CloudInsidr

Cyber security, infotech

Join us on Twitter: @CloudInsidr

Home Archives for cloud, edge and everything in between administration and orchestration
A cybersec showdown of the clouds: cyber security on AWS versus Microsoft Azure

Leave a Comment

A cybersec showdown of the clouds: cyber security on AWS versus Microsoft Azure

[Updated May 16, 2018] AWS and Microsoft, the two leaders in the race for the best cloud infrastructure, have recognized cyber security as a barrier of adoption. Cyber security professionals are weary of migrating workloads into public cloud environments as it may carry significant risks. Thus, Amazon and Microsoft have developed specialized services to help safeguard users’ cloud infrastructure and data.

This post discusses ways to mitigate cyber threats and launch a cyber defense on AWS and Azure.

[Read more…]

How to verify the remaining validity of your letsencrypt certificates

Leave a Comment

How to verify the remaining validity of your letsencrypt certificates

In order to figure out how many days your letsencrypt certificates have left, you could check an online services such as:

https://www.ssllabs.com/ssltest/index.html

However, that won’t work for a mail server that’s not also running a web server using the same certificate.

In this case, your best bet is to check the certificate file directly using the openssl command as follows:

openssl x509 -noout -dates -in /etc/letsencrypt/live/smtp.yourmailserverdomainname.com/cert.pem
Maximize your PHP session security by fixing errors and closing the session adoption vulnerability that allows session fixation attacks

Leave a Comment

Maximize your PHP session security by fixing errors and closing the session adoption vulnerability that allows session fixation attacks

When the server can’t write to the session data directory, if will use /var/cache/nginx/fastcgi_temp/ and complain in the error log. You don’t want any of these errors, but a setting considered insecure will not even be reported as such. Here is how to bolster your PHP 7 session security with NGINX and php-fpm.

[Read more…]

How to set up remote access via SFTP to a web server root directory on RHEL/CentOS/Fedora using key pairs

Leave a Comment

How to set up remote access via SFTP to a web server root directory on RHEL/CentOS/Fedora using key pairs

Your users want to access a web server instance as a staging or production environment for DevOps… They want access to the web server document root of the sites they manage. Your job is to maintain the integrity of the whole system in terms of cyber security.

If you happen to be running a web server on Linux—for example in EC2 on Amazon AWS—and need to provide site owners remote access in a secure and responsible manner, here is how to do it.

[Read more…]

©2022 CybrAnalytiqa OÜ