Responsive Theme, New Design

The time came to bite the bullet, to ford the stream, to jump the shark, to mangle the metaphor.  The time came to make my website look like something you’d expect from a professionally designed website.  I’d been puttting that off for a long time, but now it’s done.

The site’s theme is based on a free, fully responsive Drupal theme, Professional Theme.  The base theme was very close to my target. I made a few changes to the typography, substituting Open Sans for Droid Sans, modified some of the colors, and not much more.   This is an example of the efficiency that comes from leveraging the Drupal community.

What do you think? Seriously, I’d like to know.  Is the message clear? Is ithe site easy to read and navigate?  Do you sense any call to action?  Please use the comments feature to give me the good and bad.


Security is Local, the Bad Guys are Global

This server is a very small fish in a very big pond.  This morning, some guy in Vietnam (or some bot running through an IP address there) decided to see if it could hack in by throwing a lot of different login and overrun attempts at the web service.  I have a reasonable set of firewalls between the system and the ‘net, but when you have a web server, you have to keep that port open.  The solution requires real-time analysis and action based on the traffic coming in to the web server.  I’m a little guy and commercial software to do that is expensive.  But there’s a powerful, free, open source solution, OSSEC.

OSSEC is an intrusion detection system and, right out of the box (if it came in a box), it fields an impressive array of analytic tools. It’s default mode is “watch and notify”.  I’ve had it set up that way for several months — that’s how I knew about the attack coming from Vietnam.  After this morning’s event, I’ve changed the mode to “watch, notifiy, and respond”.  OSSEC now has the ability to (temporarily) modify system parameters.  In this specific case, it would have blocked access from the specific IP address(es) running the attack. 

My little server is plugged into a stream that leads to the entire world.  Just like the ecosystem of the Great Lakes is under threat from some fish that can swim up the Mississippi, that little stream both brings opportunity and danger.  It’s necessary to be ready to handle both.