Stay Ahead With Linux Security HOWTOs
How to Secure My Network
access control Linux administration
access control Linux administration Most SSH hardening advice ends at the same recommendation: Disable password authentication and use SSH keys. . That's good advice. It removes entire classes of attacks, including password spraying, credential stuffing, and brute-force attempts against exposed servers. The problem is what happens next. Many administrators treat SSH keys as the finish line when they are really the beginning of the hardening process. Attackers rarely care whether they obtained access with a password or a private...
Jun 05, 2026
How to Secure My Networksecurity advisory remote access
security advisory remote access Most of the time, nobody notices. SSH authentication succeeds, no alerts are generated, and the connection looks exactly the way it did the day the key was installed. That's part of the problem. . When security teams investigate unauthorized access on Linux systems, they often focus on passwords, exposed services, or vulnerable software. Trusted access receives less attention. Yet a single forgotten or unauthorized SSH key can provide the same access as a legitimate user while attracting very...
Jun 03, 2026
How to Secure My Networkintrusion detection application security
intrusion detection application security The wrong IPS rule can look like a security fix right up until it becomes an outage. . On Linux systems, detection and prevention are often discussed together, but they do not carry the same operational risk. One tells admins that something suspicious happened. The other can decide whether traffic is allowed to continue. That is why IDS vs IPS is not just a definition to memorize. It is a deployment decision about where to monitor, where to block, and how much confidence a team needs before...
Jun 01, 2026
How to Secure My Networkunauthorized access security techniques
unauthorized access security techniques Exposed SSH servers are continuously hammered by brute-force attacks, password spraying, credential stuffing, and recycled passwords from infostealer dumps. Attackers rotate usernames, test weak credentials, and probe for anything that gives them initial access. The logs usually look messy long before the compromise happens. . The difficult part is separating harmless failures from actual intrusion activity. One failed login from an internal workstation rarely matters. Repeated failures...
May 28, 2026
How to Secure My Networksecurity advisory incident response
security advisory incident response The first 30 minutes after discovering a compromised Linux server usually decide how much evidence remains available. One rushed reboot or cleanup attempt can wipe logs, terminate malicious processes, or remove network activity that investigators still need to review. Attackers also do not usually stay on one system for long once access is established. Early response is mostly about preserving visibility. Collect process information. Save network connections. Limit access carefully before...
May 28, 2026
Refine HOWTOs
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security HOWTOs
We found 5 articles for you...
163
apacheintegrationubuntuSetting Up ModSecurity 2 and OWASP CRS with Apache on Ubuntu 22.04 or 20.04
For those seeking to bolster their server’s defenses against web-based threats, understanding “How to Install Modsecurity 2 with Apache on Ubuntu 22.04 Jammy Jellyfish or its older stable release Ubuntu 20.04 Focal Fossa” is paramount. ModSecurity, a leading open-source web application firewall (WAF), seamlessly integrates with the Apache HTTP Server. . It offers real-time surveillance, logging, and access control, ensuring your web applications remain impervious to prevalent vulnerabilities. A significant component of its protective arsenal is the OWASP Core Rule Set (CRS), a meticulously curated set of rules by the Open Web Application Security Project (OWASP). This rule set is designed to counteract attacks, including SQL injection, cross-site scripting (XSS), and other notable OWASP Top Ten threats. Key Attributes of ModSecurity and the OWASP Core Rule Set : Real-time Surveillance : ModSecurity continuously monitors HTTP traffic, promptly identifying and neutralizing malicious requests. Detailed Logging : With its comprehensive logging and auditing capabilities, ModSecurity provides insights into security breaches and attack methodologies. Rule Flexibility : ModSecurity’s adaptability shines through its capacity to customize and modify rules, aligning with specific security needs. Anomaly Scoring System : The OWASP CRS adopts a scoring approach, assigning values to requests based on the gravity of detected threats, ensuring precise security configurations, and minimizing false alerts. This guide will elucidate the steps to integrate ModSecurity with Apache and deploy the OWASP Core Rule Set on Ubuntu platforms. By adhering to this guide, you’ll be poised to fortify your web applications against a spectrum of cyber threats. . Fortify your server's protection by implementing ModSecurity along with OWASP Core Rule Set on Ubuntu for superior web application safeguarding.. ModSecurity, Apache Configuration, Web Security, OWASPRules, Cyber Threats. . Brittany Day
