Vulnerability scanners are useful tools for administrators and security analysts alike. For the casual WordPress user tools like WPScan may look excessive and complicated for their knowledge, they just need their blog, web page, whatever they’re doing up and running. Any complex administration bothers them to the max, and there are good and valid reasons […]

How to find vulnerabilities in your WordPress with WPScan

How to import iocage jails to Bastille on FreeBSD 13
Being a fan and heavy user of FreeBSD jails, I’ve been using iocage for years now. However, iocage is not the only tool capable of making abstractions on top of the jail infrastructure in FreeBSD to make it easier to manage in a not just easier way, but quicker, centralized manner. Bastille is the other […]

How to format an USB drive on FreeBSD
File system support on FreeBSD falls onto UFS (UNIX File System) or originally named the FFS (Fast File System and on ZFS (Zetabyte File System). If you are using your box as a desktop-workstation you will use USB drives to share files with other systems, to carry things on your pocket or safe the day […]

How to enable TLS traffic from the origin server on Cloudflare Argo Tunnel
As it can be read in the last post, setting up a Cloudflare Argo Tunnel to serve web content from home or corporate network without poking holes to it, is quite easy to achieve. In this article I’ll show you how to enable TLS traffic from the origin server on Cloudflare Argo Tunnel. Obviously, you […]

How to export a MySQL database.
You are your website editor, owner and now administrator. You want control over the whole process and you are migrating from a managed site. Or you are a versed user on unix-like environments and you are just willing to export your database. This is a simple post on how to export a MySQL database. If […]

How to work with Nessus scan results
Working with Nessus scan results is easy. How do I know that? Because I’ve worked with this tool for some time and although I do not know every corner of the things I’ve been doing some scans and solving quite a few deffects on systems that were labeled as ‘production ready’ when they clearly weren’t. […]

Nmap cheatsheet
Nmap is a discovery tool used in security circles but very useful for network administrators or sysadmins. One can get information about operating systems, open ports, running apps with quite good accuracy. It can even be used in substitution to vulnerability scanners such as Nessus or OpenVAS for not very large environments, or quick audits. […]

How to mitigate Spectre and Meltdown on an HP Proliant server with Ubuntu
As recently announced in a previous article I wanted to write a couple of guides on how to mitigate Spectre and Meltdown vulnerabilities in GNU/Linux and UNIX environments. It is always a good and I hope a standard practice to have your systems patched and if they aren’t for whatever the reason (that legacy thing […]
Contact
I am a busy guy. Answering comments takes precious time from my daily life so don’t get mad if I don’t reply you back quickly or if I just don’t do. Plus, think twice before posting. If you really have something interesting to say, just go ahead. If that is something you really think I’d […]

How to configure Modsecurity 3 for WordPress on FreeBSD
A few weeks ago I wrote a guide on how to install Modsecurity 3 on Apache HTTP for the FreeBSD operating system. However there’s a catch with that setting and with Modsecurity in general. As good as it is as a WAF you need to at least adjust its configuration to the tool one pretends […]
