Ryadel

How to create a self-signed TLS SSL certificate for Apache or NGINX to accept HTTPS requests on port 443 A handy guide explaining how to create a self-signed SSL certificate for your NGINX or Apache web site with Linux CentOS 7.x to accept HTTPS requests on port 443

December 17, 2017June 18, 2019 - by Ryan - Leave a Comment

In this article we'll show you how to create a self-signed TLS/SSL certificate and configure it in Apache or Nginx web server to allow secure, encrypted connections. This tutorial will …

Cyber Security / Servers & Services / Web

NGINX Rate Limiting: how to protect your web site from HTTP request flood, DoS and brute-force attacks

December 17, 2017November 5, 2018 - by Ryan - Leave a Comment

We already talked a number of times of Nginx, allegedly one of the best web server, load balancers and HTTP accelerators out there these days. Among its most useful, but …

Coding / Cyber Security / Servers & Services / Web

How to automatically set File System Permissions for a WordPress Web Server with a BASH Script

December 17, 2017December 17, 2017 - by Ryan - 5 Comments.

Everyone who wants to make his WordPress web site more secure should definitely spend at least one hour of his life reading the Hardening WordPress chapter of the WP official …

Cyber Security / Servers & Services / Web

How to secure VSFTPD FTP Server using a self-signed SSL/TLS certificate in CentOS 7 - FTPS

December 16, 2017December 17, 2017 - by Ryan - 2 Comments.

In this previous post we explained how to install and configure a FTP server in Linux CentOS 7 using the popular VSFTPD open-source package. As we have clarified there, the File …

IIS - How to setup the web.config file to send HTTP Security Headers with your web site (and score an A on securityheaders.io)

Cyber Security / Servers & Services / Web

Apache - How to setup the httpd.conf file to send HTTP Security Headers with your web site (and score an A on securityheaders.io) How to setup the httpd.conf to secure all your Apache-hosted websites with the required HTTP Security Headers and get A rate from securityheaders.io scan.

November 22, 2017March 17, 2019 - by Ryan - 8 Comments.

We already explained the basics about HTTP Security Headers in this previous post: it's now time to put these concepts into action and implement them within our Apache-based web site …

Cyber Security / Servers & Services / Web

IIS - How to setup the web.config file to send HTTP Security Headers with your web site (and score an A on securityheaders.io) How to tweak your web application's web.config file to secure your Windows + IIS hosted website with the required HTTP Security Headers and get A rate from securityheaders.io scan.

November 22, 2017March 17, 2019 - by Ryan - 7 Comments.

We already explained the basics about HTTP Security Headers in this previous post: it's now time to put all these words into action and learn how we can implement them …

Cyber Security / Servers & Services / Web

What are HTTP Security Headers and how to properly implement them in IIS, Apache and Nginx to secure your web site

November 22, 2017November 5, 2018 - by Ryan - 3 Comments.

Did you ever heard the statement "a fish rots from the head down"? This phrase is often used to blame the leadership for the failure of an organization, but it …

Cyber Security / Operating Systems / Windows

Enable, Disable or Change Password Complexity and Password Minimum Length settings in Windows Server 2012

November 8, 2017December 22, 2018 - by Ryan - 2 Comments.

In this second post dedicated to System Administrators who have to deal with a Risk Assessment, Security Assessment, Due Diligence or Compliance Questionnaire: if you lost the first one, you can read …

Cyber Security / Operating Systems / Windows

Remote Desktop Session Time Limit - How to set idle Timeout in Windows Server 2012

November 8, 2017July 19, 2019 - by Ryan - 6 Comments.

If you're a System Administrator and you had to perform a Risk Assessment, Security Assessment, Due Diligence or Compliance Questionnaire at least once, you most likely know that in order to …

ASP.NET / C# / Coding / Cyber Security

PasswordCheck - A small C# class to calculate password strength and implement custom password policies in ASP.NET

July 17, 2017January 8, 2020 - by Ryan - 6 Comments.

If you're looking for a decent password strength control implementation for ASP.NET C# you could find this class I made a while ago useful enough. After all these years I'm …