Security

Want to support HowtoForge? Become a subscriber!
 

Chrooting Apache2 With mod_chroot On OpenSUSE 12.2

Chrooting Apache2 With mod_chroot On OpenSUSE 12.2

This guide explains how to set up mod_chroot with Apache2 on an OpenSUSE 12.2 system. With mod_chroot, you can run Apache2 in a secure chroot environment and make your server less vulnerable to break-in attempts that try to exploit vulnerabilities in Apache2 or your installed web applications.

Adding Two-Factor Authentication To OpenVPN AS With The WiKID Strong Authentication Server

Adding Two-Factor Authentication To OpenVPN AS With The WiKID Strong Authentication Server

Pairing WiKID with two-factor authentication and OpenVPN AS is a great cost-effective solution to secure your network for minimal expense. I downloaded the RPM Version of OpenVPN Access Server and dropped the RPM onto a Centos VM. I had previously configured a WiKID two-factor authentication server using our Enterprise ISO. The OpenVPN server configures itself on install and directs you to change the password for the openvpn user and directs you to the Openvpn AS web interface.

Managing Multiple MySQL Servers From One phpMyAdmin Installation (Using SSL Encryption)

Managing Multiple MySQL Servers From One phpMyAdmin Installation (Using SSL Encryption)

This tutorial explains how you can manage multiple MySQL servers from one phpMyAdmin installation. For security reasons, communication between phpMyAdmin and any remote MySQL server is using SSL encryption (this is not necessary for a local MySQL server since communication between phpMyAdmin and MySQL is not leaving the server). phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL over the World Wide Web. phpMyAdmin supports a wide range of operations with MySQL.

Using Fail2ban To Block Wrong ISPConfig Logins

Using Fail2ban To Block Wrong ISPConfig Logins

In this tutorial, we'll write an ISPConfig plugin to log failed logins to syslog, filter those entries using rsyslogd and add a fail2ban rule to block malicious users' IPs.

Chrooting Apache2 With mod_chroot On Debian Squeeze

Chrooting Apache2 With mod_chroot On Debian Squeeze

This guide explains how to set up mod_chroot with Apache2 on a Debian Squeeze system. With mod_chroot, you can run Apache2 in a secure chroot environment and make your server less vulnerable to break-in attempts that try to exploit vulnerabilities in Apache2 or your installed web applications.

nginx: How To Block Exploits, SQL Injections, File Injections, Spam, User Agents, Etc.

nginx: How To Block Exploits, SQL Injections, File Injections, Spam, User Agents, Etc.

This short article explains how you can block the most common exploits, SQL injections, file injections, spam and user agents used by hackers and bandwidth hoggers from your nginx vhosts with some simple configuration directives. This configuration is far from being complete, but it's a good starting point. You will have to watch your logs for attempted break-in attempts and then try to modify/complete the ruleset.

How To Integrate ClamAV Into PureFTPd For Virus Scanning On Ubuntu 12.04

How To Integrate ClamAV Into PureFTPd For Virus Scanning On Ubuntu 12.04

This tutorial explains how you can integrate ClamAV into PureFTPd for virus scanning on an Ubuntu 12.04 system. In the end, whenever a file gets uploaded through PureFTPd, ClamAV will check the file and delete it if it is malware.

Configure An Email Gateway With Scrollout F1 Anti-Spam & DLP

Configure An Email Gateway With Scrollout F1 Anti-Spam & DLP

An email gateway (a.k.a. firewall) is a machine (physical or virtual) installed between Internet and the email server. Its primary role is to protect the email server by filtering incoming messages, via SMTP protocol, from Internet. Secondary, an email gateway may be used as an outgoing gateway in case you want to add some new email features which are not provided by older email servers. For instance, Exchange 2000 or 2003 has no DKIM signing and verification service – a quality improvement for message delivery. This tutorial shows how to configure an email gateway with the Scrollout F1 email gateway.

Basic configuration covered by video tutorial.

Creating Encrypted FTP Backups With duplicity And duply On Debian Squeeze

Creating Encrypted FTP Backups With duplicity And duply On Debian Squeeze

When you rent a dedicated server nowadays, almost all providers give you FTP backup space for your server on one of the provider's backup systems. This tutorial shows how you can use duplicity and duply to create encrypted (so that nobody with access to the backup server can read sensitive data in your backups) backups on the provider's remote backup server over FTP. duply is a duplicity wrapper script that allows us to use duplicity without interaction (i.e., you do not have to type in any passwords).

ProFTPd: Enabling/Disabling TLS Based On User Or Group

ProFTPd: Enabling/Disabling TLS Based On User Or Group

FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure. While this is a good thing, not all FTP clients support TLS. This article explains how to enable or disable TLS in ProFTPd based on the FTP user or group.

first page
previous page
4
...
next page
last page
XML feed
"Facebook" is a registered trademark of Facebook, Inc. All rights reserved.