Fail2ban works by filtering a log file with a regular expression triggering a ban action if the condition is met. After a preset time, it will trigger an unban action. Without much effort, we can have WordPress log all authentication events and have fail2ban react on them.Continue reading “Using fail2ban to block WordPress login attacks”
Category Archives: Server
Using fail2ban from behind a Rackspace Cloud LoadBalancer
If your fail2ban is on a host behind a Rackspace Cloud LoadBalancer, you’ll want to block the offending IP addresses directly in your LoadBalancer. If your LB is acting as a reverse proxy, you’ll HAVE to block in the LB, but it is also nice to protect all other nodes behind the LB and offload the lifting.Continue reading “Using fail2ban from behind a Rackspace Cloud LoadBalancer”
Running HHVM instead of PHP with Nginx on Ubuntu
Since version 3.9, WordPress have been 100% compatible with HHVM and I have begun replacing PHP with it on a few of my servers to experiment.Continue reading “Running HHVM instead of PHP with Nginx on Ubuntu”
Optimizing HTTPS on Nginx
Now that you have secured Nginx with HTTPS and enabled SPDY enabled HTTP/2, it’s time to improve both the security and the performance of the server.Continue reading “Optimizing HTTPS on Nginx”
Enabling SPDY with Nginx
SPDY is this new, cool, fast protocol created by Google that “replaces” HTTP (the first draft of HTTP 2.0 is using SPDY as the working base). It is supported in all the major browsers – yes, even Internet Explorer – with the exception of Apple’s Safari.Continue reading “Enabling SPDY with Nginx”
Securing Nginx with HTTPS
Adding a certificate and using the HTTPS protocol is a good improvement to the security in the communication between the browser and the server, and should be in place on all sites that have a user login. Contrary to what many (older) guides say, it doesn’t add much load on your server and is fairy easy and cheap to set up right.Continue reading “Securing Nginx with HTTPS”
Install latest version of Nginx on Ubuntu
I always run the latest LTS version of Ubuntu on all my servers. Unfortunately, the Nginx versions tend to be quite the bit behind the current release. So how do you get an updated, current version of without resorting to having to maintain the packages yourself? Luckily, the Nginx team have their own Ubuntu apt repository so it’s easy to keep current with the latest version of Nginx.Continue reading “Install latest version of Nginx on Ubuntu”
Install latest version of PHP on Ubuntu
I always run the latest LTS version of Ubuntu on all my servers. Currently the latest LTS is 14.04 which comes with PHP version 5.5, but as of November 2014, the latest stable version is 5.6. So how do you get an updated, current version of PHP without resorting to having to maintain the packages yourself? The answer is in PPA.Continue reading “Install latest version of PHP on Ubuntu”
Setting up your own PPTP VPN
When it comes to VPNs, there is the choice between PPTP and OpenVPN. PPTP is pretty quick to setup and works out of the box with most (all?) OSes and devices.
Get your Ubuntu VPS up and running
These are the first steps you should perform on your shiny, brand new VPS to set out on a safe journey on the internets. You don’t actually have to understand each of the steps here, but this post is intented for people who have some clue of what they’re doing. If there is such a thing as a «VPSes for dummies», it should not be read. VPSes are not intended for dummies.