F5 BIGIP – DNS and IP Intelligence

Posted Leave a commentPosted in Security Stuffs

F5 has a nice threat feed called IP Intelligence.  It’s really great for keeping “bad” folks from initiating communications TO your F5.  I wanted to use it to keep me from doing something stupid. You know, like handing over my etrade credentials to a known Phishing site or something.  Given that there isn’t a “Stop me from being stupid” button anywhere in the management interface, I had to create my own. In this instance, I wanted a caching DNS resolver that my home network would use exclusively.  As DNS responses would come […]

Verizon X-UIDH HTTP Header Insertion

Posted Posted in Security Stuffs

If you pay attention to what happens in the security landscape at all, you’ve probably seen between 100 to 1000 articles on this specific issue already.  Just in case you’ve missed the coverage, I’ll provide a couple of links for you: Wired – Verizons Perma-Cookie Security Affairs – Verizon Wireless Tracks it’s Clients EFF – Verizon Injects Perma-cookies to Track Users TLDR:  Verizon is rewriting customer HTTP requests to include a X-UIDH tracking header Great.  You’re caught up now.   Since I run a website that sees 10’s of visitors per month, […]

Moving WordPress to SSL Only

Posted Posted in Security Stuffs

I moved my WordPress site to SSL only today..  Very straight forward process as it turns out.  The WordPress Codex pointed me towards the changes required in the application itself.  In your wp-config.php just throw in the following lines: define(‘FORCE_SSL_ADMIN’, true); if ($_SERVER[‘HTTP_X_FORWARDED_PROTO’] == ‘https’) $_SERVER[‘HTTPS’]=’on’; This small piece of configuration tells the system to force all administrative things over SSL.  It also tells the system to look for a X_FORWARDED_PROTO header.  If that value contains https, then use SSL. Since I have a BIG-IP in front of my WordPress instance, we’ll […]