Allow only Cloudflare IP’s using iptables & ipset
Firstly, apologies for the hiatus. The last few years has been insanely busy for me on a…
Firstly, apologies for the hiatus. The last few years has been insanely busy for me on a…
In this blog I will cover how you can use a Nagios plugin to automatically test your websites SSL security strength on a daily basis, and alert you when it drops below a certain score – thus increasing the likelihood of a security breach.
This blog entry is more of a ‘recipe’ for those who, like me, have to join Linux VMs (Centos 6.x and RHEL 7.x, in this case) to a Windows AD domain. Something I have no bloody idea about, being a Linux guy 🙂 But alas, I figured it out – see below for the how-tos!
Recently i’ve been on a bit of a tear with my infrastructure, moving from Apache to Nginx and migrating to new hardware (I moved from my beloved 25KG Fractal Define XL to a new mATX box that is 25% the size.. i call it ‘wife friendly infrastructure’!).
In my infrastructure of many ridiculous things, I use Opsview to monitor server temperatures (CPU/HDD/RAM), free space on my logical volumes, SMART status, RAID status and a few other things (systemd service status, etc). I then use Splunk Light to parse and display information gathered from logs for my web applications: ownCloud, Opsview, etc and also the logs forwarded from my router which handles port forwarding into the LAN (so i can see all the naughty port scanners..tsk tsk).
One thing I was always curious about was how could I get Splunk to analyse and interpret data generated by the Nagios (c) or Monitoring Plugins ran by software such as Opsview, Nagios, Icinga 2, or pretty much any monitoring tool out there.
So I recently became beyond-the-point of fed up with Apache2, it is slow and clunky and has been doing a shitty job recently of hosting my 7-8 virtualhosts (4 of which are SSL-enabled), so I thought i’d move them over to Nginx. Simple right? You’d think so, but…
Some of the directives in Apache dont map very nicely to Nginx, but there is a lot to love about Nginx (namely, its a LOT faster!). This guide is to show you how to migrate the trickier parts of your Apache configs to Nginx.
In this guide, I will show you how to configure your ownCloud server so that brute force attacks are one less thing to worry about. Not only will fail2ban block someone from having X number of failed login attempts to your ownCloud server, it will also notify you via pushbullet that an attempt has been blocked.
So lets begin!
This guide will show you a very quick and dirty way to use Fail2ban to prevent brute-force attacks on your Opsview Monitor 5.0 server. This should work the same for Opsview 4.x servers, but I havent tested it.
Fail2ban, for those who arent familiar, is “an intrusion prevention framework written in the Python programming language. It works by reading SSH, ProFTP, Apache logs etc.. and uses iptables profiles to block brute-force attempts.” (src: https://help.ubuntu.com/community/Fail2ban).
This blog will cover how to have 2 SSL (HTTPS) websites configured and running smoothly on the same Apache2 web server (which aint easy!).
This is a short and sweet guide, however its something that needs to be documented as it is extremely fiddly!
At home I have a few KVM-based virtual machines, and quite a few Docker containers running using internal networks that (by design) only the server and themselves can access.
This is all well and good and secure, however its a bit of a pain in the ass when you want to test things or even worse use them (without a plethora of routes, or having to NAT the hell out of everything…).