Security

How to secure Nginx web server

Nam Huy Linux is using Nginx because Nginx is a great lightweight and high performace web server/reverse proxy server. Nginx is the second most popular webserver just after Apache web server, there are many popular sites using Nginx like Wikipedia, Sina, Weibo, Yahoo, Reddit, Tumblr, Worpress… Nginx can easily handle thousands …

Read More »

How to secure Apache HTTP Web Server

Apache HTTP Server is an open source web server developed by a community of developers and users, supported by non-profit corporation Apache Software Foundation. Apache web server is often placed at the edge of the server to serve httpd traffic hence it’s the most vulnerable service to an attack. Even …

Read More »

How to install fail2ban on CentOS 6 and 7

I will show you how to install fail2ban on centos 6 and centos 7 to protect SSH brute force attacks. There are many ways to protect SSH server, the best way is to use ssh-keys authentication rather than regular password authentication. I have also written a long detailed article How to install, config …

Read More »

How to remove PHP X-Powered-By & Nginx Version

While I’m auditing my website’s security with curl command to view HTTP Response Header. I see that nginx gives out quite some server’s info which should be hidden for security reason. You can view your HTTP Response Header with curl command $ curl -I http://domain.com/ This is the output from …

Read More »

Virus and Malware vs Linux

Do you really need An Anti Virus and/or Anti Malware for Linux? In my opinion no you don’t need them if you know what are you doing and you deeply understand how Linux works. In the real world there are virus that targeted at Linux, you should heard that Mac …

Read More »

Configure WordPress to use SMTP

Most hosting companies supports PHP mail() function since it’s one of the standard way to send mail. If your hosting provider set it up correctly, it’s very stable and secure,but some companies do not support PHP mail() for their security reasons. In that case there is another option for you …

Read More »

SSH login without password

We use SSH or Secure Shell to make connection between computers to execute commands. Username and password authentication is normally used to establish connection. With a good strong password, it’s secure enough to use SSH since everything is encrypted through SSH. In this article I’m going to show you how …

Read More »

How to secure wordpress website

As you all know Nam Huy Linux Blog uses wordpress, and many popular websites like The New York Times, CNN, Forbes, boingboing, Ebay…. also uses wordpress. WordPress is an open source personal or professional blogging tool, Content Management System (CMS). WordPress requires PHP 5.2.4 or greater and MySQL 5.0 or …

Read More »