security – Page 35 – Linux Consultant

September 2, 2020 | by Scott Kilroy

700,000 WordPress Sites Affected By Zero-day Vulnerability in File Manager Plugin

Yesterday a zero-day vulnerability was discovered in a popular WordPress plugin, File Manager. The vulnerability allows arbitrary file upload and remote code execution. File Manager plugin is a useful plugin that allows users to browse site files in an easy way. The plugin has over 700,000 active installations that make…

The post 700,000 WordPress Sites Affected By Zero-day Vulnerability in File Manager Plugin appeared first on Linux Tutorials, FOSS Reviews, Security News.

April 3, 2019April 4, 2019 | by Scott Kilroy

Stop image hotlinking on NGINX

If you think it’s possible that someone is linking to images hosted on your site add the following to you nginx config file # Stop deep linking or hot linking location /images/ { valid_referers none blocked www.linuxconsultant.org linuxconsultant.org; if ($invalid_referer) { return 403; } } Or if you want to be a wiseguy and replace the hotlinked image with something else # Stop deep linking or hot linking location /images/ { valid_referers none blocked www.linuxconsultant.org linuxconsultant.org; if ($invalid_referer) { return […]

June 19, 2018 | by Scott Kilroy

Kill all process associated with a user

skill -TERM -u USERNAME

June 19, 2018 | by Scott Kilroy

Force a user off the system

slay USERNAME

June 19, 2018June 19, 2018 | by Scott Kilroy

Linux Security

“Yes, I’m paranoid — but am I paranoid enough?” ― David Foster Wallace, Infinite Jest Hardening Public Servers Install system accounting On Debian based systems run ‘apt-get install acct’ then you can use commands lastcomm and sa to see who ran various comands. Also a log file will be writen to /var/log/account/pacct Remove compilers from production severs use the command ‘apt-get –purge remove gcc’ Setup remote logging See http://www.thegeekstuff.com/2012/01/rsyslog-remote-logging/ to find out how Install fail2ban Linux.com has a good intro to fail2ban http://www.linux.com/learn/tutorials/469597-weekend-project-keep-out-repeat-offenders-with-fail2ban-on-linux

April 17, 2011 | by Arround The Web

My New Book on Squid Proxy Server (A Beginner’s Guide)

I have not blogged since a long time mainly because I was a bit busy authoring a book Squid Proxy Server 3.1: Beginner’s Guide for Packt Publications. The book is an introductory guide to Squid (especially the new features in Squid-3 series) covering both the basic aspects as well as the in dept details for … →