Read The Blog Post View more…

Linux: JPEG/PNG Image Optimisation (Command Line)

Images are a integral part of any website and often occupy a significant portion of a website. As a result, optimising images can save some of the largest bytes and improve performance for your website.

The fewer bytes the browser has to download, the less time the user is waiting for the page to render resulting in a faster website and better user experience.

Read On…

Disable WordPress RSS Feed.

A feed is a function of special software that allows feedreaders to access a site, automatically looking for new content and then posting the information about new content and updates to another site. This provides a way for users to keep up with the latest and hottest information posted on different blogging sites.

There are several different kinds of feeds, read by different feedreaders. Some feeds include RSS (alternately defined as “Rich Site Summary” or “Really Simple Syndication”), Atom or RDF files.

Source: WordPress Codex

Read On…

WordPress Embedded video with Image Overlay.

After spending a good time searching on how to place an image over a video in wordpress, i know i know, its not really that hard of a task but due to a couple of other tasks on at the same time i proved annoying during the spare 10 minutes i had between tasks.

Multiple google searches flagged up multiple HTMl / CSS implementations that yes they did work and after some testing they were semi suitable for the application.

Read On…

Network Security Assessment Methodology

The best practice assessment methodology is used by determined attackers and network security consultants involves four distinct high-levels components:

  • Network reconnaissance to identify IP networks and hosts of interest
  • Bulk network scanning and probing to identify potential vulnerable hosts
  • Investigation of vulnerabilities and further network probing by hand
  • Exploitation of vulnerabilities and circumvention of security mechanisms

Read On…

Better site performance through Apache .htaccess

Web performance is becoming a large factor on many web applications currently developed, and is a large topic within web development, and has became a factor in google search since the back end of 2014.

Compress content

Compression reduces the response time by reducing the size the HTTP request.

its a worthwhile to implement gzip your HTML documents, scripts & css.

images and downloadable files should be compressed via other means, using image compression.

To compress your web documents with apache  use of mod_deflate

Read On…

Operating System Hardening – Working with Services

Services are programs that run when the operating system boots, and they are often are running in the background without the users interacting directly with them. Many services are quite important -even critical. However a service can provide an attack vector that someone could exploit against your system, so be sure to enable only those services that are absolutely required. Part of operating system hardening is disabling unnecessary service on your windows computer (any version – from XP to windows 8 or windows server 2012), you first select the control panel and then select Administrative Tools.

The remote registry service is shown. This service is used to allow technical support personnel to access that systems registry remotely. The service can be quite usefully in some situations, but it can also function as a means for an attacker to get into your system. If you don’t need it, turn it off. The issue is not that a given service is “bad”; it is more of an issue of ensuring that you know what services to run (or not). Windows also provides a brief summary of what the service does and any services that depend on that service. If you don’t know what a service does, then you should probably leave its default setting.
Read On…

Monitoring Networks

It is important to monitor the network and make sure that the traffic on it belongs then. In this section, we will explore basic network monitors

Network Monitors

Network monitors, also called sniffers, were originally introduced to hep troubleshoot network problems. Simple network configuration programs like Ipconfig don’t get down on the wire and physically happening on a network. Instead, examining the signalling traffic that occurs on a network requires a network monitor.
Read On…

Enable SSH Login Notification on Linux

Is the Linux server utilized by multiple customers? If that’s the case, attempt to add an SSH login notification whenever someone logs in.

The good example below send’s an e-mail if somebody logs to your server. With this to operate, your server must have the ability to send mail while using mail command.

Replace YOUR_EMAIL_ADDRESS with the email address that you want to receive login notifications.


Open the file ~/.bash_profile in a text editor.

Append the following lines:
Read On…

Disaster Recovery

Disaster recovery is the ability to recover system operations after a disaster. A key aspect of disaster recovery planning is designed a comprehensive backup plan that includes backup storage, procedures, and maintenance. Many options are available to implement disaster recovery. The following sections discuss backups and disaster recovery planning.

