ads.qub.ac.uk> <1488479641.280166621.1534180702135.JavaMail.zimbra@shaw.ca> <325034159.431481203.1536446529155.JavaMail.zimbra@shaw.ca> <5B947E86.14032.232B8992@stuart.lexacorp.com.pg> <1986718276.432673009.1536466491535.JavaMail.zimbra@shaw.ca> Message-ID: <358589427.487524108.1537248610704.JavaMail.zimbra@shaw.ca> The question has been posed that when Quantum Computers finally become operation encryption and privacy as we know will be over. Fortunately, this is not the case. There have been some huge strides in encryption technology and when quantum computing becomes common the world will still have security. What is Quantum computing and how will it impact us: https://www.cryptomathic.com/news-events/blog/quantum-computing-and-its-impact-on-cryptography Will quantum computing break all encryption?: https://www.quantamagazine.org/why-quantum-computers-might-not-break-cryptography-20170515/ Resistance is not futile: https://wire.com/blog/post-quantum-resistance-wire/ A few of the many projects making better encryption: https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions In summary; by the time quantum computing is being used by governments and other criminals, to freely monitor all, there will be another impregnable wall of Post-Quantum-Cryptography. Jim From fuller.artful at gmail.com Tue Sep 18 19:25:54 2018 From: fuller.artful at gmail.com (Arthur Fuller) Date: Wed, 19 Sep 2018 00:25:54 +0000 Subject: [dba-Tech] WordPress Question(s) Message-ID: I've tried several times to create the WP blog of my desire, and failed miserably 100% of the time. So my first question is, How can I delete my failed attempts? There are several, with slightly different names, and I'd like to nuke them all and start over. How can I accomplish this? 2. I have sketched (in text) an outline of precisely what I intend the blog to look like; it's possible that I misunderstand the concept of a blog, and that maybe what I ought to be creating is a website rather than a blog. 3. I'm feeling totally overwhelmed by WP, and maybe I'm starting off with a goal far beyond my capabilities, but given that I have an outline and a concept of the home page, I don't know how to proceed from my text outline to the result, and frankly find the WP UI confusing and a tad intimidating. 4. I chose to do this is WP because the desired result will be primarily text (perhaps with graphics within said text). I think of The New York Review of Books as my model; a Front Page listing the latest posts, buttons narrowing the posts by subject (i.e. physics, politics, film), and so on. 5. I'm having trouble distinguishing when I'm logging on as Admin or Reader, and need some help with this. 6. Perhaps my initial mistake was my decision to create a blog rather than a site. The more I consider this, the more I gravitate toward the position that my initial mistake was to think of my intention as a blog, but perhaps I'm underestimating the capabilities of a blog, or perhaps not. I want to wake up and write something(s) each morning, and categorize those writings, and have them easily searched into the previous writings, and for any interested readers to post. In sum, I have a pretty solid idea what I intend, but am having massive difficulties getting from Here to There. Suggestions, pointers to relevant tutorials, etc. would be most welcome. Maybe I should begin with something less ambitious? But that returns us to Question 1: how to destroy failed attempts easily? That would enable me to start anew, and not occupy the WP space with my abortive attempts. -- Arthur From rockysmolin at bchacc.com Wed Sep 19 09:42:51 2018 From: rockysmolin at bchacc.com (Rocky Smolin) Date: Wed, 19 Sep 2018 07:42:51 -0700 Subject: [dba-Tech] Trying to unsubscribe Message-ID: <002601d45027$0af51ed0$20df5c70$@bchacc.com> I keep the amount of spam coming to my mailbox by unsubscribing pretty diligently. Lately though I've been getting spammed where the To address is odd looking - not my address - yet it's still getting to me. Got one today from a company touting me on gold for my IRA. The to address is 44780wfs41523b8v2m7 at j328ptp.submu.win Somehow I think pasting that in the unsubscribe box is not going to do the trick. But what up with that? Rocky Smolin Beach Access Software 760-683-5777 www.bchacc.com www.e-z-mrp.com Skype: rocky.smolin From accessd at shaw.ca Wed Sep 19 09:44:08 2018 From: accessd at shaw.ca (Jim Lawrence) Date: Wed, 19 Sep 2018 08:44:08 -0600 (MDT) Subject: [dba-Tech] WordPress Question(s) In-Reply-To: References: Message-ID: <1720801223.496081924.1537368248666.JavaMail.zimbra@shaw.ca> Hi Arthur: The questions you are asking could fill a book but... If you want to have a operational Word Press and you haven't installed it before or not for a long time, I would search out a step by step installation guide, follow it and get a basic instance running before getting fancy. Every new install should over-right previously failed installs so that shouldn't be a problem. If your WP, is going to be a forward facing application, with input fields, check out a security guide as there are so many "holes" a scrip kiddie can hack or more accurately walk through. After, everything has been tested then you can start coding in or downloading various GUI layouts along their associated features. HTH Jim ----- Original Message ----- From: "Arthur Fuller" To: "Discussion of Hardware and Software issues" Sent: Tuesday, September 18, 2018 5:25:54 PM Subject: [dba-Tech] WordPress Question(s) I've tried several times to create the WP blog of my desire, and failed miserably 100% of the time. So my first question is, How can I delete my failed attempts? There are several, with slightly different names, and I'd like to nuke them all and start over. How can I accomplish this? 2. I have sketched (in text) an outline of precisely what I intend the blog to look like; it's possible that I misunderstand the concept of a blog, and that maybe what I ought to be creating is a website rather than a blog. 3. I'm feeling totally overwhelmed by WP, and maybe I'm starting off with a goal far beyond my capabilities, but given that I have an outline and a concept of the home page, I don't know how to proceed from my text outline to the result, and frankly find the WP UI confusing and a tad intimidating. 4. I chose to do this is WP because the desired result will be primarily text (perhaps with graphics within said text). I think of The New York Review of Books as my model; a Front Page listing the latest posts, buttons narrowing the posts by subject (i.e. physics, politics, film), and so on. 5. I'm having trouble distinguishing when I'm logging on as Admin or Reader, and need some help with this. 6. Perhaps my initial mistake was my decision to create a blog rather than a site. The more I consider this, the more I gravitate toward the position that my initial mistake was to think of my intention as a blog, but perhaps I'm underestimating the capabilities of a blog, or perhaps not. I want to wake up and write something(s) each morning, and categorize those writings, and have them easily searched into the previous writings, and for any interested readers to post. In sum, I have a pretty solid idea what I intend, but am having massive difficulties getting from Here to There. Suggestions, pointers to relevant tutorials, etc. would be most welcome. Maybe I should begin with something less ambitious? But that returns us to Question 1: how to destroy failed attempts easily? That would enable me to start anew, and not occupy the WP space with my abortive attempts. -- Arthur _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From accessd at shaw.ca Wed Sep 19 12:17:32 2018 From: accessd at shaw.ca (Jim Lawrence) Date: Wed, 19 Sep 2018 11:17:32 -0600 (MDT) Subject: [dba-Tech] Trying to unsubscribe In-Reply-To: <002601d45027$0af51ed0$20df5c70$@bchacc.com> References: <002601d45027$0af51ed0$20df5c70$@bchacc.com> Message-ID: <297863552.496914951.1537377452596.JavaMail.zimbra@shaw.ca> When