I kept finding strange things in my log files and I wanted an automated way of going through them and banning IPs that are trying weird stuff. The answer in this case was fail2ban and the example that I’m covering in this post is looking out for and banning IPs attempting to use my mail server as an open relay. Continue reading “Getting the hang of fail2ban”
I was looking into web application firewalls the other day and I decided I want to use one or more to get the idea of how they work. My hosting provider did not provide mod_security (WAF module for Apache) on their server, nor I did have access to it, so I decided to try something external. Continue reading “How my traffic dropped 10 times and I’m not worried”
E-mail server configuration can be a pain. Spam was and still is a big problem, especially due to its volume, being almost half the size of all e-mail sent globally. Automated services, filters, reputation monitors and blacklists made it harder for spam to get across in people’s inboxes. It also made it harder for e-mail servers to be accepted as “legitimate” – which is good because it raises the quality level and hardens the requirements, but on the other side, it gives debugging issues. Continue reading “E-mail server configuration – through trial and error”
Spam has been and still is a very annoying issue. It’s better managed nowadays by having multiple blacklists of known “spammy” IPs, better email server configurations and more aggressive spam filters. This also raises the requirement levels that legitimate email servers must adhere to.
According to some sources, WordPress powers approximately 18.9% of all known websites. Not sure of the exact specifics and I don’t think it’s relevant to question them, but I think most people agree that a lot of websites are using WordPress. Which makes it a clear target for both mass and targeted online attacks. Given the fact that like with other software or systems, a lot of WordPress installations are poorly managed by their users from a security perspective, especially when it comes to updates and proper credentials, the ease of compromise increases attracting even more attackers. Continue reading “WordPress login attempts – observations and conclusions”
If you want a personal VPN solution that you can host at home or on a VPS, PPTP is the easiest way to do it. Or if you want a VPN test subject, PPTP is also the easiest way to do it. The following will detail how to set up a PPTP server on a Debian (version 7.8) machine. To be understood that choosing PPTP as a VPN doesn’t guarantee a really secure solution , but it can save time and setup issues associated with other alternatives. For a more secure alternative over PPTP, I’d recommend OpenVPN. Continue reading “Setting up and debugging a PPTP server on Debian”
03As mentioned in a previous articles on hosting control panels to use for your VPS , buying a VPS is as affordable as or even cheaper than shared-hosting. This is only when it comes down to money/month or year. Other costs or resources would include time and knowledge to actually setup and maintain your VPS. A great way to start lowering those costs is by having a look at free alternatives to CPanel. Continue reading “7 things I look for at a VPS provider”
We all receive spam email. Everyday. Typically they end up in the “spam” folder and we never even get to see them. I never did really care about them and normally erase as soon as possible. This one got my attention as it ended up in my inbox on of my fictive emails (doesn’t everybody has that?) and I decided to play along to see where is everything going. Continue reading “Email scams – getting money from Industrial and Commercial Bank of China”
Lately I’ve been intrigued by how affordable (or even free) a VPS is nowadays and how (relatively) easy can one host his own website(s). This is determined mostly by ones technical expertise and the tools available at hand. To better manage several websites and everything related to them (DNS,FTP,databases,email and so on) one would use a “hosting control panel”. Tools that hosting providers use to manage customers, customer websites, resellers and tools that are also being made available to end-users to manage their website. The most known in the industry would be CPanel (end-user tool) and WHM (administrative control panel). Their prices can get pretty high and would mostly be suited for companies specializing in web services / hosting.
A “must have” should be placed in relation to the users needs. In my case, my requirements from an email client are not that diverse, but inclined towards security and efficiency. Continue reading “Must have plugins for Thunderbird”