Categories
debian

docker-ce + Debian Buster + iptables

docker doesn’t work on Debian Buster by default, thanks to nft …

Categories
debian linux security

Squid 3.4.x for with transparent ssl proxying/support for Debian Wheezy.

I needed  a variant of Squid which supported transparent SSL interception (i.e via iptables redirection) so I could log outgoing HTTPS requests without the client being aware. The stock wheezy variant doesn’t support SSL (see : Debian Bug Report). Even after recompiling Wheezy’s squid3 it didn’t seem to work (perhaps my stupidity) so I ended […]

Categories
linux

Fail2ban filter for WordPress

With the annoying brute force wordpress hack going round, one way to protect your site(s) would be to use fail2ban, with a configuration something like (which I’ve shamelessly lifted from http://blog.somsip.com/2011/12/protecting-apache-webservers-from-wordpress-admin-login-dictionary-attacks/ ). The below seems to be working, and given it’s relative simplicity it’s obvious how you’d go about changing to protect other POST based scripts […]