A colleague of mine pointed me out to Lynis, a system’s configuration audit tool which checks the hardening of any running UNIX or UNIX-like system, including the BSDs. This tool has a built in check list and a set of sane and safe configurations and compares them to the target system. As output we find several topics, from system discovery to suggestions for some … [Read more...]
How to harden Apache HTTP
Disclaimer: This is a long article. I haven’t collected some nice configuration settings here for the sake of it. There are other hardening guides but some fall short on explaining the functionalities to be enabled or disabled. Every step is shortly, and hopefully clearly, explained so any reader can grasp the main idea of every setting. Following the recommendations in here … [Read more...]
How to find vulnerabilities in your WordPress with WPScan
Vulnerability scanners are useful tools for administrators and security analysts alike. For the casual Wordpress user tools like WPScan may look excessive and complicated for their knowledge, they just need their blog, web page, whatever they’re doing up and running. Any complex administration bothers them to the max, and there are good and valid reasons for that. This is why … [Read more...]
How to install WPScan on FreeBSD
Vulnerability scanners are useful tools to find issues on systems, networks and the like. WPScan is dedicated to find vulnerabilities on Wordpress installations. A short tutorial as an introduction to the tool has been published here. So if you are interested on the tool and on FreeBSD, let’s dig on this how to install WPScan on FreeBSD. If you find the articles in … [Read more...]
How to mitigate DoS attacks with mod_evasive on FreeBSD
Denial of Service attacks or the distributed version of them (DDoS) have been growing throughout the years with their ups and downs. In my view the only thing that will happen to them is even bigger growth. With the advent of IoT devices the next decade will see an increase in these kind of attacks. Among the things users and administrators can do to prevent them is staying … [Read more...]