7MS #121: Migrating from Tumblr to Ghost-Part 2
7 Minute Security19 Des 2015

7MS #121: Migrating from Tumblr to Ghost-Part 2

Part 2 concludes my journey in moving 7ms.us from Tumblr to a Digital Ocean droplet running Ghost. Here are the key resources mentioned during the podcast:

  • How to run multiple Ghost blogs on one DI VPS. The key takeaway here was that I had to upgrade to the $10 droplet (I did a "flexible" resize to add more proc/memory) and then the second instance of Ghost installed fine.
  • Turning on CloudFlare SSL was easy. I chose flexible SSL since I wasn't using a "real" cert. I also wrote a rule to force HTTPs for all connections. And, just for grins, I turned on DNSSEC. Because...why not? :-)

  • I picked a strong root password for my DI droplet, but I still don't like the idea of IPs banging on that connection all day and night. I followed this article on installing Fail2Ban to prevent my SSH login from being abused.

    • There are a few IPs that I want to perma-ban, so I'm going to look throughthis article and this one which looks a tad easier.

You can subscribe to the 7 Minute Security podcast here.

Episoder(720)

7MS #616: Interview with Andrew Morris of GreyNoise

7MS #616: Interview with Andrew Morris of GreyNoise

Hey friends, today we have a super fun interview with Andrew Morris of GreyNoise to share. Andrew chatted with us about: Young Andrew's early adventures in hacking his school's infrastructure (note:...

22 Mar 202459min

7MS #615: Tales of Pentest Pwnage – Part 54

7MS #615: Tales of Pentest Pwnage – Part 54

Hey friends, sorry I'm so late with this (er, last) week's episode but I'm back! Today is more of a prep for tales of pentest pwnage, but topics covered include: Make sure when you're snafflin' that...

19 Mar 202421min

7MS #614: How to Succeed in Business Without Really Crying - Part 16

7MS #614: How to Succeed in Business Without Really Crying - Part 16

How much fun I had attending and speaking at Netwrix Connect Being a sales guy in conference situations without being an annoying sales guy in conference situations A recap of the talk I co-presented ...

8 Mar 202436min

7MS #613: Tales of Pentest Pwnage – Part 53

7MS #613: Tales of Pentest Pwnage – Part 53

Today's tale of pentest covers: Farming for credentials (don't forget to understand trusted zones to make this happen properly!) Snaffling for juice file shares Stealing Kerberos tickets with Rubeus

1 Mar 202433min

7MS #612: Pentestatonix - Part 2

7MS #612: Pentestatonix - Part 2

Hello friends, we're still deep in the podcast trenches this quarter and wanted to share some nuggets of cool stuff we've been learning along the way: Snaffler – pairs nicely with PowerHuntShares to ...

25 Feb 202432min

7MS #611: Pentestatonix

7MS #611: Pentestatonix

Hey friends, sorry for the late episode but I've been deep in the trenches of pentest adventures.  I'll do a more formal tale of pentest pwnage when I come up for air, but for now I wanted to share so...

19 Feb 202434min

7MS #610: DIY Pentest Dropbox Tips – Part 9

7MS #610: DIY Pentest Dropbox Tips – Part 9

Hey friends, today we cover a funstrating (that's fun + frustrating) issue we had with our DIY pentest dropboxes. TLDL:   The preseed file got jacked because I had a bad Kali metapackage in it. While...

9 Feb 202420min

7MS #609: First Impressions of Sysreptor

7MS #609: First Impressions of Sysreptor

Hey friends, today is a first impressions episode about Sysreptor, which according to their GitHub page, is a fully customisable, offensive security reporting solution designed for pentesters, red tea...

2 Feb 202430min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
forklart
popradet
stopp-verden
fotballpodden-2
rss-gukild-johaug
lydartikler-fra-aftenposten
det-store-bildet
nokon-ma-ga
hanna-de-heldige
dine-penger-pengeradet
rss-ness
aftenbla-bla
rss-espen-lee-usensurert
e24-podden
rss-dannet-uten-piano
rss-penger-polser-og-politikk
frokostshowet-pa-p5