a site or pop-up appears and I am unsure of it origins, I just right-mouse-click and select "View Page Source" or + "u". Generally a quick scan reveals any code that directs or posts input data out then, if curious follow it or check the destination's particulars. I tend to use the resources of some site like: https://whois.domaintools.com/ If more specific info is required and your using Firefox, just right-mouse-click the element in question and select "Inspect Element" from the pop-down menu. From there you can do a full inspection on the selected element or anything else related to in the site; styles, style editors, debugger, performance, memory, data sources, any activity, warning on if a site has links to non "https" locations etc etc... Also pay attention to the list of site errors and further explanations (anything from coding errors to cross-platform jumps). If I was concerned about the "To" address, in your case, I would just call up "GoDaddy" and ask. It may be legit after all or it may imply that someone has hacked and/or stolen some of their code for nefarious reasons. Jim PS It might be worth your while to upgrade your business sites from "http" to "https". I am sure your website hosts can do that (unless you rolled your own). It wouldn't be long before all "http" sites will come up with a warning screen to all your site viewers. ----- Original Message ----- From: "rockysmolin" To: "Discussion of Hardware and Software issues" Sent: Wednesday, September 19, 2018 7:42:51 AM Subject: [dba-Tech] Trying to unsubscribe I keep the amount of spam coming to my mailbox by unsubscribing pretty diligently. Lately though I've been getting spammed where the To address is odd looking - not my address - yet it's still getting to me. Got one today from a company touting me on gold for my IRA. The to address is 44780wfs41523b8v2m7 at j328ptp.submu.win Somehow I think pasting that in the unsubscribe box is not going to do the trick. But what up with that? Rocky Smolin Beach Access Software 760-683-5777 www.bchacc.com www.e-z-mrp.com Skype: rocky.smolin _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From rockysmolin at bchacc.com Wed Sep 19 12:46:16 2018 From: rockysmolin at bchacc.com (Rocky Smolin) Date: Wed, 19 Sep 2018 10:46:16 -0700 Subject: [dba-Tech] Trying to unsubscribe In-Reply-To: <297863552.496914951.1537377452596.JavaMail.zimbra@shaw.ca> References: <002601d45027$0af51ed0$20df5c70$@bchacc.com> <297863552.496914951.1537377452596.JavaMail.zimbra@shaw.ca> Message-ID: <007201d45040$aaa97bb0$fffc7310$@bchacc.com> Thanks Jim r -----Original Message----- From: dba-Tech [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Jim Lawrence Sent: Wednesday, September 19, 2018 10:18 AM To: Discussion of Hardware and Software issues Subject: Re: [dba-Tech] Trying to unsubscribe When a site or pop-up appears and I am unsure of it origins, I just right-mouse-click and select "View Page Source" or + "u". Generally a quick scan reveals any code that directs or posts input data out then, if curious follow it or check the destination's particulars. I tend to use the resources of some site like: https://whois.domaintools.com/ If more specific info is required and your using Firefox, just right-mouse-click the element in question and select "Inspect Element" from the pop-down menu. From there you can do a full inspection on the selected element or anything else related to in the site; styles, style editors, debugger, performance, memory, data sources, any activity, warning on if a site has links to non "https" locations etc etc... Also pay attention to the list of site errors and further explanations (anything from coding errors to cross-platform jumps). If I was concerned about the "To" address, in your case, I would just call up "GoDaddy" and ask. It may be legit after all or it may imply that someone has hacked and/or stolen some of their code for nefarious reasons. Jim PS It might be worth your while to upgrade your business sites from "http" to "https". I am sure your website hosts can do that (unless you rolled your own). It wouldn't be long before all "http" sites will come up with a warning screen to all your site viewers. ----- Original Message ----- From: "rockysmolin" To: "Discussion of Hardware and Software issues" Sent: Wednesday, September 19, 2018 7:42:51 AM Subject: [dba-Tech] Trying to unsubscribe I keep the amount of spam coming to my mailbox by unsubscribing pretty diligently. Lately though I've been getting spammed where the To address is odd looking - not my address - yet it's still getting to me. Got one today from a company touting me on gold for my IRA. The to address is 44780wfs41523b8v2m7 at j328ptp.submu.win Somehow I think pasting that in the unsubscribe box is not going to do the trick. But what up with that? Rocky Smolin Beach Access Software 760-683-5777 www.bchacc.com www.e-z-mrp.com Skype: rocky.smolin _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From stuart at lexacorp.com.pg Wed Sep 19 16:08:29 2018 From: stuart at lexacorp.com.pg (Stuart McLachlan) Date: Thu, 20 Sep 2018 07:08:29 +1000 Subject: [dba-Tech] WordPress Question(s) In-Reply-To: <1720801223.496081924.1537368248666.JavaMail.zimbra@shaw.ca> References: , <1720801223.496081924.1537368248666.JavaMail.zimbra@shaw.ca> Message-ID: <5BA2BACD.24096.3BC2CAE@stuart.lexacorp.com.pg> It sounded as thought Arther was not *installng* Wordpress. He apparently has created a number of Wordpress.com hosted sites. On 19 Sep 2018 at 8:44, Jim Lawrence wrote: > Hi Arthur: > > The questions you are asking could fill a book but... > > If you want to have a operational Word Press and you haven't installed > it before or not for a long time, I would search out a step by step > installation guide, follow it and get a basic instance running before > getting fancy. > > Every new install should over-right previously failed installs so that > shouldn't be a problem. If your WP, is going to be a forward facing > application, with input fields, check out a security guide as there > are so many "holes" a scrip kiddie can hack or more accurately walk > through. > > After, everything has been tested then you can start coding in or > downloading various GUI layouts along their associated features. > From stuart at lexacorp.com.pg Wed Sep 19 16:10:28 2018 From: stuart at lexacorp.com.pg (Stuart McLachlan) Date: Thu, 20 Sep 2018 07:10:28 +1000 Subject: [dba-Tech] Trying to unsubscribe In-Reply-To: <002601d45027$0af51ed0$20df5c70$@bchacc.com> References: <002601d45027$0af51ed0$20df5c70$@bchacc.com> Message-ID: <5BA2BB44.27016.3BDFDD1@stuart.lexacorp.com.pg> The "To: " address can contain anything the orignator wants to put there. It is not used for email routing. Spammers do use it for tracking, especially when people paste it into unsubscribe links. Unsubscribing from spam emails is a big mistake. In the majority of cases it just confirms that you are reading their spam and gets you on more spammers lists! Never unsubscribe unless it is something you have actually subscribed to. On 19 Sep 2018 at 7:42, Rocky Smolin wrote: > I keep the amount of spam coming to my mailbox by unsubscribing pretty > diligently. Lately though I've been getting spammed where the To > address is odd looking - not my address - yet it's still getting to > me. Got one today from a company touting me on gold for my IRA. The > to address is > > > > 44780wfs41523b8v2m7 at j328ptp.submu.win > > > > > Somehow I think pasting that in the unsubscribe box is not going to do > the trick. But what up with that? > > > > > > Rocky Smolin > > Beach Access Software > > 760-683-5777 > > www.bchacc.com > > www.e-z-mrp.com > > Skype: rocky.smolin > > > > > > > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > From fuller.artful at gmail.com Thu Sep 20 06:46:52 2018 From: fuller.artful at gmail.com (Arthur Fuller) Date: Thu, 20 Sep 2018 11:46:52 +0000 Subject: [dba-Tech] WordPress Question(s) In-Reply-To: <5BA2BACD.24096.3BC2CAE@stuart.lexacorp.com.pg> References: <1720801223.496081924.1537368248666.JavaMail.zimbra@shaw.ca> <5BA2BACD.24096.3BC2CAE@stuart.lexacorp.com.pg> Message-ID: Stuart, You are quire right. I used the WordPress "Start a blog" button. Perhaps I should forget about that approach and instead do a regular installation? On Wed, Sep 19, 2018 at 9:09 PM Stuart McLachlan wrote: > It sounded as thought Arther was not *installng* Wordpress. He apparently > has created a > number of Wordpress.com hosted sites. > > On 19 Sep 2018 at 8:44, Jim Lawrence wrote: > > > Hi Arthur: > > > > The questions you are asking could fill a book but... > > > > If you want to have a operational Word Press and you haven't installed > > it before or not for a long time, I would search out a step by step > > installation guide, follow it and get a basic instance running before > > getting fancy. > > > > Every new install should over-right previously failed installs so that > > shouldn't be a problem. If your WP, is going to be a forward facing > > application, with input fields, check out a security guide as there > > are so many "holes" a scrip kiddie can hack or more accurately walk > > through. > > > > After, everything has been tested then you can start coding in or > > downloading various GUI layouts along their associated features. > > From accessd at shaw.ca Thu Sep 20 12:58:29 2018 From: accessd at shaw.ca (Jim Lawrence) Date: Thu, 20 Sep 2018 11:58:29 -0600 (MDT) Subject: [dba-Tech] WordPress Question(s) In-Reply-To: References: <1720801223.496081924.1537368248666.JavaMail.zimbra@shaw.ca> <5BA2BACD.24096.3BC2CAE@stuart.lexacorp.com.pg> Message-ID: <2022756571.503492393.1537466309664.JavaMail.zimbra@shaw.ca> Hi Arthur: A number of years ago, I build an interactive WP site and used it for a number of years: "SeriousArt.com" but it started getting hacked and even though my SiL and I spent weeks trying to find how the hackers were getting in, unless we set the system to read-only there was no way to stop them. It was discovered to be a serious zero-day flaw in the PHP code design so unless we wanted to re-write the system we were out-of-luck so until the WP design team resolved the issues there was little we could do. The WP team was restrained from fixing the errors quickly as such a change would disable a major portion of the third-party plugins. Our site was setup so Maria could manage a group of musicians and poets for a book she was creating and as the book was completed, we decided the simplest solution was to delete the site and remove the domain. I understand that the hosting giant GoDaddy now owns the domain. Supposedly, the core errors have since been resolved but my venture into the world of WP blogs did not end on a high note. It should also be noted that most of the third-party two-factor authentication login scripts are flawed so care should be taken when deciding login solutions or plugin...but I had built our own site and was hosting it. OTOH, if you are only sponsoring a private blog and you change the default WP address/URL, it would be unlikely that any site scanner would discover your private blog. There are also numerous companies along with hosting WP sites, have a number of great templates that fit ninety percent of the needs of most users and with a little graphic, cosmetic and scripting work, a perfect site can be run up with little effort and little expense. Jim ----- Original Message ----- From: "Arthur Fuller" To: "Discussion of Hardware and Software issues" Sent: Thursday, September 20, 2018 4:46:52 AM Subject: Re: [dba-Tech] WordPress Question(s) Stuart, You are quire right. I used the WordPress "Start a blog" button. Perhaps I should forget about that approach and instead do a regular installation? On Wed, Sep 19, 2018 at 9:09 PM Stuart McLachlan wrote: > It sounded as thought Arther was not *installng* Wordpress. He apparently > has created a > number of Wordpress.com hosted sites. > > On 19 Sep 2018 at 8:44, Jim Lawrence wrote: > > > Hi Arthur: > > > > The questions you are asking could fill a book but... > > > > If you want to have a operational Word Press and you haven't installed > > it before or not for a long time, I would search out a step by step > > installation guide, follow it and get a basic instance running before > > getting fancy. > > > > Every new install should over-right previously failed installs so that > > shouldn't be a problem. If your WP, is going to be a forward facing > > application, with input fields, check out a security guide as there > > are so many "holes" a scrip kiddie can hack or more accurately walk > > through. > > > > After, everything has been tested then you can start coding in or > > downloading various GUI layouts along their associated features. > > _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From accessd at shaw.ca Thu Sep 20 13:02:12 2018 From: accessd at shaw.ca (Jim Lawrence) Date: Thu, 20 Sep 2018 12:02:12 -0600 (MDT) Subject: [dba-Tech] Trying to unsubscribe In-Reply-To: <5BA2BB44.27016.3BDFDD1@stuart.lexacorp.com.pg> References: <002601d45027$0af51ed0$20df5c70$@bchacc.com> <5BA2BB44.27016.3BDFDD1@stuart.lexacorp.com.pg> Message-ID: <1409965838.503506140.1537466532353.JavaMail.zimbra@shaw.ca> Stuart: "Never unsubscribe unless it is something you have actually subscribed to." Wise words. Jim ----- Original Message ----- From: "stuart" To: "Discussion of Hardware and Software issues" Sent: Wednesday, September 19, 2018 2:10:28 PM Subject: Re: [dba-Tech] Trying to unsubscribe The "To: " address can contain anything the orignator wants to put there. It is not used for email routing. Spammers do use it for tracking, especially when people paste it into unsubscribe links. Unsubscribing from spam emails is a big mistake. In the majority of cases it just confirms that you are reading their spam and gets you on more spammers lists! Never unsubscribe unless it is something you have actually subscribed to. On 19 Sep 2018 at 7:42, Rocky Smolin wrote: > I keep the amount of spam coming to my mailbox by unsubscribing pretty > diligently. Lately though I've been getting spammed where the To > address is odd looking - not my address - yet it's still getting to > me. Got one today from a company touting me on gold for my IRA. The > to address is > > > > 44780wfs41523b8v2m7 at j328ptp.submu.win > > > > > Somehow I think pasting that in the unsubscribe box is not going to do > the trick. But what up with that? > > > > > > Rocky Smolin > > Beach Access Software > > 760-683-5777 > > www.bchacc.com > > www.e-z-mrp.com > > Skype: rocky.smolin > > > > > > > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From accessd at shaw.ca Thu Sep 20 13:19:57 2018 From: accessd at shaw.ca (Jim Lawrence) Date: Thu, 20 Sep 2018 12:19:57 -0600 (MDT) Subject: [dba-Tech] Select Star SQL: an interactive book which aims to be the best place to learn SQL In-Reply-To: <1409965838.503506140.1537466532353.JavaMail.zimbra@shaw.ca> References: <002601d45027$0af51ed0$20df5c70$@bchacc.com> <5BA2BB44.27016.3BDFDD1@stuart.lexacorp.com.pg> <1409965838.503506140.1537466532353.JavaMail.zimbra@shaw.ca> Message-ID: <1969381055.503571009.1537467597409.JavaMail.zimbra@shaw.ca> Hi All: If anyone is interested in using an interactive SQL site to hone their sequel skills, check out the following: https://selectstarsql.com/ Jim From peter.brawley at earthlink.net Thu Sep 20 19:43:48 2018 From: peter.brawley at earthlink.net (Peter Brawley) Date: Thu, 20 Sep 2018 19:43:48 -0500 Subject: [dba-Tech] WordPress Question(s) In-Reply-To: <2022756571.503492393.1537466309664.JavaMail.zimbra@shaw.ca> References: <1720801223.496081924.1537368248666.JavaMail.zimbra@shaw.ca> <5BA2BACD.24096.3BC2CAE@stuart.lexacorp.com.pg> <2022756571.503492393.1537466309664.JavaMail.zimbra@shaw.ca> Message-ID: <39d1924b-724c-4729-6278-c1bdec143fac@earthlink.net> On 9/20/2018 12:58, Jim Lawrence wrote: > Hi Arthur: > > A number of years ago, I build an interactive WP site and used it for a number of years: "SeriousArt.com" but it started getting hacked and even though my SiL and I spent weeks trying to find how the hackers were getting in, unless we set the system to read-only there was no way to stop them. > > It was discovered to be a serious zero-day flaw in the PHP code design ... and some such are still there, https://thehackernews.com/2016/12/php-7-update.html. PB ----- > so unless we wanted to re-write the system we were out-of-luck so until the WP design team resolved the issues there was little we could do. The WP team was restrained from fixing the errors quickly as such a change would disable a major portion of the third-party plugins. Our site was setup so Maria could manage a group of musicians and poets for a book she was creating and as the book was completed, we decided the simplest solution was to delete the site and remove the domain. I understand that the hosting giant GoDaddy now owns the domain. > > Supposedly, the core errors have since been resolved but my venture into the world of WP blogs did not end on a high note. It should also be noted that most of the third-party two-factor authentication login scripts are flawed so care should be taken when deciding login solutions or plugin...but I had built our own site and was hosting it. > > OTOH, if you are only sponsoring a private blog and you change the default WP address/URL, it would be unlikely that any site scanner would discover your private blog. There are also numerous companies along with hosting WP sites, have a number of great templates that fit ninety percent of the needs of most users and with a little graphic, cosmetic and scripting work, a perfect site can be run up with little effort and little expense. > > Jim > > ----- Original Message ----- > From: "Arthur Fuller" > To: "Discussion of Hardware and Software issues" > Sent: Thursday, September 20, 2018 4:46:52 AM > Subject: Re: [dba-Tech] WordPress Question(s) > > Stuart, > > You are quire right. I used the WordPress "Start a blog" button. Perhaps I > should forget about that approach and instead do a regular installation? > > On Wed, Sep 19, 2018 at 9:09 PM Stuart McLachlan > wrote: > >> It sounded as thought Arther was not *installng* Wordpress. He apparently >> has created a >> number of Wordpress.com hosted sites. >> >> On 19 Sep 2018 at 8:44, Jim Lawrence wrote: >> >>> Hi Arthur: >>> >>> The questions you are asking could fill a book but... >>> >>> If you want to have a operational Word Press and you haven't installed >>> it before or not for a long time, I would search out a step by step >>> installation guide, follow it and get a basic instance running before >>> getting fancy. >>> >>> Every new install should over-right previously failed installs so that >>> shouldn't be a problem. If your WP, is going to be a forward facing >>> application, with input fields, check out a security guide as there >>> are so many "holes" a scrip kiddie can hack or more accurately walk >>> through. >>> >>> After, everything has been tested then you can start coding in or >>> downloading various GUI layouts along their associated features. >>> > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > From accessd at shaw.ca Fri Sep 21 01:52:41 2018 From: accessd at shaw.ca (Jim Lawrence) Date: Fri, 21 Sep 2018 00:52:41 -0600 (MDT) Subject: [dba-Tech] WordPress Question(s) In-Reply-To: <39d1924b-724c-4729-6278-c1bdec143fac@earthlink.net> References: <1720801223.496081924.1537368248666.JavaMail.zimbra@shaw.ca> <5BA2BACD.24096.3BC2CAE@stuart.lexacorp.com.pg> <2022756571.503492393.1537466309664.JavaMail.zimbra@shaw.ca> <39d1924b-724c-4729-6278-c1bdec143fac@earthlink.net> Message-ID: <1970598156.506931058.1537512761935.JavaMail.zimbra@shaw.ca> There may still be some active zero day bugs in the WP system but the article you presented was from 2016, so hopefully things have improved in two years. Jim ----- Original Message ----- From: "peter brawley" To: "Discussion of Hardware and Software issues" Sent: Thursday, September 20, 2018 5:43:48 PM Subject: Re: [dba-Tech] WordPress Question(s) On 9/20/2018 12:58, Jim Lawrence wrote: > Hi Arthur: > > A number of years ago, I build an interactive WP site and used it for a number of years: "SeriousArt.com" but it started getting hacked and even though my SiL and I spent weeks trying to find how the hackers were getting in, unless we set the system to read-only there was no way to stop them. > > It was discovered to be a serious zero-day flaw in the PHP code design ... and some such are still there, https://thehackernews.com/2016/12/php-7-update.html. PB ----- > so unless we wanted to re-write the system we were out-of-luck so until the WP design team resolved the issues there was little we could do. The WP team was restrained from fixing the errors quickly as such a change would disable a major portion of the third-party plugins. Our site was setup so Maria could manage a group of musicians and poets for a book she was creating and as the book was completed, we decided the simplest solution was to delete the site and remove the domain. I understand that the hosting giant GoDaddy now owns the domain. > > Supposedly, the core errors have since been resolved but my venture into the world of WP blogs did not end on a high note. It should also be noted that most of the third-party two-factor authentication login scripts are flawed so care should be taken when deciding login solutions or plugin...but I had built our own site and was hosting it. > > OTOH, if you are only sponsoring a private blog and you change the default WP address/URL, it would be unlikely that any site scanner would discover your private blog. There are also numerous companies along with hosting WP sites, have a number of great templates that fit ninety percent of the needs of most users and with a little graphic, cosmetic and scripting work, a perfect site can be run up with little effort and little expense. > > Jim > > ----- Original Message ----- > From: "Arthur Fuller" > To: "Discussion of Hardware and Software issues" > Sent: Thursday, September 20, 2018 4:46:52 AM > Subject: Re: [dba-Tech] WordPress Question(s) > > Stuart, > > You are quire right. I used the WordPress "Start a blog" button. Perhaps I > should forget about that approach and instead do a regular installation? > > On Wed, Sep 19, 2018 at 9:09 PM Stuart McLachlan > wrote: > >> It sounded as thought Arther was not *installng* Wordpress. He apparently >> has created a >> number of Wordpress.com hosted sites. >> >> On 19 Sep 2018 at 8:44, Jim Lawrence wrote: >> >>> Hi Arthur: >>> >>> The questions you are asking could fill a book but... >>> >>> If you want to have a operational Word Press and you haven't installed >>> it before or not for a long time, I would search out a step by step >>> installation guide, follow it and get a basic instance running before >>> getting fancy. >>> >>> Every new install should over-right previously failed installs so that >>> shouldn't be a problem. If your WP, is going to be a forward facing >>> application, with input fields, check out a security guide as there >>> are so many "holes" a scrip kiddie can hack or more accurately walk >>> through. >>> >>> After, everything has been tested then you can start coding in or >>> downloading various GUI layouts along their associated features. >>> > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From stuart at lexacorp.com.pg Fri Sep 21 18:13:42 2018 From: stuart at lexacorp.com.pg (Stuart McLachlan) Date: Sat, 22 Sep 2018 09:13:42 +1000 Subject: [dba-Tech] WordPress Question(s) In-Reply-To: <1970598156.506931058.1537512761935.JavaMail.zimbra@shaw.ca> References: , <39d1924b-724c-4729-6278-c1bdec143fac@earthlink.net>, <1970598156.506931058.1537512761935.JavaMail.zimbra@shaw.ca> Message-ID: <5BA57B26.10480.E7B86B8@stuart.lexacorp.com.pg> Yeah, right! :) https://www.theregister.co.uk/2018/09/21/wordpress_flaws_attacked/ On 21 Sep 2018 at 0:52, Jim Lawrence wrote: > There may still be some active zero day bugs in the WP system but the > article you presented was from 2016, so hopefully things have improved > in two years. > > Jim > > From stuart at lexacorp.com.pg Fri Sep 21 18:15:13 2018 From: stuart at lexacorp.com.pg (Stuart McLachlan) Date: Sat, 22 Sep 2018 09:15:13 +1000 Subject: [dba-Tech] WordPress Question(s) In-Reply-To: <1970598156.506931058.1537512761935.JavaMail.zimbra@shaw.ca> References: , <39d1924b-724c-4729-6278-c1bdec143fac@earthlink.net>, <1970598156.506931058.1537512761935.JavaMail.zimbra@shaw.ca> Message-ID: <5BA57B81.12488.E7CEB63@stuart.lexacorp.com.pg> >From the comemts section of the Reg article I just linked: Wordpress........ the New Adobe flash. :-) On 21 Sep 2018 at 0:52, Jim Lawrence wrote: > There may still be some active zero day bugs in the WP system but the > article you presented was from 2016, so hopefully things have improved > in two years. > > Jim > From peter.brawley at earthlink.net Sat Sep 22 11:28:19 2018 From: peter.brawley at earthlink.net (Peter Brawley) Date: Sat, 22 Sep 2018 11:28:19 -0500 Subject: [dba-Tech] WordPress Question(s) In-Reply-To: <1970598156.506931058.1537512761935.JavaMail.zimbra@shaw.ca> References: <1720801223.496081924.1537368248666.JavaMail.zimbra@shaw.ca> <5BA2BACD.24096.3BC2CAE@stuart.lexacorp.com.pg> <2022756571.503492393.1537466309664.JavaMail.zimbra@shaw.ca> <39d1924b-724c-4729-6278-c1bdec143fac@earthlink.net> <1970598156.506931058.1537512761935.JavaMail.zimbra@shaw.ca> Message-ID: <1a5c6894-bb86-8743-4d4a-992da6bc871e@earthlink.net> Jim, On 9/21/2018 1:52, Jim Lawrence wrote: > There may still be some active zero day bugs in the WP system but the article you presented was from 2016, so hopefully things have improved in two years. As Stuart's link (https://www.theregister.co.uk/2018/09/21/wordpress_flaws_attacked/) illustrates, scammers & hackers rely on such hopefulness, with much success. PHP release x.y+1 may plug vulnerabilities in PHP x.y, but PHP x.y wo't disappear. Many hosting providers offer PHP version choice, sometimes back to 4.x. WP is often used mainly because the user thinks she has better things to do than attend to low-level details like PHP version upgrades. Indeed that fact contributes to WP being an attractive target for hackers. PB > > Jim > > ----- Original Message ----- > From: "peter brawley" > To: "Discussion of Hardware and Software issues" > Sent: Thursday, September 20, 2018 5:43:48 PM > Subject: Re: [dba-Tech] WordPress Question(s) > > On 9/20/2018 12:58, Jim Lawrence wrote: >> Hi Arthur: >> >> A number of years ago, I build an interactive WP site and used it for a number of years: "SeriousArt.com" but it started getting hacked and even though my SiL and I spent weeks trying to find how the hackers were getting in, unless we set the system to read-only there was no way to stop them. >> >> It was discovered to be a serious zero-day flaw in the PHP code design > ... and some such are still there, > https://thehackernews.com/2016/12/php-7-update.html. > > PB > > ----- > >> so unless we wanted to re-write the system we were out-of-luck so until the WP design team resolved the issues there was little we could do. The WP team was restrained from fixing the errors quickly as such a change would disable a major portion of the third-party plugins. Our site was setup so Maria could manage a group of musicians and poets for a book she was creating and as the book was completed, we decided the simplest solution was to delete the site and remove the domain. I understand that the hosting giant GoDaddy now owns the domain. >> >> Supposedly, the core errors have since been resolved but my venture into the world of WP blogs did not end on a high note. It should also be noted that most of the third-party two-factor authentication login scripts are flawed so care should be taken when deciding login solutions or plugin...but I had built our own site and was hosting it. >> >> OTOH, if you are only sponsoring a private blog and you change the default WP address/URL, it would be unlikely that any site scanner would discover your private blog. There are also numerous companies along with hosting WP sites, have a number of great templates that fit ninety percent of the needs of most users and with a little graphic, cosmetic and scripting work, a perfect site can be run up with little effort and little expense. >> >> Jim >> >> ----- Original Message ----- >> From: "Arthur Fuller" >> To: "Discussion of Hardware and Software issues" >> Sent: Thursday, September 20, 2018 4:46:52 AM >> Subject: Re: [dba-Tech] WordPress Question(s) >> >> Stuart, >> >> You are quire right. I used the WordPress "Start a blog" button. Perhaps I >> should forget about that approach and instead do a regular installation? >> >> On Wed, Sep 19, 2018 at 9:09 PM Stuart McLachlan >> wrote: >> >>> It sounded as thought Arther was not *installng* Wordpress. He apparently >>> has created a >>> number of Wordpress.com hosted sites. >>> >>> On 19 Sep 2018 at 8:44, Jim Lawrence wrote: >>> >>>> Hi Arthur: >>>> >>>> The questions you are asking could fill a book but... >>>> >>>> If you want to have a operational Word Press and you haven't installed >>>> it before or not for a long time, I would search out a step by step >>>> installation guide, follow it and get a basic instance running before >>>> getting fancy. >>>> >>>> Every new install should over-right previously failed installs so that >>>> shouldn't be a problem. If your WP, is going to be a forward facing >>>> application, with input fields, check out a security guide as there >>>> are so many "holes" a scrip kiddie can hack or more accurately walk >>>> through. >>>> >>>> After, everything has been tested then you can start coding in or >>>> downloading various GUI layouts along their associated features. >>>> >> _______________________________________________ >> dba-Tech mailing list >> dba-Tech at databaseadvisors.com >> http://databaseadvisors.com/mailman/listinfo/dba-tech >> Website: http://www.databaseadvisors.com >> _______________________________________________ >> dba-Tech mailing list >> dba-Tech at databaseadvisors.com >> http://databaseadvisors.com/mailman/listinfo/dba-tech >> Website: http://www.databaseadvisors.com >> > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > From peter.brawley at earthlink.net Sat Sep 22 11:34:57 2018 From: peter.brawley at earthlink.net (Peter Brawley) Date: Sat, 22 Sep 2018 11:34:57 -0500 Subject: [dba-Tech] backup, backup, backup Message-ID: <85a7c23c-48ac-51c0-b896-e80c7ddd87b6@earthlink.net> If you rely on hosting provider backups, think again. I got the email quoted below from a hosting provider with a good reputation that I use as a backup provider ... PB /While I was hoping to save some of this for the official RFO [Reason For Outage] - enough people are getting tremendously upset over this that I'm going to spell out what I can now - keeping in mind that I will provide more details when I can.// // //**What happened?**// // //First and foremost - this failure is not something that we planned on or expected.? A server administrator, the most experienced administrator we have, made a big mistake.? During some routine maintenance where they were supposed to perform a _file system trim_ they mistakenly performed a _block discard_.// // //**What does this mean?**// // //The server administrator essentially told our storage platform to drop all data rather than simply dropping data that had been marked as _deleted_ by our servers.// // //**Why is restoration taking so long?**// // //Initially we believed that only the primary operating system partition of the servers was damaged - so we worked to bring new machines online to connect to our storage to bring accounts back online.? Had our initial belief been correct - we'd have been back online in a few hours at most.// // //As it turns out our local data was corrupted beyond repair - to the point that we could not even mount the file systems to attempt data recovery.