I am worried that my Memcached server used for DDoS amplification attacks. How do I secure Memcached server on Linux or Unix-like system to avoid an attacker to exploit my Memcached services as an amplification vector, causing unexpected volumes of traffic to be sent to targeted networks?
Continue reading “Secure memcached server to avoid DDoS amplification attacks”
A very serious security problem has been found in the Intel/AMD/ARM CPUs. Spectre CPU Vulnerability CVE-2017-5753/CVE-2017-5715 breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre. How do I protect my Linux server and laptop/desktop against such attack?
A very serious security problem has been found in the Intel CPUs. Meltdown CPU Vulnerability CVE-2017-5754 breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system. How do I protect my Linux server and laptop/desktop against such attack?
I am using PHP 5.6.xx and Nginx server on an Apline Linux server. I want to hide ‘X-Powered-By: PHP/5.6.32’ HTTP header. How can I hide PHP version when using Nginx along with PHP-fpm5 or PHP-fpm7?