Elephant Proofing Your Web Servers

750 words, 3 minutes. The Case For Default Deny What’s free, permanently reduces your exposure to a range of potential vulnerabilities, requires no maintenance, and takes only a few minutes to implement? Most web servers are installed to serve content to unauthenticated users on the Internet. Most only have a finite list of URLs or a specific number of web apps. I’ve always thought it strange that they install in a default-permit mode. »

Arrival

1200 words, 4 1/2 minutes. Welcome to the first post of my blog. Here I explain the why, what, and how of everything else you will see on this site. If you want to know more about the who, then read this. Most of my professional life involves winning systems or processes I’ve already established, monitoring progress or performance against targets, solving recognised problems. Here is where I introduce a few new ideas in a less formal environment, and explore them with you in an atmosphere of constructive discussion so that we might test them and learn something. »

The Stack

360 words, about 1 minute. The site is built and maintained by me using Hugo, a static site generator written in Go. It’s running on a FreeBSD nginx web server. By the time you read this nginx will probably be inside a jail. The theme is a port of Ghost/Casper. My criteria was low maintenance, good security, performance, and simplicity. The content is all written in Markdown in a text editor, Hugo’d, and uploaded to the server using rsync/ssh. »