Please enable JavaScript to view this site.
InfoSec Weblog
ModSecurity
ModSecurity is a web application firewall. I'll say up front that caution must be exercised with ModSecurity. Many of the OWASP rules interfere with scripts and break websites. Unless you use it sparingly and judiciously, you're better off without it. (Note: Instead of ModSecurity, the Fail2Ban (cont'd)
* posted by Robert on Sun, Jul 17, 2022
Sysctl.conf for Security and Performance
The /etc/sysctl.conf file is a configuration file that is used to modify kernel parameters in the Linux operating system. See SSLHOW for an explanation.
The sysctl.conf file can be configured to protect (cont'd)
The sysctl.conf file can be configured to protect (cont'd)
* posted by Robert on Sun, Jul 17, 2022
Anti-Spoofing Controls for Email
Anti-spoofing tools are designed to help prevent a spammer/hacker from sending spoofed email, disguised as coming from your website.
Sender Policy Framework (SPF) is a DNS text entry that shows the list of servers allowed to send mail for a (cont'd)
Sender Policy Framework (SPF) is a DNS text entry that shows the list of servers allowed to send mail for a (cont'd)
* posted by Robert on Thu, Jul 14, 2022
Reverse IP Lookup
Some websites have a dedicated IP address, while others share a server and even an IP address with many other sites. There is a facility called a
One such service is (cont'd)
reverse IP lookupthat allows you to discover this information.
One such service is (cont'd)
* posted by Robert on Thu, Jul 14, 2022
Scan Any Website for Viruses
VIRUSTOTAL has an excellent tool designed to
![]()
(cont'd)
Analyze suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community.
* posted by Robert on Tue, Jul 12, 2022
Test Your SSL Configuration
Qualys Labs provides an excellent service for testing your website's SSL configuration. The testing tool is found at https://www.ssllabs.com/ssltest/.
The testing results for WebTracker.one shows the following (cont'd)
The testing results for WebTracker.one shows the following (cont'd)
* posted by Robert on Mon, Jul 11, 2022
HTTP Response Headers
HTTP response headers can protect your website against attack. Here are the response headers that I consider to be the most important.
The Strict-Transport-Security HTTP response header lets a website tell browsers that it should only be (cont'd)
The Strict-Transport-Security HTTP response header lets a website tell browsers that it should only be (cont'd)
* posted by Robert on Sun, Jul 10, 2022
Fail2Ban - Stop Resource Theft
In a previous article, I spoke about using Fail2Ban to ban the IPs of bots abusing your site. In that case, they were generating errors that show in /var/log/apache2/error.log. But what about bots using your resources, and not generating (cont'd)
* posted by Robert on Sat, Jul 09, 2022
Login Protection
You already have a username and password for login.php or php-enabled login.html. What else can you do? You can limit the login script to your IP address. Anyone logging in from an IP address other than yours will get a dead page. Simply add this line of code to your PHP (cont'd)
* posted by Robert on Sun, Jul 03, 2022
Protect Your Website with Fail2Ban
Hackers are always pounding away at the door of your website attempting to break in. A weak password here. Misconfigured code there. An unpatched system, whatever they can find, they will use to force their way in. They may want your site to blast out spam email or to mine crypto (cont'd)
* posted by Robert on Sun, Jul 03, 2022
1 2
