Collaborate Disseminate
I am new to SSL configuration.
I bought 3 yrs SSL from domain.com for nginx conf and downloaded the given certs, I found there were 4 files:
maydomain.com.crt
SSL_DV_CertificateAuthorityRoot.crt
SSL_DV_IntermediateCA_2.crt
SSL_DV_Intermed… Continue reading I bought SSL from domain privider but no privkey found how to generate privkey [closed]
I am setting up a nginx proxy. It requires to use HSM for TLS offloading. So I configure nginx that enables ssl_engine pkcs11;; instead of indicating ssl_certificate_key file path, I use pkcs11 URI to point to the private key in HSM. It is… Continue reading How nginx proxy to communicate with remote softHSM for offloading?
I would like to extract the session key, master key and premaster key in TLS connection. In my case nginx plays TLS termination. So I want to see those key in nginx side. Here is my nginx.conf
user nginx;
worker_processes 1;
env SSLKEYLO… Continue reading How to retrieve TLS shared key in SSLKEYLOGFILE?
I received this Logwatch report:
Connection attempts using mod_proxy:
xx.xx.xxx.xx -> codeforces.com:443: 1 Time(s)
A total of 2 possible successful probes were detected (the following URLs
contain strings that match one or mor… Continue reading Can anyone provide any advice on this Logwatch analysis?
I have installed a Nginx WAF with Modsecurity CRS. This WAF protects a backend WordPress.
One request from one of the plugins generated a false positive on the Modsecurity with the rule id 933120.
I identified it in the audit log, studied … Continue reading How do I unblock a request uri in Modsecurity CRS?
The number of macOS vulnerabilities exploited in 2023 increased by more than 30%. Three of the other vulnerability trends in this report relate to Microsoft. Continue reading Apple Operating Systems are Being Targeted by Threat Actors, Plus 4 More Vulnerability Trends
I’m building a DDoS mitigation tool, and understanding how these attacks work and bypass each mitigation technique is crucial. I ran performance tests on Gunicorn, along with NGINX and HAProxy in front of it.
Question: Can anyone explain h… Continue reading Understanding How NGINX and HAProxy Improve Response Times (DDoS Testing) [closed]
My nginx backend server supports the following ciphers:
ssl_ciphers "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-… Continue reading Automatically check if a certificate matches specific ciphers
I’m new to modsecurity topic so maybe my question is stupid but…
I have setup modsecurity on my new nginx/1.24.0 server with default set of recommended rules: coreruleset-3.3.0 and since then my POST XHR request is being blocked.
This is… Continue reading Modsecurity blocks blocks my legit XHR POST request (403 forbidden)
Consider clientA which wants to verify payments and serverB which verifies payments.
ClientA sends around a million requests to serverB’s API in 1 day.
However, only 1% of the requests from clientA succeed and give a 200 response. The rest… Continue reading How do you verify if a request is from a genuine user or from a malicious user?