All posts tagged security

How to Create a Site to Host VPN on Ubuntu for AWS, Azure and Linode with pfsense


This tutorial will guide you through setting up a VPN from your pfsense firewall router, to your Ubuntu server hosted in the cloud.  Many of these vendors have the capability to setup a site to site VPN through the control panels, but this tutorial doesn’t require anything except for an external IP address on your Linux box.
Continue reading →

How to Create a Websense Content Gateway (WCG) on CentOS


When you implement a Websense proxy solution and you don’t guy one of their appliance then you have to setup the proxy components yourself.  This can be fairly easily done on a CentOS install running on VMWare or Hyper-V.  This how to will walk you through getting a Websense Content Gateway (otherwise known as a WCG) with version 8.0.1 on an appropriate virtual host.

Continue reading →

IPSec VPN Host to Host on Windows 2012 R2 and Ubuntu 14.04


After one of my recent tutorials about a host to host Linux VPN this post is a how to create a host to host VPN between Windows 2012 and Ubuntu 14.04.  We’ll be using the inbuilt Windows Firewall with Advanced Security and Strongswan.

A lot like my last tutorial I couldn’t find any decent information out there how to get an IPSec connection between Microsoft and Linux, but since IPSec is an open standard I was confident it should work. After spending a lot of time working through how to do this I decided to write this post to hopefully help other people out in the same situation.

Continue reading →

Securing WordPress from Brute Force Attacks by Country Blocking on Nginx


After having looked after a number of WordPress websites over the last 7 years or so it has become apparent that the number of brute force attacks specifically targeting WordPress is increasing. I know it isn’t a matter of if one of these attacks succeeded but when. This tutorial won’t completely get rid of all brute force attacks, but it should reduce them quite a lot.

As a totally unscientific observation I was going from around 10,000 attempted logons a day, to only a couple of dozens actually getting as far as authenticating.  All this without inconveniencing either myself or my customers!

Continue reading →

Blocking Countries on Nginx without the GeoIP Module


Sometimes blocking entire swathes of the world is the way to go if you truly want a defense in depth approach on your web apps, for instance do your administrators truly need to log on from every country on Earth? As website administrators we get a feel for where our legitimate traffic is coming from and where we see nefarious connections from.

Continue reading →