We have our private key file named private.key and server certificate received from your certificate authority named here ServerCertificate.cer Step 1: for windows we need to generate the pfx file so with openSSL: openssl pkcs12 -export -out certificate.pfx -inkey private.key … Continue reading →

To protect agains the poodle attack you need to check your browser. If you own a website/server you can also help protect others by removing support for SSLv3 and enabling forward secrecy. Firstly disable SSLv3 or bellow in your browser. … Continue reading →

Note: draft article (not beer) Headaches like having your email account hijacked I see more and more often now automatic brute force attacks over a server like mail. This attacks are getting from hundreds and hundreds of ips at once … Continue reading →

In order to list all incoming requests to get a hang of what’s happening with your server in real time you can use the command bellow. Make sure you have enabled mod_security audit. Because I use whm/cpanel this was possible … Continue reading →

I needed to help a friend to clean all his files from an eval type attack so I used the code bellow to clean all his files. In $str var I put the virus code that was injected (in my … Continue reading →

This is a short post to share my favorite way of generating strong passwords in php. The advantage over other functions you’ll find over the internet is that it makes sure it uses all the character sets also making sure … Continue reading →

more and more people, including some of my clients get attack by various versions of iframe injections. One of them, includes injecting a php file inside the host. after that, by various means, in all the htaccess files it’s injected … Continue reading →

source: OWASP News