Web web security Application - Alberto

[eldi]

Position: Web developer or Web security

Do you understand that Wildfire Games is a non-commercial project, work for 0 A.D. is volunteer, and work is done for free?
Yes

Do you agree to distribute all your work for Wildfire Games under Creative Commons Attribution Share-Alike license?
Yes

Name:Alberto Revilla
Email: alberto_revilla@outlook.es
Location: Spain
Availability: 57 hours / week
Age: 16 years
Occupation:Informatics pentester study and work in a company building websites . (this happens very occasionally take when making a website and usually Spend some time ) ( The time I think I can take this and I have taken off the question above "Availability")

Skills and experience

3 years finding and correcting vulnerabilities future vulnerabilities in major CMS and websites without CMS.
Knowledge of web language ( HTML , CSS and PHP).
Knowledge of Programming Game Maker games ( programming language : GML ) .
I have four years creating websites for personal use ( usually to manage databases) .
Native language Spanish .

Motivation:
I like and I enjoy , so I 'm still learning .
Personality:
Curious.

Short Essay:
How and when did you find out about Wildfire Games?:

1 week ago . Watching videos of a channel to which I subscribe.

What motivates you to be a part of the project? :I see future in this project and is a game that I love.

What do you seek to gain in being a part of Wildfire Games?: Experience, learn new things and have fun

Interests and Hobbies:
Software, Games for PC and Playstation 3, Football, The walking dead and The 100.

Favorite Game:
What's your favorite game at the moment?: Attila total war

What about your overall favorite?Medieval total war

Work Examples:
I can not show anything about the work I've done that I have permission from the company and is confidential and sensitive information but I can give some safety tips:

• Let not everyone can view the contents of robots.txt (Logs of IRC chat: http://wildfiregames.com/meetinglogs/)
• Always protect all directories, not half (http://wildfiregames.com/~art/history/carthaginians[CENSURED]) [You could put all the URL but it's clear this: DO NOT HOTLINK !! OUTSIDE OF WFG !!
  for staff only]
• Eliminate the readme.html (http://play0ad.com/readme.html)

Edited April 1, 2015 by eldi

[implodedok]

• Let not everyone can view the contents of robots.txt (Logs of IRC chat: http://wildfiregames.com/meetinglogs/)
• Always protect all directories, not half (http://wildfiregames.com/~art/history/carthaginians[CENSURED]) [You could put all the URL but it's clear this: DO NOT HOTLINK !! OUTSIDE OF WFG !!

  for staff only

  ]
• Eliminate the readme.html (http://play0ad.com/readme.html)

Hi eldi,

I think there's something you're not getting. Wildfire Games / 0 A.D. is an open organization, community-driven and open-source project. Almost everything involving the project is transparent and available to the public - on purpose.

We are aware that the meetinglogs are referenced in robots.txt. They are no secret. The meetings are held every sunday evening (GMT) in #0ad-staff on irc.quakenet.org and everyone is welcome to be there and contribute. The reason why they're in robots.txt is because we don't want gamers searching for details about 0 A.D. ending up there, because it's a developer resource.

The old art directories you mentioned are online for posterity and reference. Somehow they've also made it onto Google, which I guess shouldn't be the case. I bet the main reason why there's a notice about no hotlinking is because back then, the project wasn't open-source. Either that, or there's doubts about the copyrights of some of the images. Either way, it's also not a secret (else you probably wouldn't have found it so easily ;-)).

As for the Wordpress readme.html, that's also publicly available data, so nothing we care to hide. I know common advice is to delete it, to supposedly hide the version of Wordpress better, but this does not matter. Please see this page: http://www.wpwhitesecurity.com/wordpress-security/hide-wordpress-version-does-it-matter/

[eldi]

Hi eldi,

I think there's something you're not getting. Wildfire Games / 0 A.D. is an open organization, community-driven and open-source project. Almost everything involving the project is transparent and available to the public - on purpose.

We are aware that the meetinglogs are referenced in robots.txt. They are no secret. The meetings are held every sunday evening (GMT) in #0ad-staff on irc.quakenet.org and everyone is welcome to be there and contribute. The reason why they're in robots.txt is because we don't want gamers searching for details about 0 A.D. ending up there, because it's a developer resource.

The old art directories you mentioned are online for posterity and reference. Somehow they've also made it onto Google, which I guess shouldn't be the case. I bet the main reason why there's a notice about no hotlinking is because back then, the project wasn't open-source. Either that, or there's doubts about the copyrights of some of the images. Either way, it's also not a secret (else you probably wouldn't have found it so easily ;-)).

As for the Wordpress readme.html, that's also publicly available data, so nothing we care to hide. I know common advice is to delete it, to supposedly hide the version of Wordpress better, but this does not matter. Please see this page: http://www.wpwhitesecurity.com/wordpress-security/hide-wordpress-version-does-it-matter/

I spoke to him from my experience you can say or do what you want , I only tried to help.