Hiding .env Files using .htaccess

0

Let’s explore how to use .htaccess files to protect your .env file on Ubuntu servers running Apache.

Laravel, PHP, Security, Server Configuration

Hardening Apache Using Security Configuration

2

When setting up a new Apache server to run your application, it’s always a good idea to setup some initial security settings as part of the process. Luckily, Apache comes with a default security.conf file that can be enabled and updated to add basic hardening to your server.

Apache, Hardening, Security

Reporting cPanel cPHulk IPs to Abuse IP DB

2

But did you know that you can configure cPanel, and specifically cPHulk Brute Force Protection to automatically report abusive IPs to the IPAbuse database.

Brute Force, cPanel / WHM, cPHulk, Security

3 Tools to Help Secure Your Server or Website

0

In a recent project, I’ve been liaising with web security experts to carry out security testing on a number of client servers. During my research, I’ve come across various free tools that can help you identify any potential issues.

Auto-Reporting LFD Block Reports to Abuse IP DB v2

10

Due to popular demand, I have upgraded my initial LFD reporting script to use the IP Abuse DB v2 APIs. This post covers the new script and how it can be used. Please read my previous post to understand the background of the script.

Firewall, Hacking, IP Abuse, Security

Auto-Reporting LFD Block Reports to Abuse IP DB

12

I created a PHP script that would allow the CSF / LFD firewall plugin on my server to report IPs that brute-force logins or port scan my server to the AbuseIPDB website. This tutorial shows how I achieved this.

Firewall, Hacking, IP Abuse, Security

Dynamically Adding Passwords to PDFs using PHP

0

In a recent project, I was asked to modify uploaded PDFs to dynamically insert a user specified password to keep files secure. This tutorial shows you how this can be achieved using PDF libraries from Setasign.

PDF, PHP, Security, Tutorial

Securing Your WordPress Site with .htaccess

2

There are many ways to help secure your WordPress website from hackers and other malicious users, including plugins and server configurations. If you’re on a unix based server with Apache installed, you can use some basic htaccess settings to improve security further.

Apache, Security, WordPress

Wildcard SSL Certificates with Let’s Encrypt

0

This tutorial shows you how to create a wildcard SSL certificate using Let’s Encrypt. Let’s Encrypt launched wildcard certificates in March 2018, so the process is relatively new.

Command Line, HTTPS, Let's Encrypt, Linux, Security, Server, SSL

Laravel 5.2: Triggering Password Resets Outside of PasswordController

0

In a recent project I’ve been building a Customer Service Portal where “agents” are allowed to perform certain actions on a user’s account. One of the required features was to send a password reset email to the user. Luckily, this feature is easy to implement thanks to Laravel’s built-in traits.

Laravel 5, Security, Tutorial