Collaborate Disseminate
I want to integrate ModSecurity into the WAF to ensure I’m protected with OWASP Top 10 security mitigations. I’d appreciate your guidance if there are any specific configurations you recommend for enhanced security.
Continue reading How to include the coreruleset rules in OPNsense firewall WAF (Nginx)
I have to build a web application firewall from scratch but most of resources available are either WAF marketing or too complex to understand . My goal is to understand deeply on web application firewall through this project as how WAF can… Continue reading How to develop a WAF ( Web application firewall ) from scratch ? and what are the tech stacks required? [closed]
On my machine, I have had the Bitdefender firewall and the default Windows firewall running for some time. In the past, I have set rules and exceptions such as to block ads on certain applications. Additionally, I have recently acquired a… Continue reading Multiple firewalls running on the same machine
I have a public-facing SFTP instance. When applying the whitelist/allow-list of IP addresses that are allowed to connect to this instance, should I enforce the list on the network/firewall level, the application level, or both?
Continue reading Whitelist at network level, application level, or both?
Is it possible that Anti-Cybercrime Police catch and track DDOS black service buyer?
My IP is being attacked for years (DDOS) from IPs and IP ranges from hundreds of different IPs.
The story is:
I have a neighbor, he is an IT professional…. Continue reading Is it possible that Anti-Cybercrime Police catch and track DDOS black service buyer? [closed]
I have setup installed mod security module for apache in ubuntu 22.04, using.
sudo apt-get install libapache2-mod-security2
sudo a2enmod security2
sudo systemctl restart apache2
This installs security module version 2.9.5 with core rule s… Continue reading How to enable ModSecurity to actually block/deny malicious requests? [migrated]
On my fresh Hetzner Cloud server, the ufw seems to be ineffective. The status output is the following:
Status: active
To Action From
— —— —-
OpenSSH ALLOW… Continue reading UFW does not block any ports (Ubuntu 22.04) [migrated]
I was looking through my Mac’s security settings when I came a across the option to turn on Mac’s built-in firewall, which Apple claims will do the following:
Block all incoming connections, regardless of app.
Automatically allow built-in… Continue reading How reliable is the onboard firewall on Mac? [closed]
I apologise in advance for this question being very sparse in details and sounding rather hypothetical, reasons for this are hopefully explained below. I am not a security expert, but I am in a managerial position and find myself now argui… Continue reading Our server in a our client’s network – What possible attacks are there?
We have a domain, erbaharlab.com, which we have bought for our research group.
www.erbaharlab.com contains our research group website, nanospacejm2.erbaharlab.com contains a conference website and there might be other conference subdomains… Continue reading SSL certificates and firewall blacklists