ModSecurity is a Web Application Firewall that protects your website from hacking attacks. It is Open Source and free to use. It can be used with webservers like Apache, Nginx, and IIS. To install ModSecurity with Nginx, we need to compile the ModSecurity Nginx module and activate it in the Nginx configuration file. Install the […]
There are 3 ways to whitelist an IP address in ConfigServer Security & Firewall (csf). Whitelisting an IP address will allow the IP address to access all ports on the server including any closed ports. For example, you can block SSH port 22 on the server. Then add your IP address to the whitelist, now […]
Endlessh is an open source SSH trapit. It send slow random banner string to attacker, wasting their time. Before you install endlessh, you need to change your SSH port to a higher non default port. To do this edit
|
1 |
vi /etc/ssh/sshd_config |
Find
|
1 |
Port 22 |
Replace with
|
1 |
Port YOUR_NEW_PORT_HERE |
If the line is commented with #, uncomment it. Now […]
Due to changes in Apple, Mozilla and Google Root Store Policies, as of September 1, 2020, newly issued SSL/TLS certificates with a validity period greater than 13 months (397 days) are prohibited by policy and will not be trusted. https://www.globalsign.com/en/blog/maximum-ssltls-certificate-validity-now-one-year https://blog.mozilla.org/security/2020/07/09/reducing-tls-certificate-lifespans-to-398-days/ […]
Online Malware Scanner for websites Scan a folder with clamscan maldet https://opentip.kaspersky.com https://sitecheck.sucuri.net Tools https://remnux.org/ Forums http://www.virusinfo.info http://www.rootkit.com http://www.gmer.net Blogs https://www.securelist.com/en/threats/detect?chapter=83 http://www.youtube.com/watch?v=Q5cT3YHKVsY […]
If your web site is hacked and infected by malware, Google Safe Browsing can block your web site with red warning. If this happens, you need to clean your web site. If your web site have lot of files, cleaning become hard as hacker can hide his files in any of these files. Manually verifying […]
Here is few web sites where you can check your SSL certificate is installed properly. https://www.ssllabs.com/ssltest/ https://cryptoreport.websecurity.symantec.com/checker/ https://sslanalyzer.comodoca.com/ See SSL […]
Tripwire is a data integrity tool for monitoring and alerting file and directory changes. https://github.com/Tripwire/tripwire-open-source To install, run
|
1 |
yum install tripwire |
Generate keys Run
|
1 |
tripwire-setup-keyfiles |
This ask you to enter password. Creating Database
|
1 |
tripwire --init |
You need to edit file
|
1 |
vi /etc/tripwire/twpol.txt |
customise it for your system or you may get file/directory not found errors. Checking for changes
|
1 |
tripwire --check |
[…]
ModSecurity is a Web Application Firewall. Protect sites from SQL injection and Application level hacking. Install ModSecurity on Debian Install Nginx ModSecurity on CentOS 7 Disable ModSecurity for a specific URL To install ModSecurity on Ubuntu/Debian with Apache, run
|
1 |
apt install libapache2-mod-security2 -y |
verify Apache module is installed with
|
1 |
apachectl -M | grep security |
Enable config file
|
1 |
mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf |
Update config
|
1 2 |
sed -i "s/SecRuleEngine DetectionOnly/SecRuleEngine On/" /etc/modsecurity/modsecurity.conf sed -i "s/SecResponseBodyAccess On/SecResponseBodyAccess Off/" /etc/modsecurity/modsecurity.conf |
Restart […]
https://www.passbolt.com – Open source password manager. https://www.grc.com/passwords.htm – Online secure password generator. […]