Guide to securing apache

I stumbled upon a helpful guide to securing an apache server via Reddit’s /r/netsec subreddit. Without further ado, here’s a link to the guide: Apache web server hardening & security guide The guide covers the simplest changes, like reducing ServerTokens output and eliminating indexes, all the way up through configuring mod_security and using the SpiderLabs GitHub repository to add additional rules. If you’d like a more in-depth post about installing mod_security, I’d recommend this one from Tecmint.
Read more →

Changing your ssh server’s port from the default: Is it worth it?

Changing my ssh port from the default port (22) has been one of my standard processes for quite some time when I build new servers or virtual machines. However, I see arguments crop up regularly about it (like this reddit thread or this other one). Before I go any further, let’s settle the “security through obscurity” argument. (This could probably turn into its own post but I’ll be brief for now.
Read more →

Survive the Google Reader exodus with Tiny Tiny RSS

It’s no secret that Google Reader is a popular way to keep up with your RSS feeds, but it’s getting shelved later this year. Most folks suggested Feedly as a replacement but I found the UI quite clunky in a browser and on Android devices. Then someone suggested Tiny Tiny RSS. I couldn’t learn more about it on the day Google Reader’s shutdown was announced because the site was slammed. In a nutshell, Tiny Tiny RSS is a well-written web UI for managing feeds and a handy API for using it with mobile applications.
Read more →

Performance and redundancy boost for icanhazip.com

It’s been a few years since I started a little project to operate a service to return your IPv4 and IPv6 address. Although there are a bunch of other sites that offer this service as well, I’ve been amazed by the gradually increasing traffic to icanhazip.com. Here’s a sample of the latest statistics: Hits per day: 1.8 million (about 21 hits/second) Unique IP addresses per day: 25,555 Hits per day from IPv6 addresses: 1,069 (a little sad) Bandwidth used per day: ~ 400MB The site is now running on multiple Cloud Servers at Rackspace behind a load balancer cluster.
Read more →

mysql-json-bridge: a simple JSON API for MySQL

My quest to get better at Python led me to create a new project on GitHub. It’s called mysql-json-bridge and it’s ready for you to use. Why do we need a JSON API for MySQL? The real need sprang from a situation I was facing daily at Rackspace. We have a lot of production and pre-production environments which are in flux but we need a way to query data from various MySQL servers for multiple purposes.
Read more →