Firefox Monitor

Firefox Monitor

Firefox have teamed up with “Have I Been Pwned" to offer a service that allows you to check your email address against a database that serves as a library of data breaches. It will let you know if your email address and/or personal info was involved in a publicly known past data breach. Once you know where your email address was compromised you should at the very least change that system password and any other place where you’ve used that password.

This guide shows you how to check if your details have been compromised.

Tightening up Apache SSL security

At the very least modern websites should be using HTTPS by default with any traffic on HTTP redirected to HTTPS, this ensures traffic in transit is encrypted from 3rd parties prying eyes. The next step is ensuring that the SSL certificate along with the web server it sits on is configured correctly from a security perspective ensuring any well known backdoors are addressed.

The Qualys SSL Server tool is an excellent free tool that grades the quality of your SSL configuration that also identifies any areas that need to be addressed.

Secure Apache/Joomla with an SSL certificate and force all traffic to use HTTPS

Using an SSL certificate is a must for ensuring your website is protected and meets the demands of today's modern sites/browsers. Customers and visitors to your site will know that their browsing session is safe, and that payment details and personal information is secure and encrypted in transit.

The following guide creates a certificate through Apache and a trusted certificate authority, applying the certificate to your website then forcing all traffic to use HTTPS rather than HTTP.

AWS - Using Gmail with your domain utilising SES & Lambda

When working with certain domains there may not be a requirement to have a full blown email system running but there may be a requirement to forward emails to another system and therefore it is important to have a reliable, functional, serverless and ideally free or very minimal cost email system available. I use this for my own purpose to verify infra.engineer via email for proof of ownership for the SSL Certificate and renewal emails without having to have a full blown dedicated mailbox attached to the domain.

This guide utilises AWS SES and Lambda, building a mail system that integrates seamlessly with your Gmail account, at the same time allowing you to send and receive mail from multiple mailboxes within your own domain, although this guide focuses on Gmail other email systems can be used such as Office365 and iCloud Mail.

Send Joomla email via Amazon Simple Email Service (SES)

Amazon Simple Email Service (Amazon SES) is a cloud-based email sending service designed to help digital marketers and application developers send marketing, notification, and transactional emails. It is a reliable, cost-effective service for businesses of all sizes that use email to keep in contact with their customers

Reliable email delivery is key in web based application, you don't want your customers to miss that order confirmation email or a very important notification.

The following guide utilises Amazon SES to send emails from with Joomla;

Building a Joomla site on AWS Lightsail

Amazon Lightsail is a virtual server that's cost-effective, fast, & reliable with an easy-to-use interface ideal for developers, businesses, students, or users who need a simple Virtual Private Server (VPS) solution for a lab or production site.

 

Lightsail gives you access to the power of AWS, with the simplicity of a VPS. You choose a configuration from a menu and launch a virtual machine (an instance) pre-configured with SSD-based storage, DNS management and a static IP address utilising either Linux or Windows.

 

This guide is for implementing Joomla on Linux, a free tier is available for month (Up to 750 hours).

Microsoft Azure CSP - Connecting to a customer tenant using powershell

The following commands is designed for Microsoft Cloud Solutions Providers (CSP) to connect to a customer tenant using powershell.

Generate Subject Alternative Name (SAN) certificate for use in LDAPS

This guide allows you to configure a subject alternative name (SAN) certificate for use with LDAPS (LDAP over SSL)

Use OpenSSL to generate a multi-domain (UCC) certificate

This guide allows you to create a multi-domain/unified communications certificate (UCC) for securing multiple domains under 1 certificate, you secure a primary domain name and up to 99 additional Subject Alternative Names (SANs) in a single certificate.