For the last few days this site, The Work Life, has been undergoing a persistent attack. Every 30 seconds an attempt was being made on our WordPress administration page. The attack made no impact on the site but did turn up in our log files as an anomaly.
Yesterday I added a simple but effective second layer of protection to our site. I added HTTP authentication, rfc2617, to our login page.
Within minutes the attack stopped and has not returned.
If the attempts are no problem, why add the complexity of a second layer – and second set of credentials?
Every request for our administration page took time and resources to serve. Those resources are limited and count against our monthly allowances. By adding an immediate authentication requirement, malicious connections are limited. They are limited in the harm they can do and the resources needed to serve the initial request.
There are numerous approaches to adding additional security to WordPress. I was greatly tempted by fail2ban but could not justify the time to set up and test it. In the end a fairly trivial edit to
.htaccess was all that was needed.
It had been many years since I last visited Edinburgh. Whenever we mentioned our forthcoming visit to the city, we were met with fond memories and prompts of what to see and enjoy. Edinburgh has certainly cultivated happy memories for many of our friends.
Edinburgh is Scotland’s capital. A city dominated by its castle.
We only had a couple of days in the city but loved wandering around.
A busy wintery Princes Street
Looking over the glass roof of Waverley Train Station
Snowy hills in the distance
Close up of the snowy hills from Edinburgh Castle
Fairground ride in a Christmas market
Partially obscured sign to Carlton Hill Public Park
Carlton Hill Public Park
View back over Edinburgh from Carlton Hill Public Park
Monument to Greyfriars Bobby
We managed to see inside the Scottish parliament during a budget session. Sadly no photographs are allowed in the main chamber while the house is sitting.
The renovated National Museum of Scotland is worth visiting for the lobby alone.
National Museum of Scotland’s lobby
National Museum of Scotland’s lobby
Dolly the Sheep
Below the Edinburgh National Museum
Exhibit within National Museum of Scotland
We have recently added a new boardgame to our collection: Carcassonne.
I did a lot of research before choosing our first board game, Ticket to Ride Europe. During that research, I came across Carcassonne, and was very tempted by it. But, my motivation for buying a game came from the show TableTop, and I wanted to pick something we had seen. The show gives a really good idea of what a game is actually like.
So, I was excited when they recently played Carcassonne on TableTop. The game looked like fun, and we ordered it from Amazon soon after.
Carcassonne is very different to Ticket to Ride. It doesn’t have a board; you create the board as you go by laying down tiles. These tiles create a network of roads, towns, monasteries, and farms for you to control. We’ve only managed a couple of games so far, but I can see a lot of happy Sunday afternoons playing Carcassonne ahead.
Amazon links on this page help support running The Work Life.
We spent a couple of days in York on a recent trip to the UK. I didn’t know much about York, other than it is home to York Minster Cathedral. The cathedral was the impressive, imposing structure I expected it to be. But, more impressive were the walls that enclose the city and the gates that give access.
Micklegate, one of the gates giving access to the city
Turrets of Micklegate
The walls have been wonderfully preserved, and you can walk along the top of a large section of them. It was a novel way to see the city.
Walking path on the walls
Defensive positions are dotted along the walls
View of York Minster from the walls
I find my photos and projects in unexpected places. Most of the time it is harmless but occasionally it irritates.
If you are an organisation with a budget and staff, then I expect compensation for using my work. I also expect to be asked for permission to use my work; not only is it polite but my work is copyright. Not getting permission before you profit from another’s creative work is illegal in all but a few jurisdictions.
I do have open source projects you can build upon, expand, and share. Those are clearly marked.
Why mention this now? Another large UK newspaper used a photo without permission. They credited my name but did not ask permission or compensate me. And if I reproduce their work without permission – for profit? Would they remain silent?