Questions tagged [security]

Security is not a product, but a process.

Filter by
Sorted by
Tagged with
0
votes
1answer
27 views

Decrypt file for specific session in CentOS 7

I am looking for a way to encrypt my file that can be decrypted for the current terminal session. The moment we exit the session, it gets encrypted again. A use case for this scenario would be: Let's ...
0
votes
0answers
18 views

Azure Database for PostgreSQL server - Deny public network access

I have created a private endpoint connection for an azure postgres database, and then set 'Deny public network access' to Yes. Now, even though my own ip address is still in the Firewall rules list, I ...
0
votes
0answers
17 views

How to find what makes my website speed less?

about some days ago we have found our users with one of our min Internet Carrier have speed problem with our website. after investigation we have found that the speed of website content download slow ...
0
votes
0answers
26 views

Are requests with no headers a sign of hacking?

I run a NodeJS web application with packages up to date and secured with a strong password and RSA for ssh. The application runs on two domains. I check the request headers to get the domain and found ...
0
votes
0answers
25 views

Linux pam_time with groups

How do I allow /etc/security/time.conf to be able to restrict groups instead of users? It works flawlessly with users but not with groups. I need to have multiple groups in my case.
-1
votes
0answers
35 views

Server-side Apache firewall questions. Getting pwned (maybe) with Cloudflare DDOS Protection turned on, cowboy coding gone wrong

So, for the past few months I’ve been working on a portfolio WordPress Site. I host and operate this website myself on an Apache2 Server, regular lamp stack. Due to the fact that I am cowboy coding ...
1
vote
2answers
89 views

nginx disable directory browsing not working

I have a Django application in production and my web server is Nginx. My application is located at /home/rouizi/blog and let say my domain name is example.com. I want to prevent that users can read my ...
0
votes
1answer
78 views

Preventing directory traversal in nginx ingress in Kubernetes

I have the following ingress defined: --- apiVersion: extensions/v1beta1 kind: Ingress metadata: name: someName namespace: test annotations: kubernetes.io/ingress.class: "ingress-public&...
-1
votes
1answer
44 views

LocalAccountTokenFilterPolicy being reset to 0 at boot

I am trying to use the Windows 2016 STIG AMI from Amazon with Packer. I am able to get WinRM to successfully work by setting the LocalAccountTokenFilterPolicy setting to 1 (disabled), but as soon as I ...
0
votes
0answers
23 views

Is it possible to ensure detection and logging of all attempts to copy data out of a system?

Say I have a server set-up for processing sensitive data. The few authorised users of the system are instructed not to copy any of the sensitive data out of the platform, but could in principle do so ...
0
votes
0answers
39 views

iptables DROP vs REJECT on http

I am trying to understand iptables and begin my hand-on today. I was trying to set rules for my http server. I have had accept rules initially, and I was able to successfully perform a wget. Later, I ...
0
votes
1answer
31 views

KVM - My switch can manage ACLs, when I create bridged VMs (KVM), does the switch see them as “ports”?

My Cisco Switch has some nifty L3 features like ACLs I will have one of my physical hosts running KVM with multiple VMs. They are networked in bridged mode. I'm not overly familiar, but want to ...
1
vote
1answer
35 views

Hiring a contractor to migrate databases and websites. What kind of security plan should I put in place to mitigate risks?

We have a physical machine serving databases and websites. We want to contract a consultant for this planned migration from the older physical Windows machine to an up to date brand new Virtual ...
-1
votes
0answers
29 views

How to secure offline devices

I'm having devices that doing some stuff. The devices will be on customers' sites and each device will have a dashboard. the dashboard can be accessible in the local network of the customer (e.g: ...
0
votes
1answer
81 views

Ubuntu server best practice to backup and restore linux file system

so i have a really important question, and need some advise about linux server OS backup and restore. There is plenty information on google, other sources, but don't have much time to test every ...

15 30 50 per page
1
2 3 4 5
431