Wp-config.php file contains all of the confidential information which WordPress needs to access your database and encrypt cookies. It is therefore essential to properly protect this file. Read more
A little quick article to alert you that an exploit is currently circulating on the Internet. This affects the Linux kernel version which is greater than or equal to 2.6.39. Recent versions... Read more
A new security flaw has been discovered in the IPv6 Neighbor Discovery protocol. It can be planted at a distance, all Windows machines (XP version, Vista, Seven, Server 2003 and 2008) of a n... Read more
Mod_evasive is a module for Apache anti-DoS attack. This is able to detect when a user asks too many pages on a website, on a very short time period. Here’s how to install and configure it f... Read more
Mod_security is a firewall application that presents itself as a module for the Apache Web server. Its role is to detect and protect the server against attacks of all kinds: SQL injection, c... Read more
If you have a server with a world facing ssh server, you’ve probably seen brute force attacks in your logs. Some machine starts hammering your ssh server, trying all sorts of logins (staff,... Read more
The idea is very simple you want to limit who can use sshd based on a list of users. The text file contains a list of users that may not log in (or allowed to log in) using the SSH server. T... Read more
OpenSSH has two directives for allowing and denying ssh user access. Read more
This article explains some basic rules for the administration to apply to secure the best database server. Read more
For years, on security forums and mailing lists, if you ever dared to suggest changing SSH’s default port (TCP 22) the “security by obscurity” crowd would come out of the woodwork and nail y... Read more
