Linux server security is of critical importance to sysadmins. One central part of keeping Linux servers secure is by installing security updates promptly. Too often, there are compromised servers on the internet due to pending security updates waiting for a manual update. On both Ubuntu and Debian, the unattended-upgrades package can be configured to perform […]
Enable Automatic Updates – Fedora/Red Hat + Bonus Tip
Linux server security is crucial to Linux server administration. Part of keeping Linux servers secure is installing security updates shortly after they become available. Too often, compromised servers are a result of pending security updates awaiting manual installation. In general, for critical servers where you cannot afford unplanned downtime should be very careful with automatic updates. While there are […]
Ransomware: Implementing a “No Concessions” Ransomware Policy
Ransomware has emerged as a particularly relentless and disruptive force against organizations worldwide. The debate over whether to adopt a “no concessions” policy—refusing to pay ransoms to cybercriminals—mirrors long-standing discussions in counter-terrorism and hostage situations. This article aims to explore the various facets of this debate, considering ethical, legal, and strategic dimensions, and evaluating the […]
G-Core Labs CDN Review
G-Core Labs has its cloud and edge solutions ecosystem where Content Delivery Network (CDN) initially have had an important role. Unlike other providers, the company offers all the benefits of deep integration between CDN and Cloud, Storage, DDoS Protection, Web Application Firewall (WAF) and other cloud services at affordable rates. With it, G-Core Labs CDN […]
dnf error: cannot find the libbrotlidec.so.1 library (cPanel/WHM CentOS 7 to AlmaLinux 8)
Upgrading from CentOS 7 to AlmaLinux 8 is a significant step towards ensuring that your systems remain secure, supported, and up-to-date with the latest features and security patches. AlmaLinux 8, as a community-driven replacement for CentOS, offers a robust and reliable platform that is binary compatible with RHEL 8. This transition, however, can sometimes present […]
Improving OpenVPN performance and throughput
OpenVPN, WireGuard, L2TP/IPSec, SSTP, IKEv2, PPTP, or others. If you had the luxury of choosing, which VPN protocols would you use? Therein lies my problem. In my current use case, I must find a way to improve OpenVPN performance and throughput. You may have been following my Linux home lab build. One of the most […]
How to Integrate Cloudflare with CSF Firewall
April 11th 2024 update: This article has evolved from “Replacing Cloudflare with CSF Firewall” to, “How to Integrate Cloudflare with CSF Firewall”. Leveraging CSF for Enhanced Security on Cloudflare-enabled Websites Over time, web infrastructure evolves, necessitating updates in our security and performance strategies. Notably, Bunny CDN served as a comprehensive caching solution for my blog […]
Generating Secure Passwords for your Linux Server
Update: March 4th 2024: While the guidance below – originally provided in 2013 – emphasizes the creation and management of secure passwords, more than a decade later, it’s important to recognize and advocate for the use of passwordless authentication methods wherever feasible. Authentication keys for SSH, biometric authentication, and single sign-on (SSO) are exemplary alternatives that […]
Choosing the Perfect Network Firewall Device for under $300
Embarking on the quest to find the ideal home office, home lab or small business firewall device is akin to navigating a jungle, but let’s narrow it down by setting the budget to under $300 USD. Picture this: your network is already configured and has been working without issue for a while now. You are […]
Firewalla – Home Network Security Firewall Devices
Home network security involves safeguarding the network that interconnects devices like routers, computers, smartphones, and security cameras, both among themselves and with the internet. Regardless of whether the intent of cyberattacks on home networks is personal, the moment a network is online, it becomes exposed to a multitude of external threats. The scale of the […]