Our websites are constantly under attack from the outside world. The vast majority of these are done by robots, which try to discover the weak points of the websites running on the server. Some of the robots with this purpose try to do this by making various seemingly random HTTP requests to our websites, most of which are directed to non-existent URL addresses. As a result, our server responds with a 404 HTTP response code. In this description, we will look at how to ban the large number of attempts resulting in 404 and other 4xx HTTP response codes using Fail2Ban.

By using the HSTS header, we can make our websites more secure against man-in-the-middle attacks. In this short description, we will see how we can set this HTTP header in our Apache-based LAMP or ISPConfig server environment.

There are several ways to manage web servers and other servers remotely, of which SSH is the most common command line solution. The SSH protocol communicates over an encrypted channel between the server and the client. Like all similar communications, SSH transmits data through a specific port, which by default is the well-known tcp port 22. Since the function of this port is known to many people, it exposes the servers to regular attacks. This is usually avoided - or at least to reduce the number of attempts - by switching this well-known port to another, unknown port number, which can only be detected externally by port scanning, which is a more time-consuming task.
In this write-up, we will look at how to change SSH's well-known TCP port 22 to a unique port number to minimize the number of attack attempts via SSH.

UCW (Uncomplicated Firewall) is an easy-to-use netfilter firewall management program. It uses a command line interface that consists of a few simple commands and uses iptables for configuration, so it is the frontend of iptables. In this description we will look at the installation and basic use and configuration of the UFW firewall, the steps of which I will perform on a minimal Debian 11 server.

When we run websites, our server and the websites and services that run on it are often vulnerable to external attacks, and our MySQL / MariaDB database server is no exception. If the Fail2Ban protection software is also available on your server, this short description will show you how to make your server more secure against attacks on your "Access denied for user root @ ip address (using password: YES / NO)" database server.

ISPConfig uses a variety of protection systems to keep it secure, including IDS (Intrusion Detection System) technology. However, this setting may be too sensitive and disable us from the control panel as well. In this little troubleshooter, we'll see what we can do if our ISPConfig control panel doesn't allow us, but instead gets a "Possible attack detected. This action has been logged." error message.

With the help of LAMP systems, we can run dynamic web pages on our server or even on our home computer. I have previously built LAMP servers for Debian 8 (Jessie), Debian 9 (Stretch) and Ubuntu 18.04 LTS (Bionic Beaver), and in this description we will install the LAMP server components for the Ubuntu 20.04 LTS (Focal Fossa) Linux distribution.