As explained in another article the default Apache’s configuration at compile time sets its multi-processing module (MPM for short) to the pre-fork configuration setting. This is not the best performant configuration for Apache. Out of the box Apache comes compiled in its safest form, from the processing mode perspective since the pre-fork setting will open […]
How to set Apache’s MPM Event and PHP-FPM on FreeBSD
How to compile cloudflared in FreeBSD 13/14
I happen to self-host my websites using Cloudflare’s services (article 1, article 2). Since the FreeBSD port seems to be delaying its releases and Cloudflare’s policy on maintaining versions only considers 1 year old code, in an act of prevention I have learnt, and I am publishing, how to compile cloudflared in FreeBSD. Note: At […]
How to configure a Virtual Host in Apache
You may have just one website and that is ok. If that is your case you can avoid this entire chapter. But some of you may also have several websites. And quite probably you want to use one single public ip to resolve all the domains you have. The Apache documentation is the main resource […]
Web credentials stealing
The theft of credentials has been occurring since almost the beginning of time. But of course when the web ‘happened’ and specially when e-commerce exploded stealing passwords also went on the rise. Emptying bank accounts, ordering stuff on behalf (and expenses) of others, spying, even impersonation was and is achieved by stealing credentials. Luckily for […]
How to mitigate DoS attacks with mod_evasive on FreeBSD
Denial of Service attacks or the distributed version of them (DDoS) have been growing throughout the years with their ups and downs. In my view the only thing that will happen to them is even bigger growth. With the advent of IoT devices the next decade will see an increase in these kind of attacks. […]
How to replace a disk on a ZFS mirror pool
It’s happened to me, it’s happened to you, it’s happened more than one million times and it will still happen in the future. You run out of disk space or a disk fails. Nowadays you are using ZFS, and instead of having a fancy RAIDZ, because you still don’t need it, you are using a […]
How to use Fail2ban with WordPress
In a previous article we did an install of Fail2ban on a FreeBSD server. This tool can help us to protect our WordPress install, independatly from if we are using the FAMP stack or the LAMP stack. As I mentioned on that article Fail2ban is a complementary tool to our firewall. It works by scanning […]
How to install OSSEC server on Ubuntu
OSSEC is a host-based intrusion detection system (HIDS). It is specially well known for monitoring files that shouldn’t change on a system (such as critical system files, or binaries, etc) and warning administrators (or anyone you’d like) about those issues. But it does more such as rootkit detection and log analysis with a dedicated engine. […]
How to install Suricata on FreeBSD
Suricata is a free, open source, Intrusion Detection System software, or IDS for short. But it can also act as an Intrusion Prevention System, or IPS. It works by finding patterns using heuristics typically from network traffic. When configured to just warn about suspicious activity it is called an IDS, however when it blocks the […]
How to install MariaDB in FreeBSD
MariaDB is a derivative from the world-famous enterprise class MySQL database. The MySQL founder is Michael Widenius, also known as Monty. He created the project, it worked out for some time, it caught Sun’s attention and they bought it. Then Oracle bought Sun and knowing Larry everyone left running without looking what was left behind. […]