Host sg*
“OpenSSH: ssh disable warning messages”Continue reading
Month: December 2014
mod_security2: In .htaccess file?
ust to update this question for mod_security 2.7.0+ – they turned off the ability to mitigate modsec via htaccess unless you compile it with the –enable-htaccess-config flag. Most hosts do not use this compiler option since it allows too lax security. Instead, vhosts in httpd.conf are your go-to option for controlling modsec.
“mod_security2: In .htaccess file?”Continue reading
CSF: csf.allow – GOOGLE IP range
list of rules:
# ——————————————
# GOOGLE
# v 20170224-0002
Include /etc/csf/csf.allow-google
# ——————————————
“CSF: csf.allow – GOOGLE IP range”Continue reading
SSL/Apache/Nginx: Enabling Perfect Forward Secrecy
How to Configure Apache for Forward Secrecy
Add the following lines to your configuration:
-
SSLProtocol all -SSLv2 -SSLv3
“SSL/Apache/Nginx: Enabling Perfect Forward Secrecy”Continue reading
mod_security2: grep log in cmdline
List of examples:
“mod_security2: grep log in cmdline”Continue reading