Web Security

Articles in this category:

SSL Certificate and Nginx management features now built-in to Jetendo CMS Sun, Aug 24, 2014 Implementing SSL is one of the best ways to protect financial data, password and other information in transit over the Internet. It's becoming even more important now as privacy concerns have increased due to government and malicious users spying on... Read More

How to lock down LAMP + Railo on Ubuntu Linux Tue, Apr 08, 2014 My Jetendo Server project covers security for the entire operating system plus specifics for the main web applications (Linux, Apache, Nginx, PHP, MariaDB and Railo) using Ubuntu 12.04 LTS minimal as the base install.   Sta... Read More

Heartbleed Bug In OpenSSL compromised Internet security for nearly everyone? Tue, Apr 08, 2014 It is fairly rare that a security flaw affects the majority of the Internet, yet that is what we're faced with in the case of the Heartbleed OpenSSL Bug. Read more about it here: http://heartbleed.com/ The problem is so serious that I rushed t... Read More

Using scrypt hashing with Coldfusion or Railo Sun, Nov 10, 2013 To aid others in implementing scrypt using Coldfusion or Railo, I wanted to make a quick post to give you the short possible example of how it can be done.   Here is the Java source:  https://github.com/wg/scrypt/   You can find... Read More

Adobe data breach possibly the largest ever Sun, Nov 10, 2013 According to Adobe's official response regarding the recent data breach - possibly the largest in history - a "backup server" admittedly had passwords and credit cards stored with encryption that can be reversed which is a bad practice.   O... Read More

Jetendo CMS login security upgraded - again Sun, Nov 10, 2013 Scrypt now used for login tokens and password hashing Jetendo CMS now has a second option for password hashing integrated with it, which has become the default for all my clients. I'm using the Scrypt java project now: https://github.com/wg/sc... Read More

Stop using sleep mode with Windows Bitlocker for better security. Learn how to use hibernate in Windows 8. Mon, Jul 01, 2013 I just found out that Windows 8 has a hidden "Hibernate" sleep mode which works the same as previous versions of Windows.   There are 2 main benefits to "Hibernate" compared to the regular "Sleep" mode. Benefit #1: Sleep mode continues to use ... Read More

How to lock Windows immediately upon smart card removal Mon, Jul 01, 2013 I was previously unable to get this to work since I didn't know Microsoft Windows has 2 features that must be enabled, and I only enabled one of them.  The follow settings should allow locking your workstation upon removal of the smart card on t... Read More

rel=canoncial - A new way to get hacked and lose your search engine traffic Tue, Jun 11, 2013 A client asked me to insert a zillow canonical meta tag the other day, and apparently it hijacked her site in Google search results.  Her web site became the zillow link's content instead of her site in Google, yet has the same rankings.   ... Read More