Types of Backup

Backups are duplicate copies of key information, ideally stored in a local other than the one where the information is stored currently. Backups include both paper and computer records. Computer records are usually backed up using a backup program, backup systems, and backup procedures.
Read On…

Redundant Array of Independent Disks

Redundant Array of Independent Disks (RAID) is a technology that uses multiple disks to provide fault tolerance. There are several designations for RAID levels.


Raid Level 0

RAID 0 is disk striping. It uses multiple drives and maps them together as signal physical drive. This is done primarily for performance, not for fault tolerance. If any drive in a RAID 0 array fails, the entire logical drive becomes unusable.
Read On…

Identifying Critical Systems and Components

Sometimes your systems are dependent on things that you would not normally consider. Basic utilities such as electricity, water, and natural gas are key aspects of business continuity. In the vast majority of cases, electricity and water are restored – at least on an emergency basis – fairly rapidly. The damage created by blizzards, tornadoes, and other natural disasters in managed and repaired by utility companies and government agencies. Other disasters such as a major earthquake or hurricane, can overwhelm these agencies, and services may be interrupted for quite a while. When these types of events occur, critical infrastructure may be unavailable for days, weeks, or even months.

When you evaluate your business’s sustainability, realize that disasters do indeed happen. If possible, build infrastructure that doesn’t have a single point of failure (SPOF) or connection.; After the September 11, 2001 terrorist attack on the World Trade Centre (WTC), several ISP’s and other companies became non-functional because the WTC houses centralized communication systems and computer departments. If you’re the administrator for a small company, it is not uncommon for the SPOF to be router/gateway. The best way to remove an SPOF from your environment is to add redundancy.
Read On…

Understanding Control Types False Positives/Negatives

Risk Assessment / Analysis involves calculating potential risks and making decisions based on the variables associated with those risks (likelihood, ALE, impact, and so forth). Once you’ve identified risks that you want to address with actions other than avoidance, you put controls in place to address those risks.

The national institute of standards and technology (NIST) places controls into various types. The control Types fall into three main categories: Management, Operational, and Technical, as defined in special publications 800-12. Table 1.3 list the controls the control types and the control they are associated with.
Read On…

Securing wp-login.php with Fail2Ban


With the recent dictionary attacks becoming a daily occurrence on WordPress, I installed a simple configuration for fail2ban that requires no access to the backend of each site you host and works as a integral part of any linux server system alongside iptables. This should protect all the sites on a server from being attacked by a lone attacker or a botnet.
Read On…

Developing Policies, Standards, and Guidelines

The process of implementing and maintaining a secure network must first be addressed from a policies, standards, and guidelines perspective, This sets the tone, provides authority, and gives your efforts the teeth they need to be effective. Policies and guidelines set a standard of expectation in an organization, the process of developing these policies will help everyone in an organisation become involved and invested in making security efforts successful.  You can think of policies as providing high-level guidance on large issues.

Standards tell people what is expected, and guidelines provide specific advice on how to accomplish a given task or activity.

We will discuss the policies, standards, and guidelines you’ll need to establish in order for your security efforts to be successful.

  Read On…

Risks Associated with Virtualization

If Cloud computing has grown in popularity, virtualization has become the technology du jour, Virtualization consists of allowing one set of hardware to host multiple virtual machine. Its is in use at most large corporations, and it is also becoming more common at smaller businesses.

Some of the possible security risks with virtualization include the following:
Read On…

Risks Associated with Cloud Computing

The term cloud computing has grown in popularity recent, by few agree on what it truly means. For the purpose of security+, cloud computing means hosting services and data on the internet instead of locally. Some examples of this including running office suit applications such as office 365 or Google Docs from the web instead of having similar applications installed on each workstation; storing data on server space, such as Google Drive, Sky Drive or Amazon Web Services; and using cloud-based sites such as

Read On…

Apache: Log Management: SetEnvIf

maintenance on an Apache2 webserver takes a bit of fine tuning to get everything logging perfectly to our specifications. Apache has excellent logging capability and these logs, if properly maintained are an excellent information resource for any administrator or web analyst.

However, if unmanaged these logs can get too large to handle and cumbersome to explorer for errors or unauthorized access.
Read On…