Setting up Wifi for a Windows guest under VirtualBox

In the following video Erin demonstrates how to set up Wifi for a Windows guest under VirtualBox. 

When using a virtual machine under VirtualBox there can be issues with the guest operating system being unable to access a wireless network.  This tutorial shows how to solve this issue by creating an additional adapter and binding/attaching it to the NAT, followed by final configuration on the windows guest OS.


Killing a hung process from the Command Prompt

In the following demonstration Erin shows how to forcefully kill a process that is stuck in a stopping state.  In this video the printer spooler service is used as an example.

Key commands

tasklist – used to identify all running tasks and their associated PID numbers

taskkill /PID PIDNumber /f  – where PIDNumber is the process ID number identified. the /f forces the task to stop.


Enhance the security of your WordPress Admin portal with Cloudflare page rules

Cloudflare security levels

Cloudflare has a number of features that allow it to fend off attacks against the plague of bot nets crawling the internet.  These bots look for security vulnerabilities or attempt to deny service by simply overloading web hosts and servers, either knocking them off the internet completely or degrading their performance enough to slow them down and make them essentially unusable.

Brute force password hacking attempts are one such common attack and Cloudflare provide differing security levels in it’s options for your website.  Those security levels are essentially off, low, medium, high, and the ‘i’m under attack!’ mode.  In a recent attack observation I found that on free plans this ‘i’m under attack!’ mode is not engaged automatically (at least in one case) and requires someone to manually enable it for this to be effective.

So what does the ‘i’m under attack!’ mode do? Well, like the name suggests it is most appropriate for use when your website is under a DDoS or other attack.  Essentially it weeds out automated malicious bot traffic by testing to see if a visitor is a human or a machine.  One of the key ways it checks for this is by showing an interstitial page to all visitors and delays entry for around five seconds and checks the visitor for Javascript and cookie capabilities.  If the visitor has these disabled then the connecting machine is considered to be a bot and immediately blocked.  Exceptions are in place for search engines so they don’t get blocked due to this enhanced security.  In my limited testing with this mode enabled I have found it to be completely effective against brute force attempts on my login pages.  My usual server side logs that would show a multitude of login attempts are virtually empty with the blocking being performed at the edge prior to hitting my web server.

Page rules for the WordPress admin portal login pages 

The ‘i’m under attack!’ mode is highly effective and you can leave it on permanently across the board to protect an entire website.  However, this is going to delay visitor entry and will turn away a proportion of visitors that are simply not prepared to wait that five seconds for all security checks to be completed.  One train of thought would be to provide this protection only on the WordPress admin login pages.  These pages are a common target and could do with an extra layer of protection.  Cloudflare has the answer and it’s called Page Rules.  Cloudflare page rules let you manipulate incoming traffic to do a number of things such as enforce SSL, modify caching, or as we are looking at in this case change the security level.

Continue Reading