Recently on my project, someone did brute force attack over the login page of WordPress with multiple IPs. In the first response, we have blocked those IP on Nginx conf and later we realized, it would be better if we do it through IPtables. However, this was not enough as we need the manual intervention on the daily basis, hence things...
This blog post refers to a use case I came across recently wherein, a few users had to remotely log into the server using SFTP. These users should be restricted to perform read/write operation only in their home directory and only from office network i.e the public IP address(es), their office network is fabricated upon. To achieve this,...
Consider a use case where in any team members have opened port 22 for 0.0.0.0/0 inside an EC2 security group and forgot, which is a big security concern for the Instances. So I have written a script using python boto library which scans all the security groups of running / stopped instances and sends an email to all stakeholders on...
In my current project, we were required to implement Instance Based Security. The idea was to find a clean solution separate from the main business logic of the application. We took a clue from the Spring Security Plugin to use the Annotations to do our job. All we wanted to do was to develop annotations for actions, which could help to...