Published on : October 29, 2019 by Nidhin George
A vulnerability (CVE-2019-11043) was identified which could affect websites running under nginx webserver with PHP-FPM enabled. On October 22, a security researcher has tweeted regarding a freshly patched remote code execution vulnerability in PHP-FPM which exposed the bug . You can find the GitHub repository which provides the proof of concept (PoC) for the vulnerability. […]
Published on : April 19, 2019 by Nidhin George
ASSP is one of the free and open source anti-spam solution available. At the time of this writing, the version released is 2.6.1 and has a plethora of features, which is a good study by itself. Check out the website http://www.thockar.com/assp-home/ for a detailed list of features. However, the configuration and installation of ASSP are often […]
Published on : April 17, 2019 by Nidhin George
For me, a sysadmin is a jack of all, master of few trades. A good sysadmin can play multiple roles effortlessly, in his professional as well as personal life. Once he is into debugging an issue, don’t disturb. That’s the only condition he would have. I agree that its difficult to document how a sysadmin […]
Published on : April 12, 2019 by Nidhin George
Do we need security through obscurity? My answer would be ‘yes‘, we need security through obscurity as well. Well changing the ssh port from the default 22 to a non-default one is desired and is recommended by me. But do not simply rely on this method though for SSH security. On a publicly accessible server […]
Published on : April 10, 2019 by Nidhin George
WordPress based websites sometimes show a 500 internal server error and in some cases, you get a white screen instead of the error. There can be many reasons for this error, but primarily two which accounts for 80% of the cases. Let’s discuss the scenarios in detail. Primary reasons Wrong entries in .htaccess (assuming that […]