My postfix server is getting DOSed, what can I do?
Port 25 is open and I’m getting thousands of emails. How can I make it stop?
Continue reading My postfix server is getting DOSed, what can I do?
Author Archives: evening
Where to store an important private key?
I run LEMP stack on Ubuntu 18.04. I need to sign / verify transactions for Ethereum real-time. Where can I store the private key for it? Is storing it in .env good enough? It just seems super dangerous but I can’t think of a way of me losi… Continue reading Where to store an important private key?
How many IP addresses can a user have?
If you don’t have a botnet and you needed to use an application with a new IP address on each page load, how would you achieve that? How many different IP addresses can a person have? What does it depend on?
How to protect against a user using many different IP addresses and creating many accounts?
Is it even possible? I have an application that is susceptible of a same person creating many different accounts on different IP addresses. How to fight against this the best? Using 2-step verification like SMS? Any other ways?
Best strategy to share some sensitive user data between Node and PHP
I am creating a website that is built on PHP. It has a small page where users can have a group chat and message each other. For that page I open a websocket with a help of socket.io and expressjs. I want to use usernames that… Continue reading Best strategy to share some sensitive user data between Node and PHP
Is there a point to set up passwords for services like MySQL, Redis etc. if we disable their related ports?
Redis’ default port is 6379 and MySQL’s default port is 3306. Let’s say we disable these ports to outside of the world with ufw. And let’s say only I have access to the servers. Is there still a point to set up passwords for … Continue reading Is there a point to set up passwords for services like MySQL, Redis etc. if we disable their related ports?
Should you use VPN if the website uses HTTPS?
If I visit the website which uses https, is there a point using an VPN? In places like coffee shop where internet is not secure. Because I think https already encrypts data?
Continue reading Should you use VPN if the website uses HTTPS?
How can we trust PKI, for example, Verisign?
We want to send an encrypted message to Alice. We can ask her a public key over the network, encrypt with it a message and send that message back. It is bad, because someone can pretend to be Alice and send their public key. … Continue reading How can we trust PKI, for example, Verisign?