AWS, Technology

Block admin login page attack using Fail2ban

Recently on my project, someone did brute force attack over the login page of WordPress with multiple IPs. In the first response, we have blocked those IP on Nginx conf and later we realized, it would be better if we do it through IPtables. However, this was not enough as we need the manual intervention on the daily basis, hence things...

by Prashant Sharma
Tag: Custom Security

AWS, Technology

Setting up restricted remote SFTP server

This blog post refers to a use case I came across recently wherein, a few users had to remotely log into the server using SFTP. These users should be restricted to perform read/write operation only in their home directory and only from office network i.e the public IP address(es), their office network is fabricated upon. To achieve this,...

by Sharad Aggarwal
Tag: Custom Security


Continuing with Boto: Find security group having port 22 open for all

Consider a use case where in any team members have opened port 22 for inside an EC2 security group and forgot, which is a big security concern for the Instances. So I have written a script using python boto library which scans all the security groups of running / stopped instances and sends an email to all stakeholders on...

by Vikash Jha
Tag: Custom Security


Handling Instance Based Security

In my current project, we were required to implement Instance Based Security. The idea was to find a clean solution separate from the main business logic of the application. We took a clue from the Spring Security Plugin to use the Annotations to do our job. All we wanted to do was to develop annotations for actions, which could help to...

by Imran Mir
Tag: Custom Security