Ubuntu Initial Setup: setup ubuntu secure ssh login on digitalocean or Amazon Web Services EC2 instance Download PDF: Download Secure Login Cheat Sheet PDF This post is a “cut to the chase”, “gitter dun” list of things to do for initial setup of an ubuntu server. To gain a deeper understanding of the process of securing… Read more How to set up ubuntu secure ssh login (AWS & Digital Ocean)
I wanted to have multiple rsa keys for various different hosts to help prevent hidden connection issues. Issues may arises when an rsa key is changed on one host that may have been used on another host effectively severing the connection without your knowledge. By having different rsa keys when dealing with a host that… Read more How to use multiple ssh keys for different accounts
Create a password hash with python passlib A quick and easy way to create a password hash is with python passlib. Install passlib with pip like this: sudo pip install passlib Then, run the command below. Of course, you will replace the text “myplaintextpassword” with YOUR OWN plain text password, right? python -c “from passlib.hash… Read more How To Create a Password Hash with Python passlib
umask is a unix command that sets the default file permissions for all newly created files and directories. It can be used to control the default file permission for new files. This little blurb assumes that you understand the numeric mode of file permissions. That is, if someone tells you to make sure a file… Read more umask Explained with Examples
1. My login id is paul and my primary group is webdev. I’m also a member of several other groups including staff. By default, any file (including a directory) I create will be marked with the group webdev (my primary group) . $mkdir mydir $ls -ld mydir drwxr-xr-x 2 paul webdev 512 May 06 11:14… Read more Using SGID to Control Group Ownership of Directories
In most cases dynamic data in forms is handled by the forms API which does a pretty good job of keeping it clean. Since the variables in hook_menu() for example are picked up as a % sign and then translated into a callback array, they are “cleansed” as they are passed through the Drupal Core… Read more Secure URL Handling with Drupal
When creating a module in Drupal it is very important to be aware of some security best practices when outputting text into HTML. This helps prevent XSS (Cross Site Scripting) exploits and keeps your code in general good health as it prevents problems with user input like angle brackets or ampersands. Be sure to read… Read more Drupal Security Best Practices When Outputting Text Into HTML
Why would you need to put Drupal comments into a block? Well, recently I was working with another developer that decided to use Quick Tabs to create a menu that would show the current content type’s comments. Quick Tabs uses blocks, so there is one reason I can think of. Ok, so getting the content… Read more Drupal Comments In A Block
One of the most common web security problems is SQL Injection. As the name implies, SQL injections works by introducing malicious SQL code where it doesn’t belong. Since it is SQL code you could probably guess that the attacker “injects” his poison via database queries. Web developers often pass some sort of variable to their… Read more How to Protect Against SQL Injection
Error reporting in PHP gives valuable insight during the development stages. This Insight can be a great aid to problem solving. There are others, however who are interested in why your web site has failed on occasion. The information thrown out by many PHP errors gives the kind of information about your web application that… Read more PHP Error Reporting and Security