userid on apache webserver – a way to tell if you have been compromised?
Colum31 asked: I am running an apache webserver and trying to learn how to manage it. I tried my best to make it secure, and have taken several precautions like …
How to setup fail2ban with ufw to block IPv6?
Gill-Bates asked: Since fail2ban Version 0.10 IPv6 is supported. I used fail2ban in conjunction with ufw. I found that only IPv4 addresses are blocked. This is unfavorable. According to the …
AWS – Unable to access console – Not receiving MFA SMS codes
Tom asked: I am receiving SMS messages from other senders. However, I am not receiving any SMS codes when I try to login to the AWS console and it indicates …
Hide systemd units from non-root users
ygoe asked: I’ve set up a number of custom systemd service units that may contain sensitive data in their environment variables. While it’s not possible for non-root users to systemctl …
Is it insecure to have an ansible user with passwordless sudo?
lonix asked: I’m new to Ansible. Most VPS provisioning guides I’ve seen so far do this: disable root from logging in create a new user who can only log in …
nginx reverse proxy getting HTTP CONNECT commands
Osada Lakmal asked: I have created a ghost VPS on DigitalOcean which has nginx running as a reverse proxy fronting ghost installation. While tailing access logs I saw numerous CONNECT …
Fail2ban without proactive mode
wmarquardt asked: Is there any way to configure Fail2ban to just log suspicious activities without change my firewall rules? My answer: fail2ban includes a dummy banaction which does (almost) nothing. …
Ensuring SSH Idle Connection TimeOut
PerennialN00b asked: In response to ClientAliveInterval and ClientAliveCountMax restrictions server side, a client can choose to send null packets by setting ServerAliveInterval and ServerAliveCountMax values appropriately. How can I still …
Systemd PrivateTmp=true security implications
simlev asked: I monitor the available disk space on Ubuntu servers using Nagios Core, NRPE and check_disk. With previous Ubuntu versions, I used to get an output similar to this: …
Unable to configure xinetd to log vsftpd activity on centos 7
Hosty asked: I am attempting to configure xinetd to log authentication information from vsftpd. I am following this guide: https://wiki.archlinux.org/index.php/Very_Secure_FTP_Daemon#Using_xinetd vsftpd is running and I can successfully initiate a FTP …