security | shocksolution.com

How to use SSL/TLS certificates on a Netgear M4200/4300 switch

If you operate a Netgear switch in an environment that is subject to compliance requirements such as PCI or HIPAA, you are probably doing vulnerability scans, and the HTTP management interface of your switches will generate medium vulnerabilities (at least from Nessus): SSL Self-Signed Certificate SSL Certificate Cannot Be Trusted SSL Certificate Expiry It IS […]

How to use SSL/TLS certificates on a Netgear M4200/4300 switch Read More »

Another Reason to Enable Private IP Addresses on Google Cloud SQL

Enterprise IT, Google Cloud Platform, Google Compute Engine, Web Applications / craig

Google Cloud SQL recently introduced the capability for an instance to have an IP address within the private address space of your VPC network. Previously, all Cloud SQL instances had IP addresses within the address space of the public Internet. Obviously, the public IP was a security and privacy concern, as well as a potential

Another Reason to Enable Private IP Addresses on Google Cloud SQL Read More »

Updating to WordPress 5 on a Linux Host: Requesting FTP Credentials

Linux, Web Applications / craig

WordPress 5 didn’t install automatically on sites hosted on my CentOS 7 WordPress hosting server. That’s by design, because I’m selfish and I’d rather wait for a few bug-fix releases before making a major upgrade. When I chose to upgrade manually on a test site, WordPress asked for my FTP credentials: If you’re hosting WordPress

Updating to WordPress 5 on a Linux Host: Requesting FTP Credentials Read More »

Optimize the Wordfence Firewall: Needs FTP Credentials

Linux, Web design / craig

I use Wordfence as a WordPress security solution. Even the free version has a comprehensive set of features, and the premium version is even better. It’s very easy to install and configure Wordfence as a regular plugin. However, the step to “Optimize the Wordfence firewall” fails for many people. This is not the fault of

Optimize the Wordfence Firewall: Needs FTP Credentials Read More »

Protecting a RESTful JSON API from a CSRF attack

Enterprise IT / craig

“Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated” (OWASP definition) CSRF is related to Cross-Site Scripting (XSS), but does not require the execution of Javascript or any other front-end code. In fact, APIs are increasingly vulnerable to CSRF

Protecting a RESTful JSON API from a CSRF attack Read More »

Upgrade Ubiquiti UniFi Access Points (WAP) now to avoid KrackAttack

Enterprise IT / craig

On October 15, 2017, security researcher Mathy Vanhoef announced the discovery of KrackAttacks, a serious flaw in the WPA2 encryption protocol that encrypts most WiFi connections. Using this method, an attacker can decrypt traffic from almost any wireless access point (WAP) and clients. Every WiFi access point will need to be upgraded with patch that prevents

Upgrade Ubiquiti UniFi Access Points (WAP) now to avoid KrackAttack Read More »