The Benefits of Microcaching with NGINX

2015-12-19 KENNETH 0

NGINX and NGINX Plus are commonly used as web content caches, ranging from individual websites to some of the largest content delivery networks (CDNs) in the world, such as MaxCDN and CloudFlare. Microcaching is an effective method for accelerating the delivery of dynamic, non-personalized content by caching it for very short periods of time. In this article, we’ll see how to accelerate a WordPress-based application by up to 400x using the microcaching technique. Why Cache Content? The benefits of caching are two-fold: caching improves web performance by delivering content more quickly, and it reduces the load on the origin servers. The effectiveness of caching depends on the cacheability of the content. For how long can we store the content, how do we check for updates, and how many users can we send the same cached content to? Caching static content, such [ more… ]

No Image

XE 1.8.15 RELEASE

2015-12-18 KENNETH 0

출처 : https://www.xpressengine.com/devlog/23109961 다운로드 : https://www.xpressengine.com/index.php?mid=download&package_id=18325662 XE 1.8.15 버전이 릴리즈 되었습니다.   변경 내역 Secutiry #1813 레이아웃 미리보기 기능을 이용한 보안 취약점 고침 @bnu 한국인터넷진흥원에서 알려주셨습니다   Defect #1763 $GLOBALS[’HTTP_RAW_POST_DATA’] 버그 수정 @qkrcjfgus33 #1762 autoload 적용으로 필요없어진 상수 삭제 @qkrcjfgus33 #1735 getDbInfo -> getDBInfo @qkrcjfgus33 ~

No Image

BIND DNS 신규 취약점 보안 업데이트

2015-12-18 KENNETH 0

BIND DNS 신규 취약점 보안 업데이트   출처 : http://www.boho.or.kr/data/secNoticeView.do?bulletin_writing_sequence=23846 □ 개요 o DNS 서비스를 위해 주로 이용하는 BIND DNS에 원격에서 서비스 거부를 발생시킬 수 있는 취약점이 발견 □ 설명 o 잘못된 클래스 속성 데이터를 응답 패킷에서 처리할 때 발생하는 서비스 거부 취약점(CVE-2015-8000) □ 영향 받는 소프트웨어 o BIND 9.0.x ~ 9.9.8 o BIND 9.10.0 ~ 9.10.3 □ 해결 방안 o BIND 9 버전 9.9.8-P2로 업데이트 o BIND 9 버전 9.10.3-P2로 업데이트 o BIND 9 버전 9.9.8-S3로 업데이트 □ 기타 문의사항 o 한국인터넷진흥원 인터넷침해대응센터: 국번없이 118 [참고사이트] – https://kb.isc.org/article/AA-01317 – http://www.isc.org/downloads/

No Image

USN-2845-1: SoS vulnerabilities

2015-12-18 KENNETH 0

Ubuntu Security Notice USN-2845-1 17th December, 2015 sosreport vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 15.04 Ubuntu 14.04 LTS Summary sosreport could be made to expose sensitive information or overwrite files as the administrator. Software description sosreport – Set of tools to gather troubleshooting data from a system Details Dolev Farhi discovered an information disclosure issue in SoS. If the/etc/fstab file contained passwords, the passwords were included in theSoS report. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-3925) Mateusz Guzik discovered that SoS incorrectly handled temporary files. Alocal attacker could possibly use this issue to overwrite arbitrary filesor gain access to temporary file contents containing sensitive systeminformation. (CVE-2015-7529) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: sosreport 3.2-2ubuntu1.1 Ubuntu 15.04: sosreport 3.2-2ubuntu0.1 [ more… ]