Steve Madsen
Popular Sites with Apache mod_status Enabled

Earlier this week, Sucuri Security researcher Daniel Cid revealed that a very large number of popular sites expose their /server-status page to the world.

I was pretty sure the sites I run for myself and my customers were OK, but since paranoia is a good trait of a security-conscious techie, I double checked. Imagine my surprise when I found that one of my sites did the very same thing, as did one of my customer’s. Read More