Cybersecurity in the Age of the Machine
[Updated 2019-03-17] Are you wondering why some JavaScript code from external domains simply won’t execute on your website? The reason could be as simple as an overly restrictive Content Security Policy (CSP for short). This article explains how you can create a Content Security Policy that’s both protective and functional. It will help you to secure your web server from some types of cross-site request forgery (XSRF/CSRF/XFS), clickjacking and other code injection attacks.
Some WordPress installations stubbornly refuse requests for a password reset link, showing the user this error message instead:
The email could not be sent. Possible reason: your host may have disabled the mail() function.
WordPress’ error massage is anything but insightful. The underlying cause usually involves SELinux. Let us introduce you to an easy fix that does not involve plug-ins or external email services. Buckle up.
There are two major no-nos when it comes to writing NGINX redirects:
Instead, use ol’ good location blocks. But what if you have plenty of URIs to redirect? How do you deploy RegEx magic with NGINX? Easy.
It doesn’t take rocket science to set up and run a website (or a couple hundred of them) in the AWS cloud. Here is a down-to-earth, step-by-step primer for adventurous newbies.
Installing PHP on the Red Hat family—Fedora, RHEL, CentOS 7—is a must for cyber security and it’s not rocket science. With a few easy steps, you too can bring your PHP based web applications to the next level.