If you’ve ever dealt with Nginx and its dynamic modules, you know the drill. An Nginx package update hits, and suddenly your custom modules – like ModSecurity or GeoIP2 – are no longer compatible. The whole process is a headache: you have to stop Nginx, recompile your modules against the new version, copy the files, and restart the service.
Continue reading Nginx Dynamic Modules: Automating Recompilation with APT HooksTag: NGINX
Paperless-NGX Setup: Installation, Security, and NGINX Integration
When I read about paperless-ngx, I was immediately drawn to the idea of having all my documents indexed (via OCR) and centrally stored. With a proper tagging system, exporting my documents for my annual tax declaration should only take seconds.
Continue reading Paperless-NGX Setup: Installation, Security, and NGINX IntegrationNGINX Hardening: Achieving A+ Security & Performance
Improving your web security and performance starts with a solid foundation. I regularly use external online generators and verification tools to ensure my NGINX configuration meets the highest standards. This guide details my steps to achieve an A+ security rating and optimal performance settings.
Continue reading NGINX Hardening: Achieving A+ Security & PerformanceSecuring Email with MTA-STS and TLSRPT
What is MTA-STS (MTA Strict Transport Security)?
MTA-STS is a mechanism that enforces TLS encryption for your email communication. Think of it as HTTP Strict Transport Security (HSTS) for email. By instructing the sending mail server that a secure connection is mandatory, you can effectively mitigate or stop Man-in-the-Middle (MITM) attacks. The official abstract from the RFC puts it best:
Continue reading Securing Email with MTA-STS and TLSRPT