Web Development, Networking, Security, SEO
Computer security, hacking ethics, prevention & protection countermeasures and best practices against viruses, malwares, ransomwares, DDoS attacks & more.
We already talked a number of times of Nginx, allegedly one of the best web server, load balancers and HTTP accelerators out there these days. Among its most useful, but …
NGINX Rate Limiting: how to protect your web site from HTTP request flood, DoS and brute-force attacks Read More
Everyone who wants to make his WordPress web site more secure should definitely spend at least one hour of his life reading the Hardening WordPress chapter of the WP official …
How to automatically set File System Permissions for a WordPress Web Server with a BASH Script Read More
In this previous post we explained how to install and configure a FTP server in Linux CentOS 7 using the popular VSFTPD open-source package. As we have clarified there, the File …
How to secure VSFTPD FTP Server using a self-signed SSL/TLS certificate in CentOS 7 - FTPS Read More
We already explained the basics about HTTP Security Headers in this previous post: it's now time to put these concepts into action and implement them within our Apache-based web site …
Apache - How to setup the httpd.conf file to send HTTP Security Headers with your web site (and score an A on securityheaders.io) How to setup the httpd.conf to secure all your Apache-hosted websites with the required HTTP Security Headers and get A rate from securityheaders.io scan. Read More We already explained the basics about HTTP Security Headers in this previous post: it's now time to put all these words into action and learn how we can implement them …
IIS - How to setup the web.config file to send HTTP Security Headers with your web site (and score an A on securityheaders.io) How to tweak your web application's web.config file to secure your Windows + IIS hosted website with the required HTTP Security Headers and get A rate from securityheaders.io scan. Read More
Did you ever heard the statement "a fish rots from the head down"? This phrase is often used to blame the leadership for the failure of an organization, but it …
What are HTTP Security Headers and how to properly implement them in IIS, Apache and Nginx to secure your web site Read More
In this second post dedicated to System Administrators who have to deal with a Risk Assessment, Security Assessment, Due Diligence or Compliance Questionnaire: if you lost the first one, you can read …
Enable, Disable or Change Password Complexity and Password Minimum Length settings in Windows Server 2012 Read More
If you're a System Administrator and you had to perform a Risk Assessment, Security Assessment, Due Diligence or Compliance Questionnaire at least once, you most likely know that in order to …
Remote Desktop Session Time Limit - How to set idle Timeout in Windows Server 2012 Read More
If you're looking for a decent password strength control implementation for ASP.NET C# you could find this class I made a while ago useful enough. After all these years I'm …
PasswordCheck - A small C# class to calculate password strength and implement custom password policies in ASP.NET Read More
If you've stumbled upon this post, you most likely experienced one of the nasty new MS Outlook security features shipped with the june 2017 security update, which blocks file attachments …
MS Outlook blocked access to potentially unsafe attachments - How to fix it Read More