How to secure my webserver
Find the HOWTO or step-by-step guide that you need right here.
Find the HOWTO or step-by-step guide that you need right here.
This article is the first of two on cryptography basics using OpenSSL, a production-grade library and toolkit popular on Linux and other systems. (To install the most recent version of OpenSSL, see here.) OpenSSL utilities are available at the command line, and programs can call functions from the OpenSSL libraries. The sample program for this article is in C, the source language for the OpenSSL libraries.
When thinking about IT security, one area that may not readily come to mind is the physical security of an enterprise’s servers. It’s often thought that because the servers are behind lock and key and/or in a data center, and because the data is in continuous use, encrypting the server drives isn’t needed since the data is never at-rest.
By design, Ansible expresses the desired state of a machine to ensure that the content of an Ansible playbook or role is deployed to the targeted machines. But what if you need to make sure all the infrastructure changes are in Ansible? Or verify the state of a server at any time?
I think it’s safe to say that the need to frequently update the packages on our machines has been firmly drilled into us. To ensure the use of latest features and also keep security bugs to a minimum, skilled engineers and even desktop users are well-versed in the need to update their software.
Welcome back to this three-party journey to getting OpenLDAP up and running so that you can authenticate your Linux desktop machines to the LDAP server. In part one, we installed OpenLDAP on Ubuntu Server 18.04 and added our first LDAP entries to the directory tree via the Command Line Interface (CLI).
Back in the bad old days, setting up basic HTTPS with a certificate authority cost as much as several hundred dollars per year, and the process was difficult and error-prone to set up. Now we have Let's Encrypt for free, and the whole thing takes just a few minutes.
VNC stands for Virtual Network Computing. It is remote control software which allows you to view and fully interact with one computer desktop using a VNC viewer on another computer desktop anywhere on the LAN or Internet. There are many facets of ensuring your VNC is secure and this article shows you how to do it with a Linux (OpenSuse 10.3) server. This is a great step-by-step way to establish a quick secure way to access remote desktops with SSH.
Fork bombing attacks, like other dangers, can wreak havoc on a system if you aren't careful. Every angle that isn't covered could in fact be the most vulnerable resource to a potential cracker. Here you get a quick overview on what needs to be done to make the most of your protection: Limiting user processes is important for running a stable system. To limit user process just add user name or group or all users to /etc/security/limits.conf file and impose process limitations.
If you need to set up secure website connections, this HOWTO is what you need. IT's focused on Debian but will help no matter what distribution you may be using. This how-to is Debian specific but could be ported to other distributions since the concept is the same. In order to use TLS Extensions we have to patch and recompile apache2 and recompile OpenSSL with the enable-tlsext directive. If you are going to use this HOWTO, you may want to check out their "Perfect Debian" HOWTO as well.
Here, Peter Bieringer at The Linux Documentation Project goes over keeping remote access desktops secure with IPv6. Constantly updated, this is a great resource to keep in your bookmarks, as it is one of the most comprehensive HOWTO's you can find. Highly recommended for anyone looking to understand the in-depth world of IP.
Jeffery Douglas Waddell, from the Linux Documentation Project provides us with a comprehensive look at securing your booting stage with VPN capabilities. As he states in the beginning: For several years now, users at the Institution where I currently work part-time have expressed a need for a robust and secure connection to the internal network. The internal network actually has some clients that are on private networks and some clients that are Internet-routeable. Read on for the connecting quickly and securely.
Always a great and useful place for walk-throughs, How-TOS and more, How-to-Forge has yet another quality overview on setting up your platform. This time, it
This article is excerpted from The Official Ubuntu Book by Benjamin Mako Hill, Jono Bacon, Corey Burger, Jonathan Jesse and Ivan Krstic, copyright Prentice Hall. Reprinted with permission of Prentice Hall, all rights reserved.
This whitepaper lists the more useful PHP validation tools and explains how you can use them to increase the overall security of your Web applications.
Here are 20 things you can do to make your apache configuration more secure.
This article begins a series of three articles dedicated to configuring Apache 2.0 with SSL/TLS support in order to ensure maximum security and optimal performance of the SSL communication. This article, part one, introduces key aspects of SSL/TLS an
The Apache Software Foundation provides support for the Apache community of open-source software projects.
Some hints and tips on security issues in setting up a web server. Some of the suggestions will be general, others specific to Apache.
This document is an introduction to Transaction Signatures. This article concentrates on BIND, the de-facto standard implementation of DNS.
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.