// // //Normally we would rely on snapshots in our storage platform - simply mounting a snapshot from prior to the incident and booting servers back up.? It would have taken minutes - if maybe an hour. We are not sure as of yet, and will need to investigate, but snapshots were disabled.? I wish I could tell you why - and I wish I knew why - but we don't know yet and will have to look into it.// // //We are working to restore cPanel backups from our off-site backup server in Phoenix Arizona.? While you would think the distance and connectivity was the issue - the real issue is the amount of I/O that backup server has available to it.? While it is a robust server with 24 drives - it can only read so much data so fast.? As these are high capacity spinning drives - they have limits on speed.// // //Our disaster recovery server is our **last resort** to restore client data and, as it stands, is the _only_ copy we have remaining of all client data - except that which has already been restored which is back to being stored in triplicate.// // //**What will you do to prevent this in the future?**// // //We have, as we've been working on this and running into issues getting things back online quickly, discussing what changes we need to make to ensure that this both doesn't happen again as well as that we can restore quicker in the future should the need arise.? I will go into more detail about this once we are back online.// // //**We are sorry - we don't want you to be offline any more than you do.**// // //Personally I'm not going to be getting any sleep until every customer affected by this is back online.? I wish I could snap my fingers and have everybody back online or that I could go into the past and make a couple of _minor_ changes that would have prevented this.? I do wish, now that this has happened, that there was a quick and easy solution.// // //I understand you're upset / mad / angry / frustrated. Believe me - I am sitting here listening to each and every one of you about how upset you are - I know you're upset and I am sorry. We're human - and we make mistakes.? In this case **thankfully** we do have a last resort disaster recovery that we can pull data from.? There are _many_ providers that, having faced this many failures - a perfect storm so to speak - would have simply lost your data entirely.// // //This is the **first** major outage we've had in over a decade and while this is definitely major - our servers are online and we are actively working as quickly as possible to get all accounts restored and back online.? For clarity - the bottleneck here is not a staffing issue.? We evaluated numerous options to speed up the process and unfortunately short of copying the data off to faster disks - which we did try - there's nothing we can do to speed this up.? The process of copying the data off to faster disks was going to take just as long, if not longer, than the restoration process is taking on it's own.// // //Once everybody is back online - and there are accounts coming online every minute - we will be performing a complete post-mortem on this and will be writing a clear and transparent Reason For Outage [RFO] which we will be making available to all clients.// // //I hope that you understand that while this restoration process is ongoing there really isn't much to report beyond, "Accounts are still being restored as quickly as possible."? I wish there was some interesting update I could provide you like, "Suddenly things have sped up 100x!" but that's not the case.// // //I am personally doing my best to reach out to clients that have opened tickets are updated as to when their accounts are in the active restoration queue.? While we do have thousands of accounts to restore - our disaster recovery system actually transfers data substantially faster with fewer simultaneous transfers.? While it sounds counter-intuitive - we're actively watching the restoration processes and balancing the number of accounts being restored at once against the performance of the disaster recovery system to get as many people back online as quickly as possible.// // //Most sites are coming back online after restoration without issues, however, if once your account is restored you are still having issues - we are here to help.? While we are quite overwhelmed by tickets like, "WHY IS THIS NOT UP YET!?!?!"? "WHY ARE YOU DOWN SO LONG!?!??!!"? "FIX THIS NOWWWW!" - we are still trying to wade through all of that to help those that have come back online and are having issues - as few and far between as it has been.// // //If you have any questions - we will definitely answer them - but please understand that while we're restoring accounts we're really trying to focus on the restoration of services as well as resolving issues for those that are already resolved.// // //Again - I am sorry for the trouble this is causing you - we definitely don't want you offline any more than you do and will have all services restored as quickly as we can.// // //Sincerely,// / From stuart at lexacorp.com.pg Sat Sep 22 15:44:13 2018 From: stuart at lexacorp.com.pg (Stuart McLachlan) Date: Sun, 23 Sep 2018 06:44:13 +1000 Subject: [dba-Tech] WordPress Question(s) In-Reply-To: <1a5c6894-bb86-8743-4d4a-992da6bc871e@earthlink.net> References: , <1970598156.506931058.1537512761935.JavaMail.zimbra@shaw.ca>, <1a5c6894-bb86-8743-4d4a-992da6bc871e@earthlink.net> Message-ID: <5BA6A99D.32153.131906A8@stuart.lexacorp.com.pg> In my case, PHP 5.2, 5.3, 5.4, 5.5, 5.6, 7.0, 7.1, 7.2 are all options on the web server. (I generally use 5.6) On 22 Sep 2018 at 11:28, Peter Brawley wrote: > Jim, > > On 9/21/2018 1:52, Jim Lawrence wrote: > > There may still be some active zero day bugs in the WP system but > > the article you presented was from 2016, so hopefully things have > > improved in two years. > > As Stuart's link > (https://www.theregister.co.uk/2018/09/21/wordpress_flaws_attacked/) > illustrates, scammers & hackers rely on such hopefulness, with much > success. > > PHP release x.y+1 may plug vulnerabilities in PHP x.y, but PHP x.y > wo't disappear. Many hosting providers offer PHP version choice, > sometimes back to 4.x. WP is often used mainly because the user thinks > she has better things to do than attend to low-level details like PHP > version upgrades. Indeed that fact contributes to WP being an > attractive target for hackers. > > PB > From stuart at lexacorp.com.pg Sat Sep 22 15:45:17 2018 From: stuart at lexacorp.com.pg (Stuart McLachlan) Date: Sun, 23 Sep 2018 06:45:17 +1000 Subject: [dba-Tech] backup, backup, backup In-Reply-To: <85a7c23c-48ac-51c0-b896-e80c7ddd87b6@earthlink.net> References: <85a7c23c-48ac-51c0-b896-e80c7ddd87b6@earthlink.net> Message-ID: <5BA6A9DD.18551.131A01B9@stuart.lexacorp.com.pg> Ouch! On 22 Sep 2018 at 11:34, Peter Brawley wrote: > If you rely on hosting provider backups, think again. I got the email > quoted below from a hosting provider with a good reputation that I use > as a backup provider ... > ... From accessd at shaw.ca Sun Sep 23 23:34:49 2018 From: accessd at shaw.ca (Jim Lawrence) Date: Sun, 23 Sep 2018 22:34:49 -0600 (MDT) Subject: [dba-Tech] WordPress Question(s) In-Reply-To: <5BA57B26.10480.E7B86B8@stuart.lexacorp.com.pg> References: <39d1924b-724c-4729-6278-c1bdec143fac@earthlink.net> <1970598156.506931058.1537512761935.JavaMail.zimbra@shaw.ca> <5BA57B26.10480.E7B86B8@stuart.lexacorp.com.pg> Message-ID: <903669302.523548290.1537763689180.JavaMail.zimbra@shaw.ca> As long a potential hacks can be configured out or coded around... Jim ----- Original Message ----- From: "stuart" To: "Discussion of Hardware and Software issues" Sent: Friday, September 21, 2018 4:13:42 PM Subject: Re: [dba-Tech] WordPress Question(s) Yeah, right! :) https://www.theregister.co.uk/2018/09/21/wordpress_flaws_attacked/ On 21 Sep 2018 at 0:52, Jim Lawrence wrote: > There may still be some active zero day bugs in the WP system but the > article you presented was from 