How to Secure Nginx with Let’s Encrypt on Ubuntu? Security

How to Secure Nginx with Let’s Encrypt on Ubuntu? Let’s Encrypt is a Certificate Authority (CA) that provides a free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. The process of obtaining and installing a certificate is fully automated on both Apache and Nginx. The following steps describe how to configure Let’s Encrypt SSL... Continue Reading Continue Reading

How to redirect HTTP to HTTPS Using .htaccess? Linux

Browsers such as Chrome and Firefox have started showing security warnings on sites with valid SSL certificates. Without SSL, the website shows up as insecure to the visitors. Hence, it becomes very important to redirect HTTP requests to HTTPS. SSL – Secure Sockets Layer (SSL) is a standard security protocol that is used for establishing... Continue Reading Continue Reading

How to fix for DoS vulnerability in BIND DNS service? Linux

BIND DNS servers versions 9.1.0 to 9.9.7-P1 and 9.10.2-P2 allows remote attacker to exploit an error in handling TKEY queries to launch a Denial of Service (DoS) attack resulting in BIND DNS server to crash. You should consider patching if the cPanel/WHM, Odin Plesk or DirectAdmin servers are not patched. There is no work around... Continue Reading Continue Reading

How to force users to use strong passwords in Debian and Ubuntu distros? Linux

A strong password must have 14 characters which should include one special character, one number and one uppercase and one lowercase. Password shouldn’t be predictable and shouldn’t be based on dictionary words. Some administrators / non-techie users do not understand how important is strong passwords and security. These administrators / non-techie users predictable passwords like... Continue Reading Continue Reading

How to protect your cPanel/WHM server from SSLv3 POODLE vulnerability? cPanel / WHM

Browsers like Firefox and IE reported that SSLv3 is disabled. OpenSSL provides fixes for SSLv3 for major distros. The SSL 3.0 vulnerability through a man-in-the-middle attack can allow an attacker to break into a secure session. The fix is to disable the CBC ciphers in the cPanel/WHM The below script checks the cPanel/WHM server is... Continue Reading Continue Reading

Credentials

Quick Connect With Us