advanced

Site Security Checkup for XYZ Mega Corp
Publish Date: September 9th, 2015 | Posted in Security | Last Updated February 23, 2016 by Code Sport
Site Security Checkup for XYZ Mega Corp Privacy Notice “XYZ Mega Corp” is a B2B software company. Their identity will remain confidential and undisclosed. This anonymized report has been made public since many of the issues discovered impact a most production servers. Security Assessment for XYZ Corp Heads-Up We recommend pushing updates to a staging […]

Securing SSL Against Common Exploits
Publish Date: September 3rd, 2015 | Posted in Security | Last Updated November 29, 2015 by Code Sport
SSL Security Enhancements June 2, 2015: Weak Diffie-Hellman LogJam Fix for Ubuntu 12.04 LTS Run the below commands to patch Apache for the LogJam vulnerability. The latest updates bring ECDH to Ubuntu 12.04 LTS running Apache 2.2.x. Also, the 2048-bit group for Elliptical Curve Diffie-Hellman Encryption (ECDHE) is now supported. $ sudo aptitude update $ […]

Migrating from Ubuntu 12.04 to 14.04 (Apache 2.2 to 2.4)
Publish Date: March 25th, 2015 | Posted in Advanced LAMP Techniques, Ubuntu Linux | Last Updated September 22, 2015 by Code Sport
Overview: Migrating from Apache 2.2 to 2.4 We are starting to migrate our systems from Ubuntu 12.04 LTS to 14.04 LTS. 14.04 was released on April 17, 2014 and includes Apache 2.4 by default. We prefer a “physical” migration to a new VPS slice instead upgrading our existing server. As such, this post highlights the […]

Use IP Tables to Block a Specific or a Range of IP Addreses
Publish Date: February 18th, 2015 | Posted in Advanced LAMP Techniques, Security | Last Updated June 27, 2018 by Code Sport
First, open your IP tables rules file in nano: Next, based on your circumstances add the following to your IP tables rules file above the iptables -A INPUT -j DROP line: Notes and Observations /8, /16, and /24 are known as Classless Inter-Domain Routing (CIDR) notation. It is used to represent IPv4 addresses and their […]

The Ulitmate Guide to File and Directory Permissions on Linux
Publish Date: November 30th, 2014 | Posted in Security | Last Updated May 23, 2016 by Code Sport
Introduction This article is a compilation of Linux file permissions along with related commands and explanations. Content has been compiled from online articles as well as forum posts. Where appropriate, explanations from forum posts and articles (i.e., Rackspace , Redhat, and University of Surrey) are modified to provide better clarity or to correct errors. Finally, […]

Creating SSL Certificates for Multi-Domain V-Hosts
Publish Date: October 30th, 2014 | Posted in Advanced LAMP Techniques, Security | Last Updated March 9, 2016 by Code Sport
How to Install an SSL Certificate on Apache This post tells you how to install SSL certificates on an Apache v-hosts running on Ubuntu 12.04 or higher. It assumes you’re logged in as root. Before we begin, let’s grab an SSL certificate for $9.00 from NameCheap. After You Complete This TutorialTo get the maximum benefit […]

Cloudflare, Hosted DNS & External Site Caching for Speed
Publish Date: February 20th, 2014 | Posted in Security | Last Updated March 8, 2023 by Code Sport
Overview This post discusses how to get the most our of Cloudflare. Cloudflare is a caching service, hosted DNS provider, and a CDN that purports to offer increased website security and speed. Those who have used the free service either hate it or love it. But, regardless of your opinion, there are two issues you […]