Skip to main content
  • Let’s Encrypt Tutorial

    Publish Date: March 7th, 2016 | Posted in Advanced LAMP Techniques, Security | Last Updated

    1. Install Let’s Encrypt Let’s Encrypt is a command line python application (a client) capable of generating, validating, renewing, and revoking TLS certificates. Full documentation is available on ReadTheDocs. Versions and Server EnvironmentThis tutorial was tested on Apache 2.4.7 running on Ubuntu 14.04. Instructions on deploying on Apache >= 2.4.8 are included below Update and […]

  • Site Security Check-up for ABC-J Corp

    Publish Date: September 28th, 2015 | Posted in Security | Last Updated

    Overview Privacy and Confidentiality Notice “ABC-J Corp” is a B2B and B2C security company. The company’s name and identity shall remain confidential and undisclosed. They have been notified of these vulnerabilities. Since you’re a security firm it is recommended that you use an extended validation SSL certificate. Like our friends at XYZ Mega Corp, you’re […]

  • Site Security Checkup for XYZ Mega Corp

    Publish Date: September 9th, 2015 | Posted in Security | Last Updated

    Site Security Checkup for XYZ Mega Corp Privacy Notice “XYZ Mega Corp” is a B2B software company. Their identity will remain confidential and undisclosed. This anonymized report has been made public since many of the issues discovered impact a most production servers. Security Assessment for XYZ Corp Heads-Up We recommend pushing updates to a staging […]

  • Security 101: The 5 Pillars

    Publish Date: September 8th, 2015 | Posted in Security | Last Updated

    Five Pillars of Information Security and Information Assurance The below list is often referred to as the five pillars of information security. However, many these tenets also apply to physical security as well. In colloquial terms these tenets or pillars of security define. The terms “data, asset, resource, and system” are often used here interchangeably […]

  • Securing SSL Against Common Exploits

    Publish Date: September 3rd, 2015 | Posted in Security | Last Updated

    SSL Security Enhancements June 2, 2015: Weak Diffie-Hellman LogJam Fix for Ubuntu 12.04 LTS Run the below commands to patch Apache for the LogJam vulnerability. The latest updates bring ECDH to Ubuntu 12.04 LTS running Apache 2.2.x. Also, the 2048-bit group for Elliptical Curve Diffie-Hellman Encryption (ECDHE) is now supported. $ sudo aptitude update $ […]

  • The Ulitmate Guide to File and Directory Permissions on Linux

    Publish Date: November 30th, 2014 | Posted in Security | Last Updated

    Introduction This article is a compilation of Linux file permissions along with related commands and explanations. Content has been compiled from online articles as well as forum posts. Where appropriate, explanations from forum posts and articles (i.e., Rackspace , Redhat, and University of Surrey) are modified to provide better clarity or to correct errors. Finally, […]

  • Cloudflare, Hosted DNS & External Site Caching for Speed

    Publish Date: February 20th, 2014 | Posted in Security | Last Updated

    Overview This post discusses how to get the most our of Cloudflare. Cloudflare is a caching service, hosted DNS provider, and a CDN that purports to offer increased website security and speed. Those who have used the free service either hate it or love it. But, regardless of your opinion, there are two issues you […]