Bypass or Disable error – Server has a weak, ephemeral Diffie-Hellman public key

Sometimes when browser vendors try to help make the world more secure, they actually cause more inconvenience that necessary. Recently both Firefox and Chrome/Chromium stopped supporting weak ephemeral Diffie-Hellman public keys – this was in the hope of mitigating the LogJam attack that surfaced a few months ago. The problem is that many industry standard bits […]


PCI Compliance – Choose your ASV wisely

If you run a website that takes payments from customers then there is a good chance you have come across the term PCI Compliance – PCI being an abbreviation for the Payment Card Industry. I spend a considerable amount of time in my day job dealing with PCI ASVs (Approved Service Vendors) and the reports […]

Linux Ninja Tux

ModSecurity protection for WordPress WP-Login

OK, I know this is somewhat late to come to the party, but I recently had to implement some rules to protect servers against wordpress wp-login brute force attacks. Although the attacks were somewhat distributed, many clients were sending hundreds of login requests for wp-login.php. Most of the solutions I have seen overlook the fact […]

Linux Ninja Tux

Run wget from crontab and only receive errors

If you have tried to run wget from a cron job, perhaps to run your WordPress wp-cron.php, then you will have noticed that whether there is an error or not, then you will still receive a notification at the MAILTO= address configured in your crontab. This is because wget  annoyingly throws all of its normal output […]

Linux Ninja Tux

Linux : Modsecurity concurrent log analysis

It’s been a crazy few months with work and family, but following on from the modgrep modsecurity serial log analysis article a few months ago,we’re back with another instalment for modsecurity users who use the concurrent logging format. Anyone who uses modsecurity will know that concurrent logging creates a lot of files and directories. Essentially, […]


How to add USB 3 to a Mac Pro for under 25 quid

USB 3.0 was added to the 2013 Mac Pro. For the rest of us, who are still rocking the older gear, adding a dedicated USB 3.0 card isn’t something Apple want to offer. There are a few of dedicated USB 3.0 cards for the Mac Pro, such as HighPoint RocketU 4-Port 1144C at an eye […]

Linux Ninja Tux

Linux one-liner to detect Symlink Attack on web server

The symlink attack is an old favourite and still very much prevalent. This attack usually occurs after the attacker has been able to read the contents of the /etc/passwd file and has enumerated the server’s users. The attacker then runs a script which blindly builds symbolic links (a bit like shortcuts on Windows or Aliases […]


Install Drush on cPanel shared hosting

Drush is a command line shell and scripting interface for the popular Drupal CMS. To install Drush on almost all shared linux hosting platforms requires just a few steps at the command prompt. For the purposes of this guide, I’ll assume you already know how to connect to your hosting server using SSH to get […]

Every kept a password on a postit note?

Seven ways to improve small business security

I’ve worked with many small businesses over the years, and it’s probably fair to say that most view I.T. expenditure as a necessary evil. While a growing number of e-commerce businesses take greater care, small business security is often woefully neglected. Small business security statistics The cost of allowing unwelcome guests into your business computers can be […]


Improve Time Machine performance with Big Bands

It may sound like some bizarre fusion between Duke Ellington and H.G.Wells, but, if you use a Time Machine via a NAS, Airport Extreme, or Airport Time Capsule (rather than a directly connected external drive), then you’ve probably experienced painfully slow time machine performance after several months of use. Time Machine backups are stored inside […]