How to configure SSH public key authentication for Windows Server in Active Directory (AD)? If you want to be able to log on to your Windows Servers through Win32 OpenSSH, you can make use of SSH public key authentication through a ~/.ssh/authorized_keys file. But if you have tens (hundreds) of servers and/or users, perhaps it’s …
Retrieve SSH public key from Active Directory for SSH authentication Read More »
Yesterday, I showed you how to block IP addresses in Windows Firewall using PowerShell. This comes in handy when blocking IP addresses that are brute-force attacking your servers. In this short post I’ll show you how to bulk add IP addresses in Windows Firewall, list an IP address and how to remove all IP addresses …
How to add, list and remove IP addresses in Windows Firewall Read More »
This PowerShell solution blocks IP addresses that are trying to brute force your SQL Server logins, by blocking IP addresses in Windows Defender Firewall with Advanced Security. For the time being, some manual labor is involved, but it is still manageable. You can use this to create your own solution to block offending IP addresses …
Long story short: During the transition of antivirus software to Windows Defender Antivirus (WinDefend), I don’t want Windows Defender remediation on threats it might find. Later, when I have more information about potential threats, I can always choose to remediate that threat, e.g. quarantaine or remove it. Unfortunately, there is no PowerShell cmdlet to configure …
Don’t want to copy over your ssh keys from Windows to WSL Linux? Or generate new ones? Then share your Windows OpenSSH key with WSL! The OpenSSH config gives you the option to share keys using an IdentityFile directive. Here is how you can share your keys between Windows 10 and WSL.
This is how I resolved the error message “Get-MpComputerStatus : The extrinsic Method could not be executed.“, in my specific situation.
If you want to quickly delete all saved Remote Desktop credentials from your Windows 10 Credentials Manager, here is how:
I wrote about enabling HTTP Strict Transport Security (HSTS) in IIS earlier. But what about enabling HSTS in Apache .htaccess? Here is how.
Securing privileged access is a critical first step to establishing security assurances for business assets in a modern organization. The security of most or all business assets in an IT organization depends on the integrity of the privileged accounts used to administer, manage, and develop. Cyber-attackers often target these accounts and other elements of privileged access to gain access to data and systems using credential theft attacks
Show the number of registered WordPress users in At-a-Glance widget Often when a WordPress site is compromised, the website owner doesn’t notice anything strange at first. First a lot of users are created, and it’s only later when posts filled with spam are created or existing pages/posts edited. In the time between compromise and creation …
Count and display number of WordPress users in your Dashboard Read More »
On a daily bases, new vulnerabilities are found in WordPress plugins. And when you host thousands of WordPress sites, you can count on the fact you have some customers using that vulnerable version of that particular plugin. So you need to find those vulnerable versions on your servers fast. On Windows Server, PowerShell is a …
Find vulnerable WordPress plugin versions fast using PowerShell Read More »
Secure wp-content/uploads in Linux Apache and Windows Server IIS It’s recommended to disallow access to and execution of PHP files in wp-content/uploads folder. Preferably without the use of a security plugin. Blocking access to PHP files in WordPress wp-content/uploads folder is easily achieved with a .htaccess file on Linux Apache, or web.config accesssPolicy in Windows …
Disallow direct access to PHP files in wp-content/uploads/ Read More »
Create a random string in Bash easily. You can use this Bash function in your .bashrc file to generate a random alphanumeric string. This comes in handy when you need to generate a long, secure password for example. Adjust to your needs.
In this post I’ll show you how to configure an IP whitelist for IIS FTP Server using PowerShell iisadministration and webadministration modules
Whenever WordPress is using a lot of CPU and you have Wordfence Security plugin enabled, it is recommended to double check some settings. Unfortunately the Wordfence “Live Traffic Options” (“Traffic logging mode”) feature can cause high CPU usage and load issues for WordPress websites. Therefore, I recommend you disable this feature to improve the performance …
Reduce Wordfence CPU usage, disable Wordfence “Live Traffic View” Read More »
