IoT Security: 42 Top Internet of Things Security Solutions

After researching IoT security. I’ve decided to maintain a list of companies which offer IoT (internet of things) security tools and solutions. Feel free to share your solutions, feedback and tips for securing IoT devices. This list will continue to grow in the coming days, week, months and beyond. In the aftermath of the 2016 DDoS […]

Nginx tuning tips: TLS/SSL HTTPS – Improved TTFB/latency

Since 30th June 2018, the PCI Security Standards Council requires that support for SSL 3.0 and TLS 1.0 be disabled. TLS 1.1 or higher must be used and TLS 1.2 is strongly recommended. In addition, as of July 2018, Google Chrome began to mark ‘HTTP’ web sites as “not secure”. Over the past few years, the […]

How to Convert OpenSSH keys to Putty (.ppk) on Linux

PuTTYgen is an key generator for creating SSH keys for PuTTY. PuTTYgen is comparable in certain respects to the ssh-keygen tool. PuTTYgen can be used to create public and private key pairs (in .ppk file format). In addition, PuTTYgen can also be used to convert keys to and from other formats. On Windows PuTTYGen is a graphical tool. A command-line version is available for […]

Replacing Cloudflare with CSF Firewall

November 5th 2018 update: I’ve updated this article (the install URL and other minor fixes/improvements). I replaced Cloudflare and thus also Cloudflare Argo with KeyCDN + local firewall and server hardening for this blog as of June 2018. However, do support clients who use Cloudflare and still highly recommend it.  2017 update: With the recent Cloudflare “Cloudbleed” data leak. […]

Is Cloudflare Argo worth it?

Cloudflare Argo reduces network latency on average by 35% and connection errors by 27%. Traditional network technologies use static routing information which can be slower and often use congested paths. Slow loading times and connection timeouts increase the likelihood of poor user experience. The Cloudflare company routes 10% of all HTTP/HTTPS Internet traffic. This provides […]

Generating Secure Passwords for your Linux Server

Very often sysadmins will have to setup new servers or harden existing server passwords during security audits. As a result, secure passwords have to be chosen for root, cPanel accounts, ftp, etc. There are many composite practices that make a server secure, but often overlooked is using secure passwords. Notice that SSH or MySQL root […]

Using CentOS CR (Continuous Release) Repo

CentOS (Community Enterprise Operating System) is a Linux distribution that attempts to provide free, enterprise-class, community-supported computing platform functionally compatible with its upstream source, Red Hat Enterprise Linux (RHEL). CentOS is run by volunteers who work directly with Red Hat’s RPM source files and pushing them to CentOS for release. At times the project will fall behind […]

Patch a thing: Securing Internet of Things (IoT) devices

July 16th 2019 update: List of IoT (Internet of Things) security solutions Today, I spent some time researching IoT security. At the end of this post, I’ve listed companies – all of which are new to me – which offer IoT security solutions. Feel free to share your solutions, feedback and tips for securing IoT devices. […]

3rd DDoS attack today, beginning of a new era

4th Update: 20 min video response by Dale Drew, the chief security officer of Internet backbone company Level 3. 3rd Update: More details emerging “that some of the infrastructure responsible for the distributed denial-of-service (DDoS) attacks against Dyn DNS were botnets compromised by Mirai malware.” says Flashpoint. I’ll continue to update with additional information and important links. 2nd Update: 3rd Attack […]

WordPress Plugin being exploited. Delete inactive plugins

For the past few days an increasing number of WordPress websites have been infected by attackers exploiting a vulnerability in the WordPress plugin: WP Mobile Detector. The plugin with over 10,000 active installs was at one point removed completely from the WordPress repository with no patch available. However, as of today the WP Mobile Detector plugin has been patched […]