Archive for the ‘Security’ Category
How to Disable GET, wget, and curl
A great way to add more security to your web server is to disable GET, wget, and Curl which will stop web, and shell users from being able to download files to the server. You can set up a group called get-users so that only users that are a member of this group will be […]
Installing APF Firewall and BFD Brute Force Detection
This is a guide on how to install and configure a firewall on your server. A firewall is one of the most import features of security on a server if NOT the MOST important. First thing we are going to do is install APF (Advanced Policy Firewall) from R-fx Networks. Log-in to the server with […]
SSH Securing Root Disable Root Log-ins
This is a guide on how to add more security to your server by disabling root logins and change the standard port that ssh uses. First thing we need to do is create a a user name that we are going to use that will be our new root login. [root@dev ~]# /usr/sbin/adduser admin -OR- […]
Root Login Notifier Script
I recently decided to write a Root Login Notifier Script this script checks every user that logs in as root or switches user to root against your firewall’s allowed hosts if the IP address of the root user is not in the allowed hosts list it silent sends an email to the address specified in […]