Linux Commands frequently used by Linux Sysadmins – Part 4

We are now up to part 4 of this five-part series entitled: Linux Commands frequently used by Linux Sysadmins. By the end of this series, we will cover at least 50 commands. Thus far, we touched on around 40 commands often used by Linux Sysadmins and power users. Refer to Part 1, Part 2, and Part 3. Let’s […]

How to install vsftpd on CentOS 8 for FTP with Security

Disclaimer: It’s strongly recommended that you use SSH and SFTP (SSH File Transfer Protocol) instead of FTPS (FTP with Security). FTPS is now obsolete. SFTP is installed by default on Unix, Linux, and Mac systems as part of the OpenSSH package and is supported by almost all free and commercial file transfer tools. (i.e. Filezilla, Cyberduck) If for some reason you still […]

Using CentOS CR (Continuous Release) Repo

CentOS (Community Enterprise Operating System) is a Linux distribution that attempts to provide free, enterprise-class, community-supported computing platform functionally compatible with its upstream source, Red Hat Enterprise Linux (RHEL). CentOS is run by volunteers who work directly with Red Hat’s RPM source files and pushing them to CentOS for release. At times the project will fall behind […]

Enable Automatic Updates – Fedora/Red Hat/CentOS + Bonus Tip

As a reminder, Red Hat Enterprise Linux is based on Fedora Linux and CentOS is a 100% compatible rebuild of Red Hat Enterprise Linux. With that out of the way, lets move on. Linux server security is crucial to Linux server administration. Part of keeping Linux servers secure, is to install security updates shortly after they […]

How to Enable Unattended Upgrades on Ubuntu/Debian

Linux server security is of critical importance to sysadmins. One central part of keeping Linux servers secure, is by installing security updates in a timely manner. Too often there are compromised servers on the internet due to pending security updates waiting for a manual update. On both Ubuntu and Debian, the unattended-upgrades package can be configured […]

How to Set Up an Nginx Certbot

If you are looking to automate the process of obtaining, installing, and updating TLS/SSL certificates on your web server, then Let’s Encrypt is a very useful tool. It is a certificate authority (CA) that comes packaged with a corresponding software client, Certbot, that will automatically install TLS/SSL certificates. This means that you can run encrypted HTTPS […]

IoT Security: 42 Top Internet of Things Security Solutions

After researching IoT security. I’ve decided to maintain a list of companies which offer IoT (internet of things) security tools and solutions. Feel free to share your solutions, feedback and tips for securing IoT devices. This list will continue to grow in the coming days, week, months and beyond. In the aftermath of the 2016 DDoS […]

Nginx tuning tips: TLS/SSL HTTPS – Improved TTFB/latency

Since 30th June 2018, the PCI Security Standards Council requires that support for SSL 3.0 and TLS 1.0 be disabled. TLS 1.1 or higher must be used and TLS 1.2 is strongly recommended. In addition, as of July 2018, Google Chrome began to mark ‘HTTP’ web sites as “not secure”. Over the past few years, the […]

How to Convert OpenSSH keys to Putty (.ppk) on Linux

PuTTYgen is an key generator for creating SSH keys for PuTTY. PuTTYgen is comparable in certain respects to the ssh-keygen tool. PuTTYgen can be used to create public and private key pairs (in .ppk file format). In addition, PuTTYgen can also be used to convert keys to and from other formats. On Windows PuTTYGen is a graphical tool. A command-line version is available for […]

Replacing Cloudflare with CSF Firewall

November 5th 2018 update: I’ve updated this article (the install URL and other minor fixes/improvements). I replaced Cloudflare and thus also Cloudflare Argo with KeyCDN + local firewall and server hardening for this blog as of June 2018. However, do support clients who use Cloudflare and still highly recommend it.  2017 update: With the recent Cloudflare “Cloudbleed” data leak. […]