Sep 29, 2023
•
How to Secure My Webserver
163
access controlapacheconfigurationConfiguring SELinux for Apache Web Server on RHEL-Based Systems
SELinux can make it a challenge to get newly installed or custom applications to run because it blocks them from having access to certain directories in the file system hierarchy. Instead of disabling SELinux, the better option is to configure the security system so applications and services can function as expected. This is especially important when you have an application or service that requires a nonstandard configuration. . Take, for example, the Apache web server. Apache on RHEL-based distributions defaults to the /var/httpd directory as the document root and ports 80 (for HTTP) and 443 (for HTTPS ) when installed. Admins who want to use a different directory and port for a website might opt for /srv as the document root and port 8080. Out of the box, SELinux denies those nonstandard options, so they must be configured to work properly. . Follow key steps to configure SELinux for Apache, ensuring it operates securely while adapting policies to meet application needs effectively. SELinux Configuration, Application Access Control, RHEL Security. . Brittany Day
Aug 11, 2023
•
How to Secure My Webserver
163
apachehardeningsecurity techniques20 Crucial Methods To Fortify Your Apache Configuration Security
Here are 20 things you can do to make your apache configuration more secure.. . Here are 20 things you can do to make your apache configuration more secure.. things, apache, configuration, secure. . Anthony Pell
Jun 16, 2006
•
How to Secure My Webserver
163
apacheconfigurationweb serverComprehensive Guide to SSL/TLS Configuration for Apache 2.0
This article begins a series of three articles dedicated to configuring Apache 2.0 with SSL/TLS support in order to ensure maximum security and optimal performance of the SSL communication. This article, part one, introduces key aspects of SSL/TLS an. . Explore the configuration of SSL/TLS for Apache 2.0 to bolster protection and optimize data exchange efficiency.. Apache Configuration, SSL Setup, Web Server Security. . Anthony Pell
Jan 19, 2005
•
How to Secure My Webserver
163
apacheopen-sourcesoftware developmentApache Software Foundation: Community Support For Open Source Initiatives
The Apache Software Foundation provides support for the Apache community of open-source software projects.. . The Apache Software Foundation provides support for the Apache community of open-source software pro. apache, software, foundation, provides, support, community, open-source. . Anthony Pell
Jan 10, 2005
•
How to Secure My Webserver
163
apacheweb serverbest practicesCrucial Security Strategies to Safeguard Your Apache Web Servers
Some hints and tips on security issues in setting up a web server. Some of the suggestions will be general, others specific to Apache.. . Some hints and tips on security issues in setting up a web server. Some of the suggestions will be g. hints, security, setting, server, suggestions. . Anthony Pell
Jan 10, 2005
•
How to Secure My Webserver
162
encryptionapachemod_sslStrong SSL/TLS Cryptography for Apache 1.3 Using OpenSSL
This module provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols by the help of the Open Source SSL/TLS toolkit OpenSSL, which is based on SSLeay from Eric. The link for this article located at mod_ssl is no longer available. . The link for this article located at mod_ssl is no longer available.. module, provides, strong, cryptography, apache, webserver, secure, sockets, layer. . Anthony Pell
Nov 29, 2004
•
How to Strengthen My Privacy
163
apacheopen sourceconfigurationEssential Configuration Steps for Securing Apache Web Server
This documentation will discuss the certain configuration steps that are needed to ensure the Web server's security.. . Enhance your Apache server's security and performance with crucial steps like updating, access restrictions, disabling listings, using firewalls, and SSL/TLS. Apache Security, Web Server Configuration, Security Steps. . Anthony Pell
Nov 29, 2004
•
How to Secure My Webserver
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More