Blogs

We are pleased to announce the addition of LimeSurvey to our library of available applications. LimeSurvey is a popular open-source survey application. It overs a variety of useful features. And it supports over 30 languages. The LimeSurvey team has provided an online demo. You may also create fully installed instances of LimeSurvey using the WebEnabled platform.

Well it's good times for WebEnabled. We've released our new dashboard this week. Along with this we've fixed about 50 bugs that have been found (oops). As the platform matures over the next 6-8 months we plan to slow down development cycles and give more time for testing and QA. Because we are an agile team it is hard to resist the temptation to release new goodies to our users almost daily.

With our 0.85 release we have a completely revamped Dashboard for all of our users. With this new Dashboard we did the following among other things:

1. Full width: The previous Dashboard was fixed width and severely limited the space we had to place pertinent information in the hands of our users. This allowed us to add more information since most screens are at least 1024 pixels wide nowadays.

"Congressional Web Site Defacements Follow the State of the Union"
- Praetorian Prefect
An interesting problem, that we as the US have, is our denial of Cyberwar - while this post isn't exactly about that, it's close. Last night during or after the President's State of the Union Address, several congressional websites were hacked by Red Eye Crew - Why is this of interest? According to Praetorian Prefect, they were all running Joomla!

One of the defaced sites. Source: Praetorian Prefect

A partial list of defaced sites (49 in total again, all Joomla) are:

On 12/17/2008 around 7:00 PM EST (according to some reports) , Twitter.com was hacked by a group claiming to be the Iranian Cyber Army. The actual attack was a DNS Hijacking (or DNS Poisoning) that resulted in Twitter Users being directed to a page of their choosing.

This old school defacement actually was conducted by 'hijacking' the sites DNS - how they accomplished this is still unknown, the fact is they did. What exactly is a DNS Poisoning or Hijacking?

In a recent Darkreading.com (http://tinyurl.com/yls9s92) article, a hacker by the name Ne0h has exposed a flaw in the Pentagon's public website. Ne0h demonstrated this attack on his blog posting - http://tinyurl.com/ye5847b.

Why this is important is simply as a reminder that even sites with multibillion dollar budgets can have problems. In the case of the pentagon this XSS while somewhat just a demonstration, is important because a flaw was discovered, and surely will lead many more people to try to attack.

Good day and welcome to my blog courtesy of WebEnabled. I'm Tom Canavan, author of the book Joomla! Web Security and web security specialist.

In a recent survey by the Computer Security Institute (http://tinyurl.com/yju2qe6) they found that 43% of the attacks were malware based. Code clearly bent on the destruction of your site.

Additionally both organized crime and terrorists have jumped on the CyberCrime bandwagon (http://tinyurl.com/ydm7wd4).

We are proud to announce that we now have support for Pressflow, Open Publish, Tattler, and Open Atrium in our application library.

Users can now start their own application based on any of these within seconds from their WebEnabled dashboard. This saves our users the time required to download, read an install file, and figure out how to get any of these Drupal based applications running.

In addition these applications are integrated directly into the WebEnabled platform for easy collaboration and development.

Welcome back! WebEnabled has finally gotten it's new design and you're looking at it right now. Let's revisit a little history.

Back in January we started out with almost nothing. I went to Colorado for a month and worked with our founder Salim to build a marketplace. A month later we had a nice shiny design and a new development platform build around building and selling templates. Unfortunately we didn't have any developers.

The Free plan at WebEnabled now allows you to build and host your production websites. Start by setting up your Drupal/Joomla/WP/Magento site under your free account. Next, select "manage domains" from the info page and add your production URL. Change your DNS "A" and "@" records to point to the IP address on your info page. Here are a few things to remember:

• Please use this low-traffic websites only... please host your media and big files somewhere else
• We don't do DNS: use a registrar that gives you free DNS (like Godaddy)
• We don't do email: use google.com/a to setup your free email, the free google apps edition is still available at http://www.google.com/a/cpanel/domain/new

Have fun!
Salim.