Due to DigitalOcean not releasing ready to use images for FreeBSD 13 at this time, and since I opened a ticket a couple of months ago without a strong positive message from DigitalOcean supporting FreeBSD 13, I’ve decided to make use of their custom image upload service and give it a go. I must say […]
How to upload a FreeBSD custom image on DigitalOcean
Lynis or how to quickly audit your system’s security configuration
A colleague of mine pointed me out to Lynis, a system’s configuration audit tool which checks the hardening of any running UNIX or UNIX-like system, including the BSDs. This tool has a built in check list and a set of sane and safe configurations and compares them to the target system. As output we find […]
How to install Fail2ban on FreeBSD
Fail2ban is a complementary tool to your firewall. It works by scanning log files and bans IPs which present suspicious activity such as failed logins. It is compatible with many UNIX-like systems and is a security tool to have in your arsenal. It can filter not only ssh logins, but other services too, for example […]
How to configure Modsecurity 3 for WordPress on FreeBSD
A few weeks ago I wrote a guide on how to install Modsecurity 3 on Apache HTTP for the FreeBSD operating system. However there’s a catch with that setting and with Modsecurity in general. As good as it is as a WAF you need to at least adjust its configuration to the tool one pretends […]
How to securely install WordPress on FreeBSD
If you have already read my guide on how to install WordPress on FreeBSD you will have been a bit disappointed since at the end there is a deceptive paragraph that reads as follows: Now be aware you will set a user name and password for your wordpress install. They will be sent in plain […]
How to patch OpenSSH in FreeBSD 12.2
The default version of OpenSSH in FreeBSD 12.2 today, and it’s been this for quite some time, is not the most recent published by the OpenBSD guys, which by the way are the ones developing OpenSSH. Not only is not the latest but it has a few vulnerabilities affecting it, medium risk ones but nevertheless […]
How to set Apache’s MPM Event and PHP-FPM on FreeBSD
As explained in another article the default Apache’s configuration at compile time sets its multi-processing module (MPM for short) to the pre-fork configuration setting. This is not the best performant configuration for Apache. Out of the box Apache comes compiled in its safest form, from the processing mode perspective since the pre-fork setting will open […]
How to install Apache in FreeBSD with ports
Or better said, how to install Apache the hard way. As mentioned before and many other times FreeBSD has two ways to install software. The easy one which is provided by the pkgng tool. And the not so easy one, ports. With ports you compile the programs and you can set the options the way […]
Symbolic and Hard Links in UNIX and Linux
Symbolic and Hard Links are useful ways to reference to information on a disk, both found in UNIX and Linux systems. While they seem similar in the surface they are quite different in how they work and it what can be achieved when using them. If you find the articles in Adminbyaccident.com useful to you, […]
How to detect a WAF – Web Application Firewall
From a penetration testing perspective to identify if a Web Application Firewall (WAF) is in place is essential. The next question is, does an administrator need to know this? My view is, anyone who is in charge of any system that has implemented some sort of WAF needs to verify this tool is working, at […]