// Archive
Tag: modsecurity
Postfix 3.11: Post-Quantum TLS, TLSRPT, Milters and the Modern MTA Stack
In May 1998, Wietse Venema released the first public alpha of a mailer he’d been writing inside IBM Research and originally called…
How to Install ModSecurity and OWASP CRS on NGINX (Step-by-Step)
A beginner-friendly, step-by-step guide to installing ModSecurity and the OWASP Core Rule Set on NGINX for Debian and Ubuntu — from zero to a live WAF without taking your site down.
WordPress Hardening Plugin for ModSecurity CRS: Block Attacks Without Touching Your PHP
The wordpress-hardening-plugin adds 25+ targeted ModSecurity rules on top of OWASP CRS to lock down xmlrpc.php, the REST API, wp-login.php brute force, GeoIP access control, and IP reputation blocking — all without a single line of PHP.
NGINX ModSecurity Setup on Debian and Ubuntu: WAF with OWASP Core Rule Set
ModSecurity v3 with the OWASP CRS blocks SQL injection, XSS, shell injection, and scanner traffic at the HTTP layer. This guide covers installation, CRS paranoia levels, WordPress tuning, false positive handling, and performance impact.
Nginx & Angie: The Expert Guide to Maximum Performance and Security
The complete guide to building and running an optimised Nginx or Angie server on Debian and Ubuntu — HTTP/3, TLS 1.3, brotli, ModSecurity WAF, FastCGI caching, and eight layers of WordPress defence. Every directive explained.
Hardening PHP with PHP-Snuffleupagus: Block SQL Injection, XSS and Dangerous Functions Inside PHP-FPM
Most WAFs sit outside PHP and can be tricked. PHP-Snuffleupagus lives inside the PHP interpreter itself — blocking dangerous functions, SQL injection, XSS, type juggling, and deserialization attacks where attackers can’t reach. This is what defence in depth actually looks like.