...here is some more technical information about HSTS in IIS, and other security headers… Learn how to enable HTTP Strict-Transport-Security (HSTS) in Windows Server IIS and enhance your website’s security....
...Policy Object Network Security: Extended Protection for Authentication available at: Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options. Enable this one. Extended Protection for Authentication GPO Hardened UNC Paths Enabling Hardened UNC...
...clients (set to $false) on # your virtual FTP Site in IIS. #> Set-WebConfigurationProperty -Filter /system.ftpserver/security/ipsecurity -Name allowUnlisted -Value "True" -PSPath 'IIS:' Set-WebConfigurationProperty -Filter /system.ftpserver/security/ipsecurity -Name allowUnlisted -Value "False" -PSPath...
Windows Hello Security: Touch your security key
...misspelled or defined by a module not included in the server configuration I find it hard to believe so called “WordPress Security” companies still write posts explaining the old, non-functional,...
Lego security officer keeping your sites secure
...Security Update KB4570334 NT AUTHORITY\SYSTEM 8/12/2020 12:00:00 AM DESKTOP-JS… Security Update KB4577266 NT AUTHORITY\SYSTEM 9/9/2020 12:00:00 AM DESKTOP-JS… Security Update KB4580325 NT AUTHORITY\SYSTEM 10/14/2020 12:00:00 AM DESKTOP-JS… Security Update KB4586864...
...); if( $xmlnodes->length > ) { $security_node = $xmlnodes->item( ); $security_node->appendChild( $ipsecurity_node ); } else { $security_node = $doc->createElement( 'security' ); $security_node->appendChild( $ipsecurity_node ); $xmlnodes = $xpath->query( '/configuration/system.webServer' ); if(...
...enable HTTP Strict-Transport-Security (HSTS) on IIS, HTTP Strict Transport Security (HSTS) is a web security policy mechanism which is necessary to protect secure HTTPS websites against downgrade attacks, and which...
...security by obscurity (are you?), removing common server response headers is often advised by security experts. Attackers might gain a lot of information about your server and network, just by...
...unintended network connections. Improves security: Mitigates the risk of unauthorized access to your resources, including databases. Aligns with security best practices: Encourages adherence to the principle of least privilege and...
...the on-screen instructions and touch your YubiKey when requested. Switch YubiKey and execute this step again. Done Windows Hello Security: Touch your security key You’re all done. Ssh config file...
...2016-09-07: Apparently, the securitysucks.info domain no longer exists and the post is unavailable. I’ve copied the full text below for you. Please note this was released on securitysucks.info on September...
...encountered this as the result outcome of a security scan. Security by obscurity is one reason to hide the file extension in URLs, if you don’t want others to know...
...F|forbidden flag: RewriteEngine On RewriteRule ^.*.php$ - [F,L] Why did I start this article with Preferably without the use of a security plugin Because most security plugins are easy to...
...Advanced Security. Using PowerShell ofcourse. This post explains how to bulk add IP addresses in Windows Firewall, list an IP address and how to remove all IP addresses from Windows...
...the configured maxUrlLength value” 3 Ways of blocking sendmail.php on IIS webserver IIS-NetFxExtensibility45 IIS-HealthAndDiagnostics IIS-HttpLogging IIS-RequestMonitor IIS-HttpTracing IIS-URLAuthorization IIS-IPSecurity IIS 10.0 FTP IP Security allow list (can also be used...
...Protip: while you’re at it read my important 4 security measurements for Windows Server & IIS. Also, verify you’ve disabled SSLv3, TLS 1.0, and TLS 1.1. Acunetix provides you with...
...Transfer Protocol whereby an SMTP client may log in using an authentication mechanism chosen among those supported by the SMTP server. What is Transport Layer Security (TLS)? Transport Layer Security...
...<httpRedirect enabled="false" destination="https://example.com" httpResponseStatus="Permanent" /> Don’t forget to enable HTTP Strict-Transport-Security (HSTS) on IIS. HSTS improves security and prevents man-in-the-middle attacks, downgrade attacks, and cookie-hijacking. And there are a number...
