Fail2Ban config on Ubuntu 18.04

I can be a very happy camper when I’m configuring something new and it ‘just works’ and does its job as expected and more. See the previous post on Fail2Ban. Creating a new jail and making the most important service hacker proof is a matter if minutes. Of course finetuning it to my liking can…

Continue Reading

OSSEC active response vs Fail2Ban

Let’s have a proper look at Fail2Ban on Ubuntu 18.0.4. Last week I was rather pleased with the replacement of CSF / LFD with UFW and OSSEC active response. It seems really rock solid. While configuring and testing, I discovered one big downside of OSSEC active response though: it only works for SSH and not…

Continue Reading

Replacing CSF / LFD with UFW and OSSEC

UFW and OSSEC active response. In my quest to see if I would like to replace Debian with all of its third party tooling with more up-to-date Ubuntu servers (also with third party tooling), I’ll dedicate the next couple of posts to cross off this list. Starting at the top, today I’ll be replacing CSF…

Continue Reading

More Debian vs Ubuntu stuff

Last week I’ve explained a bit why I’m considering jumping from Debian to Ubuntu to get our managed hosting a bit more up-to-date by default, instead of using 10 third party repos. This week I would like to specify more about our managed hosting tooling, what we’re using for Debian, what we might like to…

Continue Reading

From Debian to Ubuntu?

Ubuntu. Oh my. This is awkward. When I started out experimenting with Linux, I opted for CentOS since it is one of the most stable versions out there. You’ll soon find out though, that the software in the repos is too old for many situations in the web application industry. Right before I started working…

Continue Reading