If your app is appending the errors and website visitor’s IP address, browser data, etc to a log file, you should manually archive old log files or use Logrotate. If you don’t do so, the server will run out of storage memory and your application may crash. Logrotate is a powerful program that archives and removes old log files. It saves heaps of storage memory by automatically...
According to Google, HTTPS is a ranking signal. If you make your website secure by configuring the web server to deliver HTTPS pages, your site may rank higher than an HTTP only portal. More importantly, web browsers have begun to warn their users of non-secure web pages. The Google Chrome browser (version 56) marks non-https website pages as insecure when they have an HTML field for...
Setting a preferred domain is one of the most important things to do after launching a new site. It takes few seconds to set a PD. Before setting a preferred domain, you should make sure that Google indexes only the URLS which you want to appear in search results. To do so, you must set up a 301 redirect. A 301 redirect will prevent duplicate content issues. It will tell search engines that they...
Nginx is one of the world’s most powerful web servers. It has a robust caching system which eliminates the need for optimizing websites with third-party caching solutions. While managing your website, you may come across the strange error called No Space Left on Device while reading upstream. You won’t know that Nginx is throwing the “No Space Left error” until you check...
This article summarizes and analyzes discussion from two different articles on the subjects of DNS Rebinding and the use of contextual signatures with Intrusion Detection Systems. DNS Rebinding is type of attack that was first documented in the mid 1990s. Since then it has become more prevalent through vulnerabilities inherent the way information is transmitted to and from a typical web browser...
HTTPS protocol makes your website secure. Google had declared HTTPS as a ranking signal last year which means that secure sites can have higher organic visibility than nonsecure websites. If your site is selling products online, you’ll see a boost in conversion because the browsers will mark your website as safe. Before you go ahead and enable HTTPS on your website, you must learn the...
Denial of Service (Dos) and Distributed Denial of Service (DDoS) attacks have continued to prove to be one of the most challenging threats in modern times. While DoS has been around for some time, the methods used and practices of distributed botnets and automated scripts have continued to grow in sophistication. This paper survey’s three peer reviewed papers in the areas of Denial of Service...
Bluetooth connectivity has grown immensely in popularity with mobile devices in the last number of years. The convenience factor of being able to have a hands-free experience with a mobile phone while driving or out and about has fueled this growth. Unfortunately, like all conveniences there are typically downsides. In the case of Bluetooth, there have been a number of vulnerabilities detected...
The use of mobile devices including policies and employee restrictions should be considered in any modern network security architecture. Mobile devices are used commonly both at home and at work with some organizations managing BYOD (Bring your Own Device) policies. It is therefore important to consider the implications of this and to ensure any BYOD device is properly locked down, authorized and...
A covert storage channel occurs when illegitimate hidden information or data is sent secretly via a legitimate communication channel. The process occurs through the manipulation of communications medium in an unconventional way in order to transmit data that is unseen in everyday operations. Thyer (2008). An example of a covert storage channel involves the hiding of data in ICMP error echoing...
I was recently sent an article titled ‘How it feels to learn JavaScript in 2016’. Aguinaga, J. (2016). It is a somewhat amusing take on the current state of JavaScript frameworks and libraries available to web developers and how this environment is changing so quickly. All quirks aside, modern application frameworks provide us with much interactivity and web functionality we take for...
Web hosting is the backbone of a website. It is crucial to the success of a blogger, business, and the website. A poor web hosting firm will have big downtimes. Because of poor infrastructure, the network latency will be high and your site will rank below faster websites in the search engines. Web hosting services are of three types, shared, VPS, dedicated, and cloud. The shared hosting plans are...
Syn Flood or Denial of Service Attack Syn Flood attacks, often referred to as Denial of Service Attacks are caused through exploitation of the TCP protocol. The attacker sends a large number of TCP/SYN packets using a forged address. Because of this, the destination server is unable to successfully establish a proper connection due to the source being unreachable. Lawrence (n.d.). Each time the...
WiFi is commonly used both within organizations and in the general public. In recent years attackers have discovered ways to lure victims by using rogue access points. These are essentially wireless access points that have been installed in a network without authorization. In some cases these may have been installed by employees of an organization for convenience reasons, however this in itself...
Traditionally the X in AJAX has usually equated XML (eXtensive Markup Notation). In recent years, JSON (JavaScript Object Notation) has taken over in many cases due to its overall efficiency and ease of use. In general, JSON is a much less verbose syntax, which has gained a lot of popularity in modern JavaScript frameworks. Part of this popularity can be attributed to the fact that JSON data can...
Wireshark is a software application for protocol and network traffic analysis, also known as a network sniffer. The application can be downloaded for free at . I downloaded Wireshark from the url and selected the macOS 10.6 .dmg file. I was able to successfully mount the download image and run the package installer which kept all the default settings with the following installed in my system:...
So it’s that time of year again where I decided to enroll in another Cybersecurity class at UMUC. I will be posting snippets from the class over the next few weeks. This week TCP Congestion Control was one of the topics I was looking at and so this post will serve as a high level overview. TCP Congestion Control is the process of monitoring and controlling network traffic in order to avoid...
A log file generated by a web/database server is one of the most important files. It contains useful information on visitors, errors, warnings, etc. Some people think log files as server resource killer. Hence, they disable them in Apache, DB or NGINX configuration file. One more reason why people disable or ignore server logs is because the content of logs is difficult to understand. Hence, most...
The black background of the text editor soothes my eyes. The text color is great and the interface of the Atom editor is awesome. If you don’t like the default Look and Feels, you are free to change it as per your preference or download a new Atom theme. My favorite color is black so I don’t find it necessary to change the theme. The atom editor gets updates on a regular basis...
I am a software developer and online educator who likes to keep up with all the latest in technology. I also manage cloud infrastructure, continuous monitoring, DevOps processes, security, and continuous integration and deployment.