This article provides configurations and shell scripts to run nftables – the newer/better version to replace iptables. This covers rate limiting and blocking. Code for Debian 13 included. NFTABLES & Security Note: If you want to just get things working – this should do it, and you can go back to the .txt data files…
This is an example of nginx.conf with memcached and added security. Nginx Web Server In our travels, we configure web servers such as Nginx, Apache2 or LiteSpeed. I prefer Nginx. Some applications require Apache2. AWS Linux has available a variant of Apache called httpd. Nginx uses /etc/nginx/nginx.conf for the master configuration and a primary website…
AWS provides no password for the root user. If root is locked out, we use a backdoor login with root privileges through the EC2 Console. Configure a Backdoor Login There are cases where root login fails, even after a stop/start of the EC2 instance. A backdoor user login or a rebuild from a snapshot are…
Prior to using a new instance we configure Disk Swap Space for initial installation of packages and ongoing use. Configure Swap Space We remove zram0 on small instances. Swapping compressed data out of RAM memory to swap space freezes the system during a prolonged process – which repeats. This is chronic. Instead, we install classic…
This article provides an overview/approach for security with EC2 Linux and AWS S3 Buckets and SES Email services. It is written for individuals and small operators running cloud services without dedicated security teams. AWS Security with EC2 Linux Example Architecture Overview This simplified diagram shows how the components interact when applying the security approach described…
This article documents lessons learned after recovering from an AWS account compromise. It is written for individuals and small operators running cloud services without dedicated security teams. AWS Security AWS Security – Lessons Learned After an Account Breach This article documents lessons learned after recovering from an AWS account compromise. It is written primarily for…
IT Solutions Architecture and Design Some of the information here is helpful for any IT project, including web designs or placing a developer’s coded applications onto Amazon EC2 or other services. IT Solutions Architecture roles vary among employers based upon need and structures available to them. The role is primarily designed as a mix of…
Project Business Analysis When meeting a client, it is good to chit chat on a few small things to break the ice, and move into discussions. Some people have been “trained” what to ask a client, but are somewhat embarrassing because it is too scripted, not coming from a place of experience or genuineness. The…
Project Business Principles & Best Practice Contract We formally engage a client and their project with a contract. Your business website should provide a simple Terms and Conditions the client can be referred to, even though it is unlikely people read such documents. If you are an individual, it is also unlikely you have the…