[d0x3d] is a boardgame designed for informal security education, this is an incredibly fun game that proactively teaches about network integrity and the security of information. Inspired by Forbidden Island, d0x3d! and is released under an open source license. It requires only a small number of people but packs a very powerful lesson. Incorporating it [...]
Around 2 years ago I wrote an article about fail2ban.
Fail2ban is an intrusion prevention framework written in the Python programming language. It is able to run on POSIX systems that have an interface to a packet-control system or firewall installed locally (such as, iptables or TCP Wrapper).
Fail2ban’s main function is to block selected IP addresses that may belong to hosts that are trying to breach the system’s security. It determines the hosts to be blocked by monitoring log files (e.g. /var/log/pwdfail, /var/log/auth.log, etc.) and bans any host IP that makes too many login attempts or performs any other unwanted action within a time frame defined by the administrator.
Today I want to show you some configurations that you can use to improve the security of your Apache.