View New Content

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

deadroot

Member Since 13 Jun 2018
Offline Last Active Feb 26 2022 06:57 AM

Find content

About Me

Project manager with strong product management and information security skills.

Community Stats

Group Members
Active Posts 13 ( per day)
Profile Views 4043
Member Title Newbie
Age Age Unknown
Birthday Birthday Unknown
Gender
Not Telling
Location
/
Interests
PM, InfoSec, DevOps

Contact Information

2 Neutral

Friends

Latest Visitors

energothemes
25 Feb 2022 - 16:26
KellyGHughes
22 Apr 2019 - 10:47
Anna2019
18 Feb 2019 - 21:43
donamha
20 Oct 2018 - 18:16
bridgetell
17 Oct 2018 - 09:59

Received

#346414 Attention Of Vivashop Theme Owners

Posted by deadroot on 25 February 2022 - 04:01 PM

Hello,

Thanks for your response. My name is Roman, and I'm CEO of asaplab.io. I have tried to contact you personally via Slack chat "CS-Cart development team" Feb, 16 9:40 PM UTC+4, and via your helpdesk system. Also, I have contacted Ilya Makarov and Alexey Maisuradze (official CS-Cart marketplace where your themes and add-ons, unfortunately, are not presented) for your contact details, and it does not give a result.

As you can see in our article, we have created a patch file, to mitigate human-based typos.

⚠️ We highly recommend using the patch https://github.com/a...sion_post.patch ⚠️

#308164 Good Vs Bad Bots

Posted by deadroot on 26 October 2018 - 01:25 PM

Yes, but this is not shopify. CS-Cart does not have bad bot protection.

MJ12bot ignores robots.txt You need to block it from your server.

if ($http_user_agent ~* (MJ12bot|...) ) {
    return 403;
}

But blocking by user agent(light-changeable) list is bullshit.

Here need a different approach like, which use web application firewalls (WAF) with analyzing of IP (who/from where), user behavior, type of requests, etc. Or using WAF like https://wallarm.com/ or https://aws.amazon.com/waf/, etc xD

#307823 Do You Use Control Panel To Manages Servers Yourself?

Posted by deadroot on 18 October 2018 - 03:08 PM

Anyway, when you control your system entirely and know what packages you use you can prevent this https://forum.vestac...tart=180#p73920

All VestaCP installations being attacked

And sure, by using panels, you don't get full control under your server. Or you will be not the only one xD

P.S. If you use VestaCP, update immediately!

#307346 Http-To-Https Migration Checklist

Posted by deadroot on 09 October 2018 - 09:11 AM

What are the benefits of moving the site completely to HTTPS? Won't the speed of the website get affected?

Also, using HTTPS allow using HTTP/2 protocol

HTTP/2 protocol is already significantly optimized compared to HTTP 1.1, and so a simple HTTP/2 implementation (enabling) can improve the performance of web servers. And disabling the extra tweaks that were used to speed up HTTP 1.1 will help take full advantage of HTTP/2.

Read more here

P.S. If you want, I can write some article about HTTP/2

Time Now: Jul 06 2022 06:52 PM

Community Forum Software by IP.Board