securityTag Archive

SETTING MAX PASSWORD LOGIN ATTEMPTS PER SESSION In CENTOS -7 Date Posted : 27/02/2019 Introduction For every session, it is essential to set a max password login attempt. This helps to ensure that unauthorized users are prevented from attempting a brute force attack on the server. In most cases, you… Continue Reading SETTING MAX PASSWORD LOGIN ATTEMPTS PER SESSION In CENTOS -7

Block wp-login.php based on country through mod_security Date Posted: 17-02-2018 WordPress is popular CMS which receives large number of DDOS login attempts generally. As a system administrator or site owner, if we dont feel that the traffic is not genuine from some other country, we can restrict wp-login.php   only from… Continue Reading Block wp-login.php based on country through mod_security

WordPress post xmlrpc.php attack Prevention Date Posted: 17-07-2017 This post explains on how to prevent xmlrpc.php attack on wordpress website. If we seen below error or continuous POST request to xmlrpc.php on access log will be best way to identify attack. 2017/07/17 06:25:46 [error] 14858#14858: *411668 connect() to unix:/run/php/php7.0-fpm.sock failed… Continue Reading WordPress post xmlrpc.php attack Prevention

Date Posted:24/03/2017 By default, webserver version, OS information will be visible to public which consider as a security problem because its not a good practice to expose server information. This may result in hackers to intrude your server incase if any vulnerability. So, its always good to hide all server… Continue Reading Hide Webserver information|Modify Server Header on Nginx

This website stores cookies on your computer. These cookies are used to provide a more personalized experience and to track your whereabouts around our website in compliance with the European General Data Protection Regulation. If you decide to to opt-out of any future tracking, a cookie will be setup in your browser to remember this choice for one year.

Accept or Deny