Learn
Educational articles on web security, CDN performance, DDoS mitigation, DNS architecture, and server hardening.
Security Concepts
What is a WAF?
Learn what a Web Application Firewall is, how it works, and why it is critical to protecting your website from common web attacks.
What is a CDN?
Understand how Content Delivery Networks speed up websites by caching content on edge servers around the world.
What is a Software Vulnerability?
Learn what software vulnerabilities are, how they are discovered, and why patching is essential for website security.
What is Cross-Site Scripting (XSS)?
Understand XSS vulnerabilities, how attackers inject malicious scripts into web pages, and how to prevent them.
What is SQL Injection (SQLi)?
Learn how SQL injection attacks work, how they exploit database queries, and how WAFs and parameterized queries prevent them.
What is Directory Traversal?
Understand directory traversal attacks, how they access restricted files on web servers, and how to defend against them.
What is Arbitrary Code Execution?
Learn about arbitrary code execution vulnerabilities that allow attackers to run commands on your server.
What is Clickjacking?
Understand clickjacking attacks that trick users into clicking hidden elements, and how to prevent them with security headers.
DDoS & Attack Explainers
DDoS Attacks Explained
Comprehensive guide to Distributed Denial of Service attacks, how they work, and how CDN and WAF services mitigate them.
DNS Amplification Attacks
Learn how Layer 3 DNS amplification attacks use open resolvers to flood targets with massive traffic volumes.
HTTP Flood Attacks
Understand Layer 7 HTTP flood attacks that overwhelm web servers with legitimate-looking requests.
Volumetric DDoS Attacks
Learn how volumetric attacks saturate network bandwidth and how Anycast-based CDNs absorb them at the edge.
Protocol DDoS Attacks
Understand protocol-layer attacks like SYN floods and how they exploit weaknesses in network protocols.
Brute Force Attacks
Learn how brute force attacks work against login pages and APIs, and how rate limiting and WAFs prevent them.
Common Web Attack Terms
A glossary of common web attack terminology every website owner and developer should understand.
Common Vulnerability Terms
A glossary of software vulnerability terminology including CVE, CVSS, zero-day, and more.
Application Layer DDoS
Understand Layer 7 DDoS attacks that target application logic with legitimate-looking requests.
Web Malware
SEO Spam
Learn how attackers inject spam links and pages into compromised websites to hijack search engine rankings.
Website Malware
Understand common types of website malware, how sites get infected, and what steps to take for cleanup and prevention.
Phishing Attacks via Websites
Learn how attackers use compromised websites to host phishing pages that steal credentials and financial data.
Credit Card Skimmers
Understand how JavaScript-based credit card skimmers steal payment data from e-commerce checkout pages.
Website Blacklists
Learn what website blacklists are, how your site can end up on one, and steps to get delisted.
Email Security
What is SPF?
Learn how Sender Policy Framework works to prevent email spoofing by specifying which mail servers can send for your domain.
What is DKIM?
Understand DomainKeys Identified Mail, how it uses cryptographic signatures to authenticate email messages.
What is DMARC?
Learn how DMARC ties together SPF and DKIM to give domain owners control over email authentication and reporting.
Security Headers
What are Security Headers?
Learn about HTTP security headers that protect your website from XSS, clickjacking, MIME sniffing, and other attacks.
How to Configure Security Headers
Step-by-step guide to implementing security headers on Apache, Nginx, and through your CDN or WAF.
HSTS (Strict Transport Security)
Understand how HSTS forces browsers to use HTTPS, preventing protocol downgrade attacks and cookie hijacking.
Content Security Policy (CSP)
Learn how CSP headers prevent XSS and data injection attacks by controlling which resources browsers can load.
What is a MIME Type?
Understand MIME types, how they control content handling in browsers, and why X-Content-Type-Options matters.
X-Frame-Options
How X-Frame-Options prevents clickjacking by controlling whether your pages can be embedded in iframes.
X-XSS-Protection
History of the X-XSS-Protection header, why it's deprecated, and CSP as the modern replacement.
Referrer-Policy
Control how much referrer information is sent with requests using the Referrer-Policy header.
Permissions-Policy
Control browser feature access (camera, microphone, geolocation) with Permissions-Policy headers.
Server Hardening
10 Steps to Securing SSH
Comprehensive guide to hardening SSH access on Linux servers, from key-based auth to fail2ban.
Linux Security Checklist
Essential security hardening steps every Linux server should have in place.
Working with UFW on Ubuntu
Configure and manage Ubuntu's Uncomplicated Firewall for port control and access rules.
Enable SFTP on Ubuntu
Set up SFTP-only users with chroot jails for secure file transfer access.
Auto-Update CentOS with Yum-Cron
Automate security updates on CentOS and RHEL servers with yum-cron.
Blocking User Agents
Block malicious bots and scrapers by user agent string on Nginx and Apache.
IPTables
Rate Limiting with IPTables
Use the IPTables recent module to rate limit SSH, HTTP, and other connections.
Default Blocks with IPTables
Create a secure default-deny firewall policy with whitelisted services.
Blocking HTTP via IPTables
Use string matching in IPTables to block HTTP requests by domain or pattern.
Blocking DNS via IPTables
Control DNS traffic to prevent amplification attacks and restrict resolver access.
Commenting in IPTables
Add comments to firewall rules for better documentation and rule management.
Security Tools
NMAP Network Mapper
Comprehensive guide to NMAP scanning, service detection, OS fingerprinting, and NSE scripts.
Install NMAP on Ubuntu
Quick guide to installing NMAP on Ubuntu, CentOS, and verifying the installation.
WPScan WordPress Scanner
Use WPScan to enumerate plugins, themes, and users to find WordPress vulnerabilities.
Sysadmin & Tips
Nginx + PHP + SSL on Ubuntu
Full LEMP stack setup with Certbot SSL certificates on Ubuntu.
Using NSLOOKUP for DNS
Query DNS records with NSLOOKUP in interactive and non-interactive mode.
cURL Performance Testing
Measure TTFB, DNS lookup, and total load time using cURL timing variables.
DNS Traffic via tcpdump
Capture and analyze DNS packets to detect tunneling and amplification.
Parse JSON in Bash
Use jq and Python to parse API JSON responses in shell scripts.
Monitor Services with Bash
Write bash scripts to monitor service status and send alerts on failure.
Block IPs with .htaccess
Use Apache .htaccess rules to block or allow access by IP address and CIDR range.
Capture POST Requests
Log and analyze HTTP POST requests on Apache, Nginx, and with tcpdump.
Remove .php/.html from URLs
Configure clean URLs on Apache and Nginx by removing file extensions.
Upgrading Ubuntu Server
Step-by-step guide to upgrading between major Ubuntu versions safely.
Binding Multiple IPv6 Addresses
Automate IPv6 address assignment on Ubuntu using Netplan and bash scripts.
List UFW Rules When Inactive
View and manage UFW firewall rules even when the firewall is disabled.
Get
Started