2016, so hopefully things have improved > in two years. > > Jim > > _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From accessd at shaw.ca Sun Sep 23 23:42:39 2018 From: accessd at shaw.ca (Jim Lawrence) Date: Sun, 23 Sep 2018 22:42:39 -0600 (MDT) Subject: [dba-Tech] WordPress Question(s) In-Reply-To: <5BA57B81.12488.E7CEB63@stuart.lexacorp.com.pg> References: <39d1924b-724c-4729-6278-c1bdec143fac@earthlink.net> <1970598156.506931058.1537512761935.JavaMail.zimbra@shaw.ca> <5BA57B81.12488.E7CEB63@stuart.lexacorp.com.pg> Message-ID: <531110748.523569098.1537764159751.JavaMail.zimbra@shaw.ca> Send me a link if you get a chance...I would like to read through it. Bryan has new business site written on WP. We could use https://sites.google.com from which to write our websites...though I hate the thought of it. The google sites use their Google spreadsheet app to hold the BE data so complexity and data volume is limited.,,something like a MS Access Database. ;-) Jim ----- Original Message ----- From: "stuart" To: "Discussion of Hardware and Software issues" Sent: Friday, September 21, 2018 4:15:13 PM Subject: Re: [dba-Tech] WordPress Question(s) >From the comemts section of the Reg article I just linked: Wordpress........ the New Adobe flash. :-) On 21 Sep 2018 at 0:52, Jim Lawrence wrote: > There may still be some active zero day bugs in the WP system but the > article you presented was from 2016, so hopefully things have improved > in two years. > > Jim > _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From jbartow at winhaven.net Thu Sep 27 16:12:47 2018 From: jbartow at winhaven.net (John Bartow) Date: Thu, 27 Sep 2018 21:12:47 +0000 Subject: [dba-Tech] backup, backup, backup In-Reply-To: <85a7c23c-48ac-51c0-b896-e80c7ddd87b6@earthlink.net> References: <85a7c23c-48ac-51c0-b896-e80c7ddd87b6@earthlink.net> Message-ID: wow -----Original Message----- From: dba-Tech On Behalf Of Peter Brawley Sent: Saturday, September 22, 2018 11:35 AM To: Discussion of Hardware and Software issues Subject: [dba-Tech] backup, backup, backup If you rely on hosting provider backups, think again. I got the email quoted below from a hosting provider with a good reputation that I use as a backup provider ... PB /While I was hoping to save some of this for the official RFO [Reason For Outage] - enough people are getting tremendously upset over this that I'm going to spell out what I can now - keeping in mind that I will provide more details when I can.// // //**What happened?**// // //First and foremost - this failure is not something that we planned on or expected.? A server administrator, the most experienced administrator we have, made a big mistake.? During some routine maintenance where they were supposed to perform a _file system trim_ they mistakenly performed a _block discard_.// // //**What does this mean?**// // //The server administrator essentially told our storage platform to drop all data rather than simply dropping data that had been marked as _deleted_ by our servers.// // //**Why is restoration taking so long?**// // //Initially we believed that only the primary operating system partition of the servers was damaged - so we worked to bring new machines online to connect to our storage to bring accounts back online.? Had our initial belief been correct - we'd have been back online in a few hours at most.// // //As it turns out our local data was corrupted beyond repair - to the point that we could not even mount the file systems to attempt data recovery.// // //Normally we would rely on snapshots in our storage platform - simply mounting a snapshot from prior to the incident and booting servers back up.? It would have taken minutes - if maybe an hour. We are not sure as of yet, and will need to investigate, but snapshots were disabled.? I wish I could tell you why - and I wish I knew why - but we don't know yet and will have to look into it.// // //We are working to restore cPanel backups from our off-site backup server in Phoenix Arizona.? While you would think the distance and connectivity was the issue - the real issue is the amount of I/O that backup server has available to it.? While it is a robust server with 24 drives - it can only read so much data so fast.? As these are high capacity spinn ing drives - they have limits on speed.// // //Our disaster recovery server is our **last resort** to restore client data and, as it stands, is the _only_ copy we have remaining of all client data - except that which has already been restored which is back to being stored in triplicate.// // //**What will you do to prevent this in the future?**// // //We have, as we've been working on this and running into issues getting things back online quickly, discussing what changes we need to make to ensure that this both doesn't happen again as well as that we can restore quicker in the future should the need arise.? I will go into more detail about this once we are back online.// // //**We are sorry - we don't want you to be offline any more than you do.**// // //Personally I'm not going to be getting any sleep until every customer affected by this is back online.? I wish I could snap my fingers and have everybody back online or that I could go into the past and make a couple of _minor_ changes that would have prevented this.? I do wish, now that this has happened, that there was a quick and easy solution.// // //I understand you're upset / mad / angry / frustrated. Believe me - I am sitting here listening to each and every one of you about how upset you are - I know you're upset and I am sorry. We're human - and we make mistakes.? In this case **thankfully** we do have a last resort disaster recovery that we can pull data from.? There are _many_ providers that, having faced this many failures - a perfect storm so to speak - would have simply lost your data entirely.// // //This is the **first** major outage we've had in over a decade and while this is definitely major - our servers are online and we are actively working as quickly as possible to get all accounts restored and back online.? For clarity - the bottleneck here is not a staffing issue.? We evaluated numerous options to speed up the process and unfortunately short of copying the data off to faster disks - which we did try - there's nothing we can do to speed this up.? The process of copying the data off to faster disks was going to take just as long, if not longer, than the restoration process is taking on it's own.// // //Once everybody is back online - and there are accounts coming online every minute - we will be performing a complete post-mortem on this and will be writing a clear and transparent Reason For Outage [RFO] which we will be making available to all clients.// // //I hope that you understand that while this restoration process is ongoing there really isn't much to report beyond, "Accounts are still being restored as quickly as possible."? I wish there was some interesting update I could provide you like, "Suddenly things have sped up 100x!" but that's not the case.// // //I am personally doing my best to reach out to clients that have opened tickets are updated as to when their accounts are in the active restoration queue.? While we do have thousands of accounts to restore - our disaster recovery system actually transfers data substantially faster with fewer simultaneous transfers.? While it sounds counter-intuitive - we're actively watching the restoration processes and balancing the number of accounts being restored at once against the performance of the disaster recovery system to get as many people back online as quickly as possible.// // //Most sites are coming back online after restoration without issues, however, if once your account is restored you are still having issues - we are here to help.? While we are quite overwhelmed by tickets like, "WHY IS THIS NOT UP YET!?!?!"? "WHY ARE YOU DOWN SO LONG!?!??!!"? "FIX THIS NOWWWW!" - we are still trying to wade through all of that to help those that have come back online and are having issues - as few and far between as it has been.