A colleague of mine pointed me out to Lynis, a system’s configuration audit tool which checks the hardening of any running UNIX or UNIX-like system, including the BSDs. This tool has a built in check list and a set of sane and safe configurations and compares them to the target system. As output we find several topics, from system discovery to suggestions for some … [Read more...]
How to harden Apache HTTP
Disclaimer: This is a long article. I haven’t collected some nice configuration settings here for the sake of it. There are other hardening guides but some fall short on explaining the functionalities to be enabled or disabled. Every step is shortly, and hopefully clearly, explained so any reader can grasp the main idea of every setting. Following the recommendations in here … [Read more...]
How to find vulnerabilities in your WordPress with WPScan
Vulnerability scanners are useful tools for administrators and security analysts alike. For the casual Wordpress user tools like WPScan may look excessive and complicated for their knowledge, they just need their blog, web page, whatever they’re doing up and running. Any complex administration bothers them to the max, and there are good and valid reasons for that. This is why … [Read more...]
How to install Docker on Ubuntu 18.04
Operating System level virtualization is hitting hard now, as much as VM’s did just a few years ago. Docker is the popular framework for this matter, the new kid on the block so to speak. This is the hot spot now and if anyone wants to appear knowledgeable about system administration knowing this technology is the mandatory new subject to deal with. However is this technology … [Read more...]
How to use Fail2ban with WordPress
In a previous article we did an install of Fail2ban on a FreeBSD server. This tool can help us to protect our Wordpress install, independatly from if we are using the FAMP stack or the LAMP stack. As I mentioned on that article Fail2ban is a complementary tool to our firewall. It works by scanning log files and banning IPs suspicious activity reflected on those very logs. If … [Read more...]