Posts Tagged ‘Web Hosting And Web Servers’
Enable 2FA with SSH Connection
If you don’t know, I’m a big fan of two-factor authentication. I often talk about it integrated into your web applications access points, like wp-admin in WordPress and administrator in Joomla, but in this post I’m going to talk about leveraging it with your SSH connections. When configuring your server access points it’s important you…
Read MoreCurious to See a DDOS in Action?
I’ve always wondered what a Distributed Denial of Service (DDOS) really looks like. Fortunately, there is now this pretty awesome video illustration of what it looks like:
Read MoreWordCamp Miami 2013: WordPress Website Security
I’ll be in Miami this weekend, for WordCamp Miami 2013, giving a new, updated talk on Website Security. Come by and say hi if you’re around — If you’re not, no problem, I’ve included my slides below in this post for your reference. My talk is titled Staying of the Website Threats and Becoming One…
Read MoreOSSEC For Website Security: Part I
OSSEC HIDS is my preferred host-based intrusion detection system (HIDS). I have to admit I am a bit partial to it because my good friend Daniel Cid built it and sold it to Trend Micro / Third Brigade back in 2008. I have what many don’t have, that’s the ability to pester Daniel until he…
Read MoreOSSEC Agent to Server Connection Issues
So naturally, as of late, I have found myself doing more than I probably need to on my servers and in the process causing more headaches then required. One of those issues has been with the communication between my agents and the mother-ship (command control) server with my OSSEC installs. For more details information, be…
Read MoreBasic Access Authentication: Protection Against Automation
I wrote an article recently talking to the use of Basic Access Authentication to help harden your administrator panel. I have been monitoring my logs to see how it protects and this is what I found:
Read More