Tag Archives | Security

tuxninja

WHMCS : Passwords removal from welcome emails

WHMCS (Web Host Manager Complete Solution) is a popular customer management and provisioning system for cPanel/WHM – get yourself a dedicated server, install WHMCS and bingo, a hosting company is born (well, almost). It’s fair to say that WHMCS has a few security problems in recent times. This is due in part to WHMCS being […]

Linux Ninja Tux

Chmod explained – Linux file permissions for beginners

If you have spent any time dealing with Linux based web hosting then you will almost certainly had encountered the term chmod. Chmod is a linux command and is an abbreviation of change mode. Chmod explained – Understanding permissions The mode is described by three or four octal (0 to 7) digits e.g. 0000 to […]

Linux Ninja Tux

Linux : ModSecurity log analysis with Modgrep

ModSecurity is a popular open source Web Application Firewall that can be installed with popular web servers including Apache, IIS, and NGINX. Modsecurity log analysis can be configured via sequential or concurrent audit logging. Concurrent logging offer improved performance on extremely busy servers, but it creates a LOT of files and directories, so for simplicity […]

wordpress

WordPress : Password protect wp-admin directory and wp-login.php and why

Hardening WordPress by adding both wp-login.php AND wp-admin password protection is a great way to protect your website from hackers. But isn’t it safe enough if I use a strong password on the standard wp-admin login? Well, yes, from a brute force attempt, but single factor authentication (simple username and password) means that there’s only […]