Search
You can find the results of your search below.
Matching pagenames:
Fulltext results:
- Docker nginx / php notes @docker_notes
- ; php.ini-production contains settings which hold security, performance and ; best practices at its core. Bu... ings may break ; compatibility with older or less security conscience applications. We ; recommending using ... ts signature to the Web server header). It is no security ; threat in any way, but it makes it possible to ... b server (other than IIS) ; see documentation for security issues. The alternate is to use the ; cgi.force_
- turn server @docker_notes
- tion of the local IP addresses provide additional security. This was not the primary purpose of NAT and is ... ary benefit. I believe that NAT provides minimal security benefits. The key security is the firewall setup which does not allow unsolicited access to the local area ... Loopback bypass https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p #denied-peer-ip=0.
- Web Server setup @home_server
- abled==== A forwarding proxy with its associated security risks is not required. These ProxyRequests direct... hared/www/html #Some optimisation and security directives (requires mod_headers enabled) Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains;" Head... / </Location> #Some optimisation and security directives Header always set Strict-Transpo
- Rsync @home_server:home_server_setup:other_services
- un as root, # and at the same time, eliminate any security risks. # Location of the Log file LOG="/home/bac... without being being prompted for a password. For security reasons, we what only the these tools to have ''s... calling rsync. This all required to maintain the security of the remote systems, and was discussed in the t... failed" exit 1 fi </code> =====Increased Security===== The final step is to lock all this down. To
- Nextcloud Container @docker_notes
- oud 29 I finally got rid of all my administration security and setup page warnings and errors. This included... te-empty-templates Update empty template files security security:bruteforce:attempts resets bruteforce attempts for given IP address security:bruteforce:reset resets bruteforce a
- Router Configuration, Switch & Server Setup @linux_router
- ffic) This is primary firewall action and primary security action! This is often confused with NAT, NAT is a... ess(es). This obfuscation arguably provides some security. The key security is the restriction of gateway traffic into the LAN. See interesting notes on this from [[https://www.grc.com/nat/nat.htm|GRC NAT Router Security Solutions]], note that I do not necessarily agree
- Basic Netfilter Function Block Diagram @linux_router
- order to opt-out of connection tracking. ===The Security Table=== The ''security'' table is used to set internal SELinux security context marks on packets, which will affect how SELinux or other systems that can interpret SELinux security contexts handle the packets. These marks can be a
- Wireguard VPN access from WAN to LAN @linux_router
- l|OpenVPN FAQ]] * [[https://www.linode.com/docs/security/firewalls/control-network-traffic-with-iptables/#... ng=== Wireguard is not chatty, this actually is a security feature. It is important that the setup informat... ''sudo sysctl -p /etc/sysctl.conf'' Create some security keys: <code> sudo su cd /etc/wireguard umask 077 ... arly the private key needs to be kept private for security reasons. Also no need to unnecessarily flash aro
- Reverse Proxy Server - Traefik @docker_notes
- sts/crowdsec-traefik/|Open Source & Collaborative Security with CrowdSec and Traefik - CrowdSec & Traefik Tu... Sec Docker Part 3: Traefik Bouncer for Additional Security] *[[https://www.smarthomebeginner.com/crowdse... [https://www.smarthomebeginner.com/traefik-docker-security-best-practices/|20 Docker Security Best Practices – Hardening Traefik Docker Stack]] Crowdsec Bouncer Traef
- dokuwiki setup notes @home_server
- ared/www/dokuwiki #Some optimisation and security directives Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains;" He... .1.9/ </Location> #Some optimisation and security directives Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains;" Header
- Router Miscellaneous @linux_router
- bles as the router/fire software. ====Docker Host Security==== Docker currently by default use iptables on ... address space in IPv4. IPv4 NAT also provide some security benefits by obscuring the private LAN addresses f... cumentation/en-us/red_hat_enterprise_linux/4/html/security_guide/ch-ports|Appendix C. Common Ports]] * [[h... arch [[https://www.grc.com/nat/nat.htm|NAT Router Security Solutions]] and [[https://www.grc.com/nat/nats.ht
- samba @home_server:home_server_setup:other_services
- services smb use it as default.\\ My main form of security it to limit external access to my lan, hence samba security is low. More focused on easy use.\\ ====samba bas... ly = yes # File creation mask is set to 0700 for security reasons. If you want to # create files with group... 700 # Directory creation mask is set to 0700 for security reasons. If you want to # create dirs. with group
- Docker - DNS Server @docker_notes
- d do not rerun invalid IP address, which would be security risk. If ''%%dig @192.168.1.14 www.dnssec-failed... [https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions|Domain Name System Security Extensions]] *[[https://bind9.readthedocs.io/en/latest/dnssec-guid
- Docker mailserver @docker_notes
- should get a new password if possible to increase security. | |quota |The number of bytes that this mailbox ... mentRoot /var/www/local #Some optimisation and security directives Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains;" Header se
- KPTree Torrent VM Setup @home_server
- not want to keep a mailing list to protect client security. ===Sample /etc/openvpn/btguard.conf:=== <file> c... .com/ubuntu/ bionic-updates universe deb http://security.ubuntu.com/ubuntu bionic-security universe </file> ++++ ====Sample NFTables configuration script for Privat