Security 11
OSSEC Intrusion Detection Installation On Centos 7
OSSEC (Open Source HIDS SECurity) is an open source host-based intrusion detection system (HIDS). It performs log analysis, integrity scanning, rootkit detection, time-based alerting, and active responses to triggers. You can install it on linux, windows, and mac. It allows for both local installs as well as an agent that can be deployed out to multiple […]
How To Setup SSH Key Authentication
SSH key authentication can be used for password-less login between 2 servers. This is also useful for adding a key to accounts like git or gitlab for version management. Source Server SSH Key Configuration Generate a RSA key for this system by typing the following ssh-keygen -t rsa The key generated will ask for a […]
Block Countries With Nginx and GeoIP
You can use nginx to either allow or deny certain countries from accessing your site using the GeoIP database which maps IP addresses to the origin country. Nginx GeoIP Requirements Nginx Installation – Nginx must already be installed on your server if it is not yet. Please see How to Install Nginx Nginx must also be […]
Nginx Directory Protection
There are a few different ways to protect directories with Nginx. Password protection is typically to keep certain users out or only let certain users in. This is useful in protecting certain content on websites you do not want everyone to be able to access. This guide assumes you already have a running Nginx installation, […]
Blocking Bad UserAgents with ModSecurity and Fail2ban
Many bots crawl websites that do nothing to generate positive traffic for the site. They just use up available resources and bandwidth of the server. You can reduce this drastically by implementing blocking using ModSecurity to detect the bad agents and then fail2ban to block them in iptables for a period of time. This guide […]
SELinux Introduction In CentOS 7
What is SELinux? Security-Enhanced Linux (SELinux) was developed to provide access control for linux. It goes beyond file permissions and ACLs to create a more secure environment by limiting access. It is based on subjects, objects, and actions. A subject is the running command or application(example proftpd), the object is anything that can be accessed […]
FirewallD Introduction On CentOS 7
What is FirewallD? Firewalld was introduced in CentOS 7/ RHEL 7 with both a GUI and command line interface for making changes. It is a alternative for using IPtables. If offers a zone based firewall configuration that allows you to enable different zones with different levels of trust. Different Zone possibilities Zones change be changed, […]
Most Commented