SSL Certificate and Nginx management features now built-in to Jetendo CMS
Sun, Aug 24, 2014
Implementing SSL is one of the best ways to protect financial data, password and other information in transit over the Internet.
It's becoming even more important now as privacy concerns have increased due to government and malicious users spying on... Read More
How to lock down LAMP + Railo on Ubuntu Linux
Tue, Apr 08, 2014
My Jetendo Server project covers security for the entire operating system plus specifics for the main web applications (Linux, Apache, Nginx, PHP, MariaDB and Railo) using Ubuntu 12.04 LTS minimal as the base install.
Sta... Read More
Heartbleed Bug In OpenSSL compromised Internet security for nearly everyone?
Tue, Apr 08, 2014
It is fairly rare that a security flaw affects the majority of the Internet, yet that is what we're faced with in the case of the Heartbleed OpenSSL Bug.
Read more about it here: http://heartbleed.com/
The problem is so serious that I rushed t... Read More
Using scrypt hashing with Coldfusion or Railo
Sun, Nov 10, 2013
To aid others in implementing scrypt using Coldfusion or Railo, I wanted to make a quick post to give you the short possible example of how it can be done.
Here is the Java source:
https://github.com/wg/scrypt/
You can find... Read More
Adobe data breach possibly the largest ever
Sun, Nov 10, 2013
According to Adobe's official response regarding the recent data breach - possibly the largest in history - a "backup server" admittedly had passwords and credit cards stored with encryption that can be reversed which is a bad practice. O... Read More
Jetendo CMS login security upgraded - again
Sun, Nov 10, 2013
Scrypt now used for login tokens and password hashing
Jetendo CMS now has a second option for password hashing integrated with it, which has become the default for all my clients.
I'm using the Scrypt java project now: https://github.com/wg/sc... Read More
How to lock Windows immediately upon smart card removal
Mon, Jul 01, 2013
I was previously unable to get this to work since I didn't know Microsoft Windows has 2 features that must be enabled, and I only enabled one of them. The follow settings should allow locking your workstation upon removal of the smart card on t... Read More
rel=canoncial - A new way to get hacked and lose your search engine traffic
Tue, Jun 11, 2013
A client asked me to insert a zillow canonical meta tag the other day, and apparently it hijacked her site in Google search results. Her web site became the zillow link's content instead of her site in Google, yet has the same rankings. ... Read More