close

Slick­Stack

January 2025 promo! Join our Discord free of charge.

Slick­Stack
Lightning-fast WordPress on Nginx

can LittleBizzy “takeover” my SlickStack server remotely?

  • This topic is empty.
Viewing 13 posts - 1 through 13 (of 13 total)
  • Author
    Posts
  • #26940
    Patricia
    Guest

    because of recent events with WordPress.org and Automattic stealing the plugins from WP Engine I’m wondering if my SlickStack server is protected from any remote takeovers or hacking by LittleBizzy if they suddenly chose to do that.

    #26941
    Douglas
    Guest

    as in, hack into your server SSH/WP Admin?

    #26942
    Christopher
    Guest

    Yes technically LittleBizzy could maliciously alter the bash scripts hosted on GitHub and do things to hundreds of SlickStack servers if they wanted to but it would be publicly documented since all the SlickStack code is open source.

    If you are paranoid and want to turn off remote updates of bash scripts, you can simply remove the sections from the root crontab that you don’t want to run automatically.

    #26943
    Lori
    Guest

    If you are paranoid and want to turn off remote updates of bash scripts, you can simply remove the sections from the root crontab that you don’t want to run automatically.

    Or fork the scripts you want to run automatically and update the URLs in the root crontab or ss-functions so they pull from your own repo instead of ours.

    #26944
    Mark
    Guest
    #26945
    Walter
    Guest

    very interesting… theoretically which lines would I change

    #26947
    Sara
    Guest

    Little Bizzy can take me over anytime they want 🫦

    #26965
    Jacob
    Guest

    keep in mind that SlickStack.io and LittleBizzy.com also run on vanilla SlickStack directly from GitHub so any malicious code we might “add” to the codebase would also negatively affect our own websites and clients too.

    #26966
    Barbara
    Guest

    very interesting… theoretically which lines would I change

    remove this entire section from your root crontab, if you want to prevent GitHub / LittleBizzy from ever becoming supervillains and taking over your SlickStack server:

    ####################################################################################################
    #### E. Crontab: Self-Healing (Repairs Cron Jobs) ##################################################
    ####################################################################################################
    
    ## this will reinstall SlickStack cron job files in case they are missing or damaged ##
    ## it is not foolproof so running ss-install occassionally is recommended ##
    
    MAILTO=""
    
    47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/01-cron-minutely https://slick.fyi/crons/01-cron-minutely.txt' > /dev/null 2>&1
    47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/02-cron-often https://slick.fyi/crons/02-cron-often.txt' > /dev/null 2>&1
    47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/03-cron-regular https://slick.fyi/crons/03-cron-regular.txt' > /dev/null 2>&1
    47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/04-cron-quarter-hourly https://slick.fyi/crons/04-cron-quarter-hourly.txt' > /dev/null 2>&1
    47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/05-cron-half-hourly https://slick.fyi/crons/05-cron-half-hourly.txt' > /dev/null 2>&1
    47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/06-cron-hourly https://slick.fyi/crons/06-cron-hourly.txt' > /dev/null 2>&1
    47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/07-cron-quarter-daily https://slick.fyi/crons/07-cron-quarter-daily.txt' > /dev/null 2>&1
    47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/08-cron-half-daily https://slick.fyi/crons/08-cron-half-daily.txt' > /dev/null 2>&1
    47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/09-cron-daily https://slick.fyi/crons/09-cron-daily.txt' > /dev/null 2>&1
    47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/10-cron-half-weekly https://slick.fyi/crons/10-cron-half-weekly.txt' > /dev/null 2>&1
    47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/11-cron-weekly https://slick.fyi/crons/11-cron-weekly.txt' > /dev/null 2>&1
    47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/12-cron-half-monthly https://slick.fyi/crons/12-cron-half-monthly.txt' > /dev/null 2>&1
    47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/13-cron-monthly https://slick.fyi/crons/13-cron-monthly.txt' > /dev/null 2>&1
    47 */3 * * * /bin/bash -c 'sleep $((RANDOM % 300)) && wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/14-cron-sometimes https://slick.fyi/crons/14-cron-sometimes.txt' > /dev/null 2>&1
    53 */3 * * * /bin/bash -c 'chown root:root /var/www/crons/*cron*' > /dev/null 2>&1
    53 */3 * * * /bin/bash -c 'chown root:root /var/www/crons/custom/*cron*' > /dev/null 2>&1
    53 */3 * * * /bin/bash -c 'chmod 0700 /var/www/crons/*cron*' > /dev/null 2>&1
    53 */3 * * * /bin/bash -c 'chmod 0700 /var/www/crons/custom/*cron*' > /dev/null 2>&1
    
    ## new line to avoid conflicts ##
    #26969
    Alice
    Guest

    you could also prevent ss-check and ss-worker from ever running, since those 2 scripts also retrieve updates from GitHub.

    you would do that by editing your cron files under /var/www/crons/ and removing any instances from the cron job files that run those 2 scripts.

    for example:

    https://github.com/littlebizzy/slickstack/blob/master/crons/02-cron-often.txt

    ####################################################################################################
    #### C. 02-Cron-Often: Validate (Repair) SS-Check + SS-Worker ######################################
    ####################################################################################################
    
    ...

    and source "${PATH_SS_CHECK}" … instances, etc.

    #27099
    Alan
    Guest
    #27172
    Daniel
    Guest
    #27356
    Samantha
    Guest

    I blame Matt Mullenweg for you feeling you had to post something like this!!!

Viewing 13 posts - 1 through 13 (of 13 total)
Reply To: can LittleBizzy “takeover” my SlickStack server remotely?

Thanks to our generous sponsors for their support!