Whenever WordPress is using a lot of CPU and you have Wordfence Security plugin enabled, it is recommended to double check some settings. Unfortunately the Wordfence “Live Traffic Options” (“Traffic logging mode”) feature can cause high CPU usage and load issues for WordPress websites. Therefore, I recommend you disable this feature to improve the performance of your WordPress website.Continue reading
Microsoft is pleased to announce the final release of the security configuration baseline settings for Windows 10 version 1903 (a.k.a., “19H1”), and for Windows Server version 1903.Continue reading
Since WannaCry and Petya ransomware were spreading through Windows systems in 2017, it’s recommended to have Server Message Block version 1 (SMBv1) disabled in Windows clients and Windows Server. Now SMBv1 is not installed by default in Windows 10 1709 and Windows Server, version 1709 and later, but how can you be sure it is disabled in older Windows versions? Easy, use PowerShell.Continue reading
Apache Access Control done right, ‘Allow/Deny from all’ versus ‘Require All Granted/Denied’
Since Apache 2.4.6, a new module is used to configure and set up access control for websites: mod_authz_core. This means you have to use a different syntax for allowing or blocking hosts and IP addresses to your website. But unfortunately, old documentation is never updated and people even still write blog posts using that old syntax, leaving you with an unprotected website. Not what you had in mind, now is it?…Continue reading
Connect to MySQL from PHP PDO using an SSL encrypted connection
If you want to connect securely to your MySQL database over SSL using PHP Data Objects (PDO), here is how…Continue reading
A cheat-sheet for password crackers that may come in handy sometime, by m3g9tr0n.
Ryan McFarland writes on his blog:
“Privilege escalation always comes down to proper enumeration. But to accomplish proper enumeration you need to know what to check and look for. This takes familiarity with systems that normally comes along with experience. At first privilege escalation can seem like a daunting task, but after a while you start to filter through what is normal and what isn’t. It eventually becomes easier to know what to look for rather than digging through everything hoping to find that needle in the haystack. Hopefully this guide will provide a good foundation to build upon and get you started.”
There are a lot of hints & tips out there for troubleshooting SPNs, or Service Principal Names. Listing duplicate SPNs is fairly easy, just use
setspn -X on your command-line and you’ll find out. But how do you find out which SPNs are used for which users and computers are used for this?
There is another VERY IMPORTANT THING with Microsoft Meltdown patches like update KB4056892: –
Customers will not receive these security updates and will not be protected from security vulnerabilities unless their anti-virus software vendor sets the following registry key:
Acunetix 11 Review by Help Net Security. Acunetix is one of the biggest players in the web security arena. The European-based company released the first version of their product back in 2005, and thousands of clients around the globe use it to analyze the security of their web applications. They recently unveiled Acunetix version 11, so Help Net Security decided to take it for a spin.
A short post for my colleagues at the customer support and anyone else wondering the same: how to turn off the FTP over TLS default in FileZilla?
When you have just installed your new Windows Server, with or without IIS as web server, it is important to take a few extra security measurements. Securing your server is important to keep hackers out and your data safe. This article shows
3 4 key steps in securing your Windows Server web (IIS) or file server.
Disable SMBv1 to prevent prevent Petya / NotPetya, WannaCry / WanaCrypt0r ransomware spreading through your network. These worm viruses exploit a vulnerability in Windows Server Message Block (SMB) version 1 (SMBv1), and spread like wildfire. It is urged you disable SMBv1 in your Windows variant (Windows 10, 8.1, Server 2016, 2012 R2), and here is how if you haven’t done so yet.Continue reading
Microsoft Security Advisory 4021279: Microsoft is releasing this security advisory to provide information about vulnerabilities in public .NET Core and ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications correctly.
Andrew Douma, a vendor-neutral consultant, writes in Penetration Testers’ Guide to Windows 10 Privacy & Security: