We are planning on a Webinar in January about security for Web applications. We will cover topics such as encryption, authentication, data integrity and securing Linux/Unix and MySQL.
This webinar will be limited to the Sun Startup Essentials members.
If you ave any questions related to security, let us know in
advance - I'll be checking the comments.
We are planning on a Webinar in January about security for Web applications. We will cover topics such as encryption, authentication, data integrity and securing Linux/Unix and MySQL.
This webinar will be limited to the Sun Startup Essentials members.
If you ave any questions related to security, let us know in
advance - I'll be checking the comments.
We are planning on a Webinar in January about security for Web applications. We will cover topics such as encryption, authentication, data integrity and securing Linux/Unix and MySQL.
This webinar will be limited to the Sun Startup Essentials members.
If you ave any questions related to security, let us know in
advance - I'll be checking the comments.
I am happy to announce today the release of FuseGuard Web Application Firewall for ColdFusion!
FuseGuard 2.0 is the new name for Foundeo Web Application Firewall, but we did a bit more than just change the name!
The biggest new features added to version 2 are the Web Based manager, and the database logger. The web manager main function is to provide reporting for the attacks against your server, but it also allows you to view configuration, and manage users.
Here are some screen shots:
[Read more]You want to use or to know more about Sun technologies? Join these Webinars to improve your knowledge and skills. You will be able to ask questions to Sun's experts.
Mercredi 10 Février : Securité pour les applications Web. Pour les startups du Web, la protection et la sécurisation de leurs applications, de leurs données, et de celles de leurs clients est un véritable facteur clé de succès. Ce Webinar couvre les différents challenges liés à la sécurité ainsi que les solutions associées telles que l'encryption, l'authentification, les certificats, la sécurisation du stockage et le stockage à tolérance de panne, les environnements étanches. Les architectes de Sun Startup Essentials présenteront des implémentations économiques basées sur des composents standards et ouverts tel qu'Apache, MySQL et ZFS. Ce webinar est …
You want to use or to know more about Sun technologies? Join these Webinars to improve your knowledge and skills. You will be able to ask questions to Sun's experts.
Mercredi 10 Février : Securité pour les applications Web. Pour les startups du Web, la protection et la sécurisation de leurs applications, de leurs données, et de celles de leurs clients est un véritable facteur clé de succès. Ce Webinar couvre les différents challenges liés à la sécurité ainsi que les solutions associées telles que l'encryption, l'authentification, les certificats, la sécurisation du stockage et le stockage à tolérance de panne, les environnements étanches. Les architectes de Sun Startup Essentials présenteront des implémentations économiques basées sur des composents standards et ouverts tel qu'Apache, MySQL et ZFS. Ce webinar est …
Following up on this entry, here are some more best practices to secure MySQL in a production environment.
But before moving forward, let me pay credit to Lenz Grimmer who
helped me to put this information together.
After setting a password for the MySQL root account and removing the test database and anonymous account you can also limit the remote access to MySQL to a specific host. You do this by setting the bind-address attribute in the /etc/mysql/my.cnf file to the host ip-address:
bind-address=ip-address
If you set bind-address to 127.0.0.1, which is the loopback address, then MySQL only accepts connections from the host where it runs.
If you uncomment skip-networking in my.cnf MySQL only …
[Read more]Following up on this entry, here are some more best practices to secure MySQL in a production environment.
But before moving forward, let me pay credit to Lenz Grimmer who
helped me to put this information together.
After setting a password for the MySQL root account and removing the test database and anonymous account you can also limit the remote access to MySQL to a specific host. You do this by setting the bind-address attribute in the /etc/mysql/my.cnf file to the host ip-address:
bind-address=ip-address
If you set bind-address to 127.0.0.1, which is the loopback address, then MySQL only accepts connections from the host where it runs.
If you uncomment skip-networking in my.cnf MySQL …
[Read more]Following up on this entry, here are some more best practices to secure MySQL in a production environment.
But before moving forward, let me pay credit to Lenz Grimmer who
helped me to put this information together.
After setting a password for the MySQL root account and removing the test database and anonymous account you can also limit the remote access to MySQL to a specific host. You do this by setting the bind-address attribute in the /etc/mysql/my.cnf file to the host ip-address:
bind-address=ip-address
If you set bind-address to 127.0.0.1, which is the loopback address, then MySQL only accepts connections from the host where it runs.
If you uncomment skip-networking in my.cnf MySQL …
[Read more]You finished the development phase of your Web project, and you are now heading to production. This means that your web-site will be soon on-line, visible on the Internet, and may become a potential target for attacks.
During development, you have been using MySQL on your laptop, and
since you are the only one accessing your laptop you used the
default configuration as-is. You are perfectly right in doing
that, in fact MySQL is pretty secure by default, but here are a
set of post-installation best practices to bring MySQL security
to the next level.
1) Set a password for the root account. Note that by "root
account" I don't mean the super-user of the operating system, but
the super-user of MySQL itself:
$ mysql -u root mysql
mysql> SET PASSWORD FOR
root@localhost=PASSWORD('new_password');
2) If they exist, remove the MySQL anonymous account - or assign a password to it - and …
[Read more]
