When setting up a new Apache server to run your application, it’s always a good idea to setup some initial security settings as part of the process. Luckily, Apache comes with a default security.conf file that can be enabled and updated to add basic hardening to your server.
But did you know that you can configure cPanel, and specifically cPHulk Brute Force Protection to automatically report abusive IPs to the IPAbuse database.
In a recent project, I’ve been liaising with web security experts to carry out security testing on a number of client servers. During my research, I’ve come across various free tools that can help you identify any potential issues.
Due to popular demand, I have upgraded my initial LFD reporting script to use the IP Abuse DB v2 APIs. This post covers the new script and how it can be used. Please read my previous post to understand the background of the script.
When developing a new library in PHP, it’s sometimes useful to symlink the library into a project while you work on it. Find out how to update your Composer config to achieve this.
I created a PHP script that would allow the CSF / LFD firewall plugin on my server to report IPs that brute-force logins or port scan my server to the AbuseIPDB website. This tutorial shows how I achieved this.
The Cage Cricket application is my first cross-platform mobile application built using Trigger.io and Parse, and works on iOS and Android.
For Halloween, I helped wonga.com reskin an old app they had originally developed with a third-party agency. The app used Adobe Flash as the main user interface, with a PHP / MySQL backend.