This article is focused on generating a CSR file, submitting it to a CA and using the resulting Certificate on Linux with Apache, Nginx and/or IIS on Windows. The Windows related steps continue on from the work required to get the Certificate ready for Linux. In other words, regardless of
Read moreGet help with Apache, Nginx, Tomcat, Varnish and Load-Balancing Web Servers. AGIX staff have the know-how and experience to help your organisation with best-practices, current technology in various Cloud environments including Amazon AWS. We support popular web engines such as PHP, Python, .net and more.
This page shows examples of our work that AGIX shares freely with you. For a fully supported compute environment, contact our team to find out how we can help your organization move forward in the right way.
Contact our friendly team to get started.
Using Fail2Ban to Protect WordPress Logins (CentOS)
This article demonstrates how to use Fail2Ban to block IP addresses attempting to compromise a WordPress instance via the login process. In this walk-through, we’re using CentOS 7 and FirewallD. Just be aware that if you’re using a caching service like CloudFlare, you can’t use this method because you’ll block
Read moreNmap with Vulscan on CentOS 7 or 8 – A short HowTo
This article shows how to install and run Nmap using the Vulscan add-on to do vulnerability assessments. Download Nmap: yum install nmap Install the Vulscan.nse script: /usr/share/nmap git clone https://github.com/scipag/vulscan vulscan Run a scan targeting the machine (in this example) “192.168.4.250”: nmap -sV –script vulscan/vulscan.nse 192.168.4.250 My output looks like
Read moreNmap with Vulners on CentOS 7 or 8 – A short HowTo
This article shows how to install and run Nmap using the Vulners script to do vulnerability assessments. Download Nmap: yum install nmap Install the Vulners.nse script: /usr/share/nmap wget https://svn.nmap.org/nmap/scripts/vulners.nse Run a scan targetting the machine (in this example) “192.168.4.250”: nmap -sV –script vulners.nse 192.168.4.250 My output looks like this: 22/tcp
Read morepfSense as a Transparent Proxy (http & https TLS)
Getting a transparent proxy up and running can be troublesome especially getting it to terminate the HTTPS (TLS) connection, inspect it (if need be) and re-terminate it. Most businesses these days don’t want to actually inspect the traffic but can’t go without some-kind of internet monitoring so a minimalistic transparent
Read moreInstall and Enable Mod_Security for Apache
This article is a short walk-through demonstrating the process of installing and configuring mod_security on Apache. In this tutorial, we’ll be using CentOS 7. We’re starting with a pre-configured and running web server running httpd listening on port 80 and 443. There’s no other services such as Varnishor Nginx running.
Read moreMinimal Transparent Squid Proxy with SSL Interception/Bumping on CentOS 7
This article is the minimal configuration for a Squid transparent proxy with SSL Interception (or bump). We’re using CentoOS 7. This article is based on the good work at “https://www.sbarjatiya.com/notes_wiki/index.php/Configure_squid-3.3_in_transparent_mode_on_CentOS_7_with_SSL_bump” with a few minor changes/corrections. Disable SELinux or put it in permissive mode. Squid works on odd ports. I will
Read moreEnable CORS With NginX
Like happens so often, the notes and comments you found in forums don’t quiet work how you expected. In this article i demonstrate how to enable CORS on NginX and show you how to test it. You’ll see a working example. There are reasons you can’t do this without modifications
Read moreManage Everything With Ansible
Ansible is a buzz word at the moment. Ever since Redhat purchased Ansible back in 2016, it has been rare to hear about anyone deploying alternative automation systems. Recently Ansible has been commercialized into Ansible Tower allowing a wider audience to take advantage of the benefits of automation. I recently
Read moreNginx & Varnish 4 With HTTPS://
This article explains and gives examples of how to use Varnish 4 to cache in a fully HTTPS environment. This example was created on a CentOS 7 server. Make sure to make SELinux allowances for NginX to listen on port 81. Here are the facts: Nginx is listening on ports
Read more