This article focuses on providing security and isolation on a FreeBSD 12 web server hosting numerous websites. We use php-fpm and nginx to host many website, each under its own user process which can be contained by the system. The approach was inspired by the DigitalOcean article on the same topic but written for Linux […]
I wanted postfix on my server to send mail through Gmail so messages don’t get market as spam. Rather than setup all the interesting mail security options on my server and within my mail domain, I’d rather leave all that to the experts at Google. The best article I found on the subject shows exactly […]
Use cloud block storage on OCI (Oracle Cloud Infrastructure) with FreeBSD, just like it’s done on Linux and Windows compute instances, and optionally leverage ZFS for simple management, cloning, encryption, redundancy, and more. Disclaimer: at the time of writing, I work for Oracle. I wrote this article for fun on my free time. FreeBSD isn’t […]
This is just an example configuration for pf on FreeBSD with two or more jails. We require private jail networking using NAT and RDR (redirect). Some of the lines below wrap on smaller screens so I’ve included extra spaces between the rdr entries to make them easier to read: ext_if=”em0″ sshd_port=”45678″ web=”192.168.0.1″ db=”192.168.0.2″ scrub in […]
This short article describes how to create a custom image for a server that can be deployed as a “private image” on OCI Classic (formerly known as OPC, or Oracle Public Cloud). This is not really security-related but may still be helpful for someone. The first step is to use Oracle’s free VirtualBox virtualization app […]
It’s important to keep computer systems updated and this process should be as simple as possible to stay safe and secure. A server that runs web applications should be simple to build, easy to patch, update and upgrade, and it should have a great manual. Then being able to monitor problems remotely and be alerted […]
The purpose of this article is to make it easy for WordPress and its 3rd party SFTP plugin to work on a FreeBSD host where the website and web server daemon runs within a jail, but the sshd daemon runs on the host thereby causing problems that prevent the WordPress SFTP plugin from working properly. In […]
You don’t need tools like MySQLAdmin when basic tasks like creating and deleting databases, adding users and adjusting permissions can easily be done from the command line. I run these commands on a FreeBSD system and is likely the same on Linux, Windows, and other systems. Basic tasks Log into mysql: #mysql –u root –p […]
