Skip to main content

Mod_evasive on IIS

Mod_evasive is a module for Apache and Windows Server IIS (using Helicon Ape), to provide protection and evasive action in the event of an HTTP DoS-, DDoS or brute force attack. Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denies an IP address access to a website if it’s requesting the same page more than 10 times […]

Read More

Create your own PHP based Origin Pull CDN

How to create your own Origin Pull CDN (Content Delivery Network) with just a few lines of PHP code, to boost WordPress’ performance. The advantage of having your website content hosted on a Content Delivery Network (CDN) is having your content distributed and stored across the Globe. Utilizing the network of the Content Delivery Network provider. Hosting your WordPress in a Content Delivery Network is […]

Read More

“Joomla sites misused to deploy malware” – Update

The Internet Storm Center reports that a large number of Joomla sites are currently deploying malicious code and infecting visitors with malware; some WordPress sites are also thought to be affected. The German CERT-Bund⁠ Computer Emergency Response Team, which is operated by the German Federal Office for Information Security (BSI), has confirmed that similar attacks on and via Joomla servers have also been observed in […]

Read More

“htaccess files should not be used for security restrictions”

Many PHP web applications use .htaccess files to restrict access to specific files or directories that may contain sensitive information. For example, in order to restrict access to all files in a specific directory you can create a .htaccess file in that directory containing the string “deny from all”. In many cases it is wrong to impose security restrictions using .htaccess files.

Read More