// // //If you have any questions - we will definitely answer them - but please understand that while we're restoring accounts we're really trying to focus on the restoration of services as well as resolving issues for those that are already resolved.// // //A gain - I am sorry for the trouble this is causing you - we definitely don't want you offline any more than you do and will have all services restored as quickly as we can.// // //Sincerely,// / _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From rockysmolin at bchacc.com Thu Sep 27 17:03:39 2018 From: rockysmolin at bchacc.com (Rocky Smolin) Date: Thu, 27 Sep 2018 15:03:39 -0700 Subject: [dba-Tech] backup, backup, backup In-Reply-To: References: <85a7c23c-48ac-51c0-b896-e80c7ddd87b6@earthlink.net> Message-ID: <025101d456ad$f2639350$d72ab9f0$@bchacc.com> Is this company just providing off site backup or are clients using them as a cloud provider doing transactions on live data? r -----Original Message----- From: dba-Tech [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of John Bartow Sent: Thursday, September 27, 2018 2:13 PM To: Discussion of Hardware and Software issues Subject: Re: [dba-Tech] backup, backup, backup wow -----Original Message----- From: dba-Tech On Behalf Of Peter Brawley Sent: Saturday, September 22, 2018 11:35 AM To: Discussion of Hardware and Software issues Subject: [dba-Tech] backup, backup, backup If you rely on hosting provider backups, think again. I got the email quoted below from a hosting provider with a good reputation that I use as a backup provider ... PB /While I was hoping to save some of this for the official RFO [Reason For Outage] - enough people are getting tremendously upset over this that I'm going to spell out what I can now - keeping in mind that I will provide more details when I can.// // //**What happened?**// // //First and foremost - this failure is not something that we planned on or expected. A server administrator, the most experienced administrator we have, made a big mistake. During some routine maintenance where they were supposed to perform a _file system trim_ they mistakenly performed a _block discard_.// // //**What does this mean?**// // //The server administrator essentially told our storage platform to drop all data rather than simply dropping data that had been marked as _deleted_ by our servers.// // //**Why is restoration taking so long?**// // //Initially we believed that only the primary operating system partition of the servers was damaged - so we worked to bring new machines online to connect to our storage to bring accounts back online. Had our initial belief been correct - we'd have been back online in a few hours at most.// // //As it turns out our local data was corrupted beyond repair - to the point that we could not even mount the file systems to attempt data recovery.// // //Normally we would rely on snapshots in our storage platform - simply mounting a snapshot from prior to the incident and booting servers back up. It would have taken minutes - if maybe an hour. We are not sure as of yet, and will need to investigate, but snapshots were disabled. I wish I could tell you why - and I wish I knew why - but we don't know yet and will have to look into it.// // //We are working to restore cPanel backups from our off-site backup server in Phoenix Arizona. While you would think the distance and connectivity was the issue - the real issue is the amount of I/O that backup server has available to it. While it is a robust server with 24 drives - it can only read so much data so fast. As these are high capacity spinn ing drives - they have limits on speed.// // //Our disaster recovery server is our **last resort** to restore client data and, as it stands, is the _only_ copy we have remaining of all client data - except that which has already been restored which is back to being stored in triplicate.// // //**What will you do to prevent this in the future?**// // //We have, as we've been working on this and running into issues getting things back online quickly, discussing what changes we need to make to ensure that this both doesn't happen again as well as that we can restore quicker in the future should the need arise. I will go into more detail about this once we are back online.// // //**We are sorry - we don't want you to be offline any more than you do.**// // //Personally I'm not going to be getting any sleep until every customer affected by this is back online. I wish I could snap my fingers and have everybody back online or that I could go into the past and make a couple of _minor_ changes that would have prevented this. I do wish, now that this has happened, that there was a quick and easy solution.// // //I understand you're upset / mad / angry / frustrated. Believe me - I am sitting here listening to each and every one of you about how upset you are - I know you're upset and I am sorry. We're human - and we make mistakes. In this case **thankfully** we do have a last resort disaster recovery that we can pull data from. There are _many_ providers that, having faced this many failures - a perfect storm so to speak - would have simply lost your data entirely.// // //This is the **first** major outage we've had in over a decade and while this is definitely major - our servers are online and we are actively working as quickly as possible to get all accounts restored and back online. For clarity - the bottleneck here is not a staffing issue. We evaluated numerous options to speed up the process and unfortunately short of copying the data off to faster disks - which we did try - there's nothing we can do to speed this up. The process of copying the data off to faster disks was going to take just as long, if not longer, than the restoration process is taking on it's own.// // //Once everybody is back online - and there are accounts coming online every minute - we will be performing a complete post-mortem on this and will be writing a clear and transparent Reason For Outage [RFO] which we will be making available to all clients.// // //I hope that you understand that while this restoration process is ongoing there really isn't much to report beyond, "Accounts are still being restored as quickly as possible." I wish there was some interesting update I could provide you like, "Suddenly things have sped up 100x!" but that's not the case.// // //I am personally doing my best to reach out to clients that have opened tickets are updated as to when their accounts are in the active restoration queue. While we do have thousands of accounts to restore - our disaster recovery system actually transfers data substantially faster with fewer simultaneous transfers. While it sounds counter-intuitive - we're actively watching the restoration processes and balancing the number of accounts being restored at once against the performance of the disaster recovery system to get as many people back online as quickly as possible.// // //Most sites are coming back online after restoration without issues, however, if once your account is restored you are still having issues - we are here to help. While we are quite overwhelmed by tickets like, "WHY IS THIS NOT UP YET!?!?!" "WHY ARE YOU DOWN SO LONG!?!??!!" "FIX THIS NOWWWW!" - we are still trying to wade through all of that to help those that have come back online and are having issues - as few and far between as it has been.// // //If you have any questions - we will definitely answer them - but please understand that while we're restoring accounts we're really trying to focus on the restoration of services as well as resolving issues for those that are already resolved.// // //A gain - I am sorry for the trouble this is causing you - we definitely don't want you offline any more than you do and will have all services restored as quickly as we can.// // //Sincerely,// / _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com