I wonder what’s going on lately. Some bot-net is trying to brute force its way into my blog since a couple of days. Usually I couldn’t care less – I’m using a secure password and the default user is disabled. But it makes my security plugin flooding my inbox and I’m starting to get really annoyed by that.
Here is what I did to put an end to that. I added a few lines to the .htaccess to put an HTTP auth in front of the login and some more lines to deny access to the password file which lives in the document root so it is automatically included in the nightly backups:
# block distributed brute force attack
AuthName "Private access"
Require all denied
The attacker has quite a bit of resources at hand. So far I didn’t see any multiple occurrences of IP addresses in the logs.
In the second episode of my µC adventures I’m not losing any time and directly approach the thing that I started tinkering with electronics in the first place.
The device I’m going to build is supposed to measure the water level in out rain water tank. And of course the measured level needs to be submitted to a server on the Internet via WiFi which is the main reason why I’m using the ESP8266.
After browsing the Internet for a few minutes I figured the best way to go would be with using capacitance to measure the water level. I wanted to have high resolution so any solution that would involve using conductivity of the water (which I found used in quite a few project write-ups online) is out of the equation.
I created a small helper script that encapsulates API calls for simple snapshot management. This can be used in cron jobs to trigger snapshot creation and cleanup.
Keeping manually created snapshots is the least backup security one should have on top of automatically created snapshots as the latter type is deleted together with the instance. In case of unintentional deletion of an RDS instance automated snapshots are of no help to restore the data.
RDS-Snapshot on GitHub