We need to talk about security

We need to talk about security

Below is a brief summary of attempts to break in to OurLocality since April 17th 2015. That doesn’t include the multitude of attacks on the server, which happen every second of every day.

We try our best to keep you secure, but you can do your bit too to stop your site being abused.

  • Use difficult passwords that combine capital letters, numbers, nonsense words and special characters.
  • Chose an alias to publish in NOT your username
  • If you have comments on turn them off, globally
  • If you must have comments on, do so selectively and make sure you close them after a week or 2 max, automatically
  • Tune your comments moderation to the most aggressive setting that your users will tolerate (remember they hate spam too)
  • Always log out of your account and don’t share your account details
  • Delete or deactivate sites that you do not use or need
  • Don’t setup a site that you don’t intend to use
TypeNumber
Reported by Akismet15396
404 exploit attempt14924
bad or missing accept header26811
admin login attempt11316
bad or missing user agent5514
bad cache9920
known spam host55
block invalid ip31
long email1857
bbcode in request2
bad HTTP_REFERER1
Stop Forum Spam3102
spam words297
ubiquity servers46
Repeated hits85
Brazil107
China1001
Indonesia32
India37
Poland190
Russian Federation133