Security
NGiNX traffic split or traffic distribution can be very handy in various user cases, for example this can be used to improve security for our websites or web applications. In this particular tutorial we will show you how to make use of this great feature that comes with NGiNX by implementing a simple solution for traffic distribution in order to protect our backend web applications or maybe a websites by simply using two individual backend upstreams. Same traffic management principle using NGiNX, explained below, can be used for various other backend services and solutions within various stacks. Table of contents […]
Category: Security | Published: 03/07/2019 | Updated: 12/08/2019Secure NGiNX with Let’s Encrypt SSL on CentOS 7
Just another tutorial from Tufora where we will be showing you how to secure NGiNX with Let’s Encrypt SSL on CentOS 7. As you are well aware NGiNX is a very powerful software that can be used for various applications and workloads being as HTTP server, reverse proxy, load balancer and nowadays even as router for containers, pretty good portfolio we would say. On this tutorial we will be focusing on securing a NGiNX deployment with a SSL certificate issued by Let’s Encrypt (letsencrypt) using certbot utility on a CentOS 7 server. Table of contents Package instalation Generate Diffie–Hellman Exchange […]
Category: Security | Published: 31/05/2019 | Updated: 19/07/2019SSH client configuration for Jump Host
SSH client configuration for Jump Host is just a simple, fast and efficient way to configure your local SSH client to remote access via SSH other external networks / hosts. In the same time we can say that this solution adds a layer of security as well if your environment is not so secure for whatever reason, we have seen this quite often but let’s not talk about this yet. In this short tutorial we will try explain in a very simple way how you may configure your local SSH client configuration file in order to connect straight to one […]
Category: Security | Published: 10/08/2018 | Updated: 15/11/2018How to install Elasticsearch 2.4 and OpenResty on CentOS 7
In this tutorial we’ll explain how to install and configure a three node Elasticsearch 2.4 cluster on CentOS 7. Also, we’ll learn how to install OpenResty that will provide a layer of security for our Elasticsearch cluster, Elasticsearch-HQ that will give us some nice metrics, Kopf plugin and of course Kibana. Why ES 2.4? Well it’s complicated but lets say we’ve choose 2.4 just because this particular version isn’t supported anymore by Elastic and some of you may be “forced” to use this version for a while until you redesign your software to comply with a newer version in terms […]
Category: Security | Published: 18/04/2018 | Updated: 05/11/2018Generate SSH Key – Linux, Mac and Windows
In this quick tutorial, Generate SSH Key, we will learn more exactly how to generate a SSH Key in Linux or Mac using a terminal window and also in Windows using Putty. Before we start our little journey we should be clear about one thing, all SSH Keys consists of two parts, a Private Key and a Public Key. In this article we’ll generate both these keys and we’ll learn the importance but also the difference between these two. What is a Pivate Key As we said in our introduction a SSH Key contains a Private Key and a Public […]
Category: Security | Published: 09/02/2018 | Updated: 05/11/2018In this example we will explain how to generate CSR in Linux using shell prompt or terminal window. A CSR is mostly required when you want to secure for example a website or a connection between one or more services that requires a secure connection. Any SSL issuer will always ask you to generate and present a CSR. We’ve chose CentOS for this Certificate Signing Request example as our main operating system. Required packages First step is to make sure that we have openssl and openssl-devel packages installed and updated in order to generate our very first CSR. The package manager […]
Category: Security | Published: 24/01/2018 | Updated: 05/11/2018