How To Use AWS CloudTrail For Intrusion Detection To Monitor Your AWS Account For Unwanted Activity

Author: , December 30th, 2022

Summary Use AWS CloudTrail as the basis for a simple Intrusion Detection System to monitor your AWS account for unwanted activity. Background While I follow best practices for security, it is always possible that a bad actor could obtain my credentials and gain access to my AWS account. Once access is gained, such criminals could […]

How To Block All Traffic From China Using iptables and ipset on Amazon Linux

Author: , October 24th, 2019

All credit to Matt Wilcox for this excellent article, for which this post is based – thank you, Matt! https://mattwilcox.net/web-development/unexpected-ddos-blocking-china-with-ipset-and-iptables/ All commands run as root!

Do this once only:

Then add blockchina to the root cron

How to Install Apache mod_evasive on AWS Linux/CentOS

Author: , July 26th, 2014

I was getting tired of using iptables to block the various hackers and bots constantly slamming my servers (the Chinese are the worst offenders by far – curse them!). I found the Apache module mod_evasive and installed it. Here are links to various articles about mod_evasive: http://www.zdziarski.com/blog/?page_id=442 https://coderwall.com/p/eouy3g http://www.crucialp.com/resources/tutorials/server-administration/flood-protection-dos-ddos-protection-apache-1.3-2.0-mod_dosevasive-avoiding-denial-of-service-attacks.php Add the Module to Apache I […]

How To Block WordPress XMLRPC Attacks

Author: , July 8th, 2014

Add the following to either your .htaccess file or to your Apache config: