Category: Security

Keeping safe

Introducing NGINX App Protect: Advanced F5 Application Security for NGINX Plus

Companies going through digital transformation have clear business imperatives. They include improving the customer experience with modern business applications, adopting agile practices to outpace competitors in the market, and leveraging market advantages to drive new revenue streams. Supporting these efforts are new application architectures that increase development efficiency and incorporate containers, microservices, and APIs. For […]

Read More…

The post Introducing NGINX App Protect: Advanced F5 Application Security for NGINX Plus appeared first on NGINX.

Using the NGINX Plus Key-Value Store to Secure Ephemeral SSL Keys from HashiCorp Vault

In the first two posts in our series about securing SSL keys and certificates during transport and storage, we discussed using tools such as HashiCorp Vault and hardware security modules (HSMs) to secure SSL key and certificate data on disk for NGINX: Secure Distribution of SSL Private Keys with NGINX Protecting SSL Private Keys in […]

Read More…

The post Using the NGINX Plus Key-Value Store to Secure Ephemeral SSL Keys from HashiCorp Vault appeared first on NGINX.

What Is Cyberwar? The Complete WIRED Guide

Not so long ago, stories about cyberwar started with scary hypotheticals: What if state-sponsored hackers were to launch widespread attacks that blacked out entire cities? Crippled banks and froze ATMs across a country? Shut down

NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities

Today we are releasing updates to NGINX Open Source and NGINX Plus in response to the recent discovery of vulnerabilities in many implementations of HTTP/2. We strongly recommend upgrading all systems that have HTTP/2 enabled. In

How to Install and Use Tor Network in Your Web Browser

Privacy Online is becoming a big deal and concerned Internet users are continuously looking for effective methods or tools for surfing the web anonymously for one reason or the other. By surfing anonymously, no can

Ask NGINX | April 2019

Every month, we take a moment to share the expertise of our team, and answer a number of great questions we’ve received from both our customers and open source users. These questions range from how

Protecting SSL Private Keys in NGINX with HashiCorp Vault

In the first post in this series, we describe several approaches to improving the security of your SSL private keys. The post finished with a demonstration of a remote password distribution point (PDP) used to

How to Install Memcached (Caching Server) on CentOS 7

Memcached is an open source distributed memory object caching program that allows us to improve and speed up the performance of dynamic web applications by caching data and objects in Memory. Memcached is also used

How to Setup Two Factor Authentication for SSH on Fedora

Every day there seem to be lots of security breaches reported where our data is at danger. Despite the fact that SSH is a secure way to establish a connection remotely to a Linux system,

How to Generate a CSR (Certificate Signing Request) in Linux

SSL Certificates fall into two broad categories: 1) Self-Signed Certificate which is an identity certificate that is signed by the same entity whose identity it certifies-on signed with its own private key, and 2) Certificates

How to Check Integrity With AIDE in Fedora

AIDE (Advanced Intrusion Detection Environment) is a program for checking the integrity of a file and directory on any modern Unix-like system. It creates a database of files on the system, and then uses that

Best Password Manager: LastPass vs Dashlane vs Bitwarden vs 1Password

Looking for the best password manager to keep your login credentials safe? If you’re reading this post, you probably don’t need me to tell you that it’s a scary world out there when it comes

5 of the Best Online Cloud Backup Services to Keep Your Data Safe in 2019

Looking for a safe place to back up and store all your digital data? This post will help you get started. Here, we’ll look closely at five of the best online cloud backup services to

Tiger – The Unix Security Audit and Intrusion Detection Tool

Tiger is a free, open source collections of shell scripts for security audit and host intrusion detection, for Unix-like systems such as Linux. It’s a security checker written entirely in shell language and employs various

Firejail – Securely Run Untrusted Applications in Linux

Sometimes you may want to use applications that have not been well tested in different environments, yet you must use them. In such cases, it is normal to be concerned about the security of your

Website Speed Optimization: How to Do It in 2019

Over the last few years, there has been an increase in the average page size. In fact, in 2018, on an average, a page size was more than 2 MB! A significant part of this page

How to Configure and Use PAM in Linux

Linux-PAM (short for Pluggable Authentication Modules which evolved from the Unix-PAM architecture) is a powerful suite of shared libraries used to dynamically authenticate a user to applications (or services) in a Linux system. It integrates

Data Breaches: The Complete WIRED Guide

Another week, another massive new corporate security breach that exposes your personal data. Names, email addresses, passwords, Social Security numbers, dates of birth, credit card numbers, banking data, passport numbers, phone numbers, home addresses, driver’s

How to Access a Remote Server Using a Jump Host

A jump host (also known as a jump server) is an intermediary host or an SSH gateway to a remote network, through which a connection can be made to another host in a dissimilar security

How to Install, Configure and Use Firewalld in CentOS and Ubuntu

Firewalld (firewall daemon) is an alternative to the iptables service, for dynamically managing a system’s firewall with support for network (or firewall) zones and provides a D-Bus interface for managing configurations. It’s easy to use