Viewing posts tagged security

Nginx with ModSecurity

In one of my previous notes I wrote about firewalling web applications using NAXSI WAF. In this post I'll write small howto on getting ModSecurity module to work with Nginx webserver.

Firewalling web applications using NAXSI WAF

Any web application can have a security bug, which exploited, may allow the attacker to gain unauthorized access to crucial application components, and, unfortunately, lead to a leakage of a sensitive data. One of the common ways to defend the zero days is to use WAF (Web Application Firewall). In this tutorial I'll put some light on a dedicated Nginx WAF external module called NAXSI (Nginx Anti XSS & SQL Injection), the ModSecurity equivalent for Apachers, by the way...

Fedora 20 on Odroid U2/U3 with encrypted rootfs

Recently I've bought an Odroid U3 peace of hardware, which is fueled by an Exynos-4412 (Quad core) application processor, providing a 2GB LP-DDR2 RAM and, for 3D graphic, Mali-400 GPU.
So, the first thing after U3's arrival, I wanted to install a Linux Fedora 20 on my microSD card, but on LUKS-encrypted LVM with the ability to unlock it remotely via SSH. And here we begin...