Viewing posts for the category Security

Nginx with ModSecurity

In one of my previous notes I wrote about firewalling web applications using NAXSI WAF. In this post I'll write small howto on getting ModSecurity module to work with Nginx webserver.

Detecting malware in Linux shared environments

It is very common these days, when a vulnerable website gets exploited and used for malicious activities by attackers. Especially when having a "shared hosting" environment you may get used to discovering a new kind of malware on a daily basis. Here I'm going to present one of these tools, which is worth using in that malware hunting.

Firewalling web applications using NAXSI WAF

Any web application can have a security bug, which exploited, may allow the attacker to gain unauthorized access to crucial application components, and, unfortunately, lead to a leakage of a sensitive data. One of the common ways to defend the zero days is to use WAF (Web Application Firewall). In this tutorial I'll put some light on a dedicated Nginx WAF external module called NAXSI (Nginx Anti XSS & SQL Injection), the ModSecurity equivalent for Apachers, by the way...

Automate installation of security updates on Centos/RHEL 7 using Ansible and yum-cron.

Installation of security updates is essential. When using Centos/RHEL 7 based linux distribution you can easily automate this process using yum-cron tool, and if you need to deploy it on multiple remote hosts do not hesitate to use Ansible...;-)

Introduction to unprivileged containers (external)

Recently, while dealing with LXCs, I've found a nice blog entry related to the unprivileged LXC containers, which is a new feature in the LXC v1.0.