Giantpaper.org

Author: giantpaper

  • “I work at PetSmart. Ask me anything about our company, how we care for guinea pigs, or about guinea pigs in general.”

    Don’t buy animals at pet stores, folks.

  • Human name prejudice

    Human name prejudice

    I was on r/namenerds, and someone was asking “What do people mean when they say a name will sound “unprofessional” on a resume?” The answer? WELLLL….

    Comment
    byu/FriendAdditional from discussion
    innamenerds
    Comment
    byu/FriendAdditional from discussion
    innamenerds
    Comment
    byu/FriendAdditional from discussion
    innamenerds

    So…when HR managers pass over a resumé with a unique/”weird” sounding name—ex. Princess, Babygirl, etc, do they assume the person picked it themselves? Because 99.999999% (number I made up) of the time, they don’t. If anything, it’s more like poor judgement on the parents than the potential interviewee.

    Comment
    byu/FriendAdditional from discussion
    innamenerds
    Comment
    byu/FriendAdditional from discussion
    innamenerds

    And in some occasions, the name might seem “new” and “weird” but is probably an old, ethnic name.

    Comment
    byu/FriendAdditional from discussion
    innamenerds

    Right. You might not be able to take a surgeon named Buddy seriously. But when Buddy is the best surgeon in the facility and you need life-saving surgery ASAP, are you really going to reject him because he has a weird name??

    Comment
    byu/FriendAdditional from discussion
    innamenerds

    (Copypasted comment below:)

    Look at it this way:

    You are hiring a babysitter for your children. Are you more likely to choose Margaret or Crystal for the position? Assuming you haven’t met them, and are going off a similar resume of ‘no professional experience, but I have watched my younger sibling(s)!’

    You are choosing a doctor. Are you more likely to choose Dr. Jack Harrison, or Dr. Jadartha Agarwal

    Typically, people like names that are familiar to them. Even if you don’t care, others will let that subconscious bias influence them.

    u/Positive-Court

    You have to remember…most people don’t actually pick their own names.

    (Although I don’t understand the hate against Crystal. 🤷‍♀️)

    Also for some people, names are like our identities, so it’s not like we can just change it. (Heck, I hate my name, but I don’t think I could find one that sounds like “me”.)

  • “Activision Blizzard settles discrimination lawsuit for a fraction of its yearly earnings”

    Pfft, and here I was hoping this would hurt them a tiny bit, but nahhh.

  • Bot Fight Mode!

    Bot Fight Mode!

    Hey guys, remember this status where I mentioned GPORG’s 404 logs containing more traces of bots trying to find exploits than actual 404s?

    A few days ago, I found about 20+ 404s of very suspect URLs, from the same user agent, all within the span of a minute. And while this wasn’t the first time I found this many 404s from a single bot, it did make me think, hmmmmm, maybe I should think about doing something about these exploit finding bots?

    Disclaimer: I don’t work for Cloudflare and am not an affiliate. I’m just a happy user of their free plan.

    Then I remembered seeing something about a Bot Fight Mode in their settings somewhere.

    Firewall > Bots > check the box for Bot Fight Mode

    (There is a SUPER BOT FIGHT MODE, which I guess gives you control of how it fights bots? But I don’t know anything about it, since I’m only a free user and it’s not available to me.)

    So now my 404 logs are more like this:

    Notice that 8 hour gap in between the first two 404s??? 😱

    And in Cloudflare, Firewall > Overview:

    (There were 8 pages of this, btw. Most of them from the same bot.)

    So yeah, it’s working awesomely. 👍

    (And here, this is where I would mention alternatives for people who don’t use Cloudflare just to prove that I’m not trying to push people to sign up, but sadly, I don’t know of any. Sucuri, I guess?)

    Re: Country Blocking

    Also, on another note, notice that the country says United States? This is why I don’t believe in country blocking. Not only can the bad guys mask their location, folks from the “weird” countries (like Russia, China, India, etc) might be some normal people who just want to check out your site. And also, exploit finders can also legit be from the US (or Canada, or the UK, or Australia).

    Re: IP Address Blocking

    Folks might be wondering, why just not just block the IP address? IP addresses aren’t really that permanent:

    • They can change just by someone resetting the router.
    • Those of us privacy-minded folks who use VPNs, our IP addresses change whenever we connect to a server.
    • People who make it their life’s work to find exploits on people’s sites wouldn’t use a fixed IP address. So if I were block the one in the screenshot, it would work great for about a day (whenever bots switch IPs), then when the bot moves onto a new address, the old one (52.142.62.44) could end up with some poor shmoe, who is now blocked from my site even though they didn’t do anything wrong.

    For me, the answer to great WordPress security is:

    • using strong passwords (randomly generated 20+ character string of upper and lowercase letters, numbers and special characters) stored in a trusted password manager
    • 2FA if able
    • using reputable plugins and themes
    • removing unused plugins and themes
    • getting a good security plugin (I like WordFence, but I hear a lot of good things about Sucuri)

    ^Not a complete list, btw.

    – THE END –