Skip to content

Wild Wild Wolf

Developer. Because Superhero is not an official job title.

Menu

Server Administration

nginx: Mitigating the BREACH Vulnerability with Perl and SSI or Addition or Substitution Modules

nginx: Mitigating the BREACH Vulnerability with Perl and SSI or Addition or Substitution Modules

BREACH (Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext) is a security exploit against HTTPS when using HTTP compression. This article shows several ways to deal with BREACH using Length Hiding technique with nginx’s builtin modules.

wwa September 4, 2018September 4, 2018 Server Administration No Comments Read more

How to Import Cloudflare IP List into nginx ACL Automatically

How to Import Cloudflare IP List into nginx ACL Automatically

When using Cloudflare to hide IP address of the origin server (for example, to protect against DoS attacks), it is important to configure ACLs to allow connections to the origin server only from Cloudflare IPs. However, the list of Cloudflare IP ranges is not static, it changes over time. This post describes how to import this list into nginx automatically.

wwa September 3, 2018 Server Administration No Comments Read more

How to Get Maximum Score in SSL Labs Test (nginx)

How to Get Maximum Score in SSL Labs Test (nginx)

This article provides a configuration for nginx that successfully passes SSL Labs tests with A or A+ mark, and 100% score for all metrics (certificate, protocol support, key exchange, cipher strength).

wwa September 2, 2018September 2, 2018 Server Administration No Comments Read more

TLS Configuration for nginx to Get A+ in HTBridge and SSL Labs Tests

TLS Configuration for nginx to Get A+ in HTBridge and SSL Labs Tests

This post presents a TLS configuration for nginx to get A+ score in HTBridge and SSL Labs tests. According to HTBridge, this configuration is compliant with PCI DSS, NIST, and HIPAA guidelines.

wwa September 1, 2018September 2, 2018 Server Administration No Comments Read more

Pitfalls When Upgrading Ubuntu Xenial to Bionic

Pitfalls When Upgrading Ubuntu Xenial to Bionic

The article describes a few pitfalls I encountered when trying to upgrade from Ubuntu 16.04.5 (LTS) to Ubuntu 18.04.1 (LTS) and possible solutions.

wwa August 26, 2018 Server Administration No Comments Read more

Sometimes I Hate systemd

Sometimes I Hate systemd

After upgrade from the latest Ubuntu 16.04 LTS to Ubuntu 18.04.1 LTS, the server refused to reboot. I had to use IPMI to connect to the otherwise unresponsive server and reboot it forcefully. I probably should have used sync; reboot

wwa August 25, 2018August 25, 2018 Server Administration No Comments Read more

CentOS 7: How to Change SSH Port

CentOS 7: How to Change SSH Port

Many times my colleagues have asked me how to change SSH port on CentOS 7, because the way they did it themselves resulted in failures of OpenSSH to start. This happened because of SELinux, and the post explains how to overcome the issue without turning SELinux off.

wwa July 30, 2018October 15, 2018 Server Administration 1 Comment Read more

How to Integrate rkhunter with yum

How to Integrate rkhunter with yum

One of the features of rkhunter in CentOS that I miss is the ability to update rkhunter‘s property database automatically after yum is run (just like in Debian). This post explains how to implement this feature.

wwa July 6, 2018July 7, 2018 Server Administration No Comments Read more

How to Integrate monit with yum

How to Integrate monit with yum

Monit is an utility for managing and monitoring processes, programs, files, directories and filesystems on a Unix system. It is often used to restart daemons on failures and abnormal situation, and sometimes to detect changes into critical files and / or daemon binaries. This article explains how to make yum package manager play nice with monit.

wwa June 9, 2018June 9, 2018 Server Administration No Comments Read more

Bootstrap Alpine Linux LXD Container with Ansible

Bootstrap Alpine Linux LXD Container with Ansible

A recipe to bootstrap an Alpine Linux based LXD container with Ansible.

wwa May 31, 2018May 31, 2018 Server Administration No Comments Read more
  • « Previous
  • Next »

Recent Posts

  • Docker Context Issues in GitHub Actions
  • How to Configure Renovate to Update DevContainer Images
  • Using DevContainer CLI to Build Multi-Platform Images with Embedded Features
  • My First Experience with “Hey Code”
  • GitHub Codespaces and Automatic Port Forwarding

Recent Comments

  • Andrey on How to Sign Tags in GitHub Codespaces
  • wwa on Using DevContainer CLI to Build Multi-Platform Images with Embedded Features
  • Raphael on Using DevContainer CLI to Build Multi-Platform Images with Embedded Features
  • wwa on How to Get the Source of an Uncaught Exception in C++
  • Tom Deblauwe on How to Get the Source of an Uncaught Exception in C++

Archives

  • December 2024
  • February 2024
  • February 2023
  • December 2022
  • September 2022
  • June 2022
  • January 2022
  • December 2021
  • October 2021
  • September 2021
  • August 2021
  • June 2021
  • May 2021
  • January 2021
  • December 2020
  • July 2020
  • June 2020
  • May 2020
  • February 2020
  • December 2019
  • November 2019
  • October 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • March 2019
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018

Categories

  • DevOps
  • NodeJS
  • Random Thoughts
  • Server Administration
  • Uncategorized
  • WordPress
Copyright © 2025 Wild Wild Wolf. All rights reserved. Theme Spacious by ThemeGrill. Powered by: WordPress.