For quite some time it seemed as if cyber vulnerabilities in the Java ecosystem would be losing ground. Instead, it was the calm before the storm: a vulnerability in the Log4j library threatens web servers and other applications in a variety of ways.
In an administrator’s quest to get stuff done, SELinux tends to get in the way. It is being perceived as a nuisance rather than a feature and this happens mostly for only one reason: setting correct SELinux labels requires the ability to figure out the appropriate SELinux security contexts. Here is how to do it.
[Updated 2020-12-04] This post explains how to set up robust security headers in NGINX to protect your web application from malicious payloads and other forms of attacks. Choose your HTTP(S) headers wisely.
Problems signing in to AWS? When the login page “Sign in as IAM user” repeatedly says: “Your authentication information is incorrect. Please try again” though you entered correct information, your Gemalto token generator for MFA authentication could be out of sync.
Who wants to issue certificates manually if they can take Letsencrypt’s Certbot to the task.