Nginx force SSL and non-www

Originally I started out with Apache and Nginx was getting used to. Now I can’t imagine working without it anymore. It’s awesome and feels blazing fast. The syntax for me had a learning curve and some stuff just felt a bit off. But then there is some pretty good documentation and sometimes you just need…

Continue Reading

CSF / LFD regular expressions

In my last post I talked about two additions on my existing CSF / LFD configurations. The first one was a more transparent approach to the login failure deamon. The second one is regular expressions to stop malicious IPs that aren’t being stopped via the build-in mechanism. Simply put: not all attacks are recognized as…

Continue Reading

CSF / LFD brute force settings

Not too long ago I wrote about being pretty happy with CSF / LFD as a replacement for my firewalld or ufw firewall. Using it for a while now, there are two additions I want to make. The first addition is a more granular and universal approach to the brute force mechanism (the LFD part,…

Continue Reading

Automatic updates on Debian 9

Automatic updates! It is a slippery slope: you want to keep your servers up to date to minimize your attack surface, but with the risk of breaking something on your server. This one gave me headaches… There are several ways to automate the update process and I think I’ve chosen the one closest to Debian…

Continue Reading

CardDAV client in Roundcube

After all this hard work, it’s a bit of a bummer that it’s not possible to create a full collaboration server instead of ‘only’ a mailserver. The big let down is the non-existence of a working CalDAV implementation. On the plus side, we can install a working CardDAV client to supplement our Roundcube install. I…

Continue Reading