Chris Lazari

Information Security, Cloud Computing & Other Technologies of Interest

Category

Security

PFSense – Enabling Administration via the WAN Interface

About PFSense PFsense is an open source firewall and routing solution which is built on FreeBSD. This firewall solution is the unsung hero of open source firewalls so if you have not seen it, get your hands dirty and you… Continue Reading →

Hardening WordPress – Robots.txt

WordPress possesses a virtual robots.txt file which means that no actual file is present on the web server, WordPress generates this file each time someone visits your site. A robots.txt file is a good idea to make your site search… Continue Reading →

Hardening WordPress – Hiding Directory Listing

A common WordPress configuration error is permitting directory listing or directory browsing as it is also known. Unless you have a specific use case where you have to have directory listing enabled, this should be disabled as it is information… Continue Reading →

Hardening WordPress – PHP Configuration

WordPress is written in PHP. In order to properly secure WordPress one needs to ensure that your server’s global PHP settings are configured in a secure manner in order to mitigate any security risks that may exist. In a shared… Continue Reading →

WordPress Security – Setting File Permissions

Why Correct File Permission Settings are Important WordPress is a very popular platform for building websites.  WordPress sites could make up anything from 15% to 23% of sites on the Internet depending on where you get your statistics from. This… Continue Reading →

Case Study – Cost Effective Website Security

I manage several websites and generally follow industry standard practices to secure and harden these sites. I believe in ‘Defense in Depth’ and so I deploy several security focused products and services which focus on web applications. As many of… Continue Reading →

Azure Security Center – Getting Started

How safe is my data and how secure are my applications in the cloud? This is one of the first questions many organizations ask when they first start investigating migrating data, applications and workloads to public cloud infrastructure. Securing data… Continue Reading →

Yahoo – A Quantifiable Cost for a Data Breach

Yahoo posted a security advisory on December 14th, 2016 advising all users of a second data breach. This breach has resulted in a data compromise of over 1 billion user accounts and could cost Yahoo’s shareholders dearly. Second Data Breached… Continue Reading →

How to Spot a Phishing Email

The vast majority of IT security breaches start with a phishing campaign. This statistic should not be a surprise to you as the human element is after all the weakest link in the security chain. The best way to defend… Continue Reading →

© 2017 Chris Lazari

Up ↑