Forem: Lance

Apache httpd-2.4 - Secured Configuration on Fedora

Lance — Thu, 20 Feb 2025 07:36:19 +0000

To configure a secured Apache HTTP/2.4 on Fedora, you need to install the Apache web server, enable the necessary modules like mod_ssl for SSL encryption and mod_http2 for HTTP/2 support, and then modify your Apache configuration file to specify the protocols and secure your virtual hosts with SSL certificates; essentially, enabling both HTTP/2 and HTTPS functionality on your Apache server.

Install Apache and necessary modules

Install Apache.

sudo dnf install httpd

Install SSL module.

sudo dnf install mod_ssl

Install HTTP/2 module.

sudo dnf install mod_http2

Enable modules in Apache configuration

Edit Apache configuration file.

sudo vi /etc/httpd/conf/httpd.conf

Load modules.

LoadModule ssl_module modules/mod_ssl.so
LoadModule http2_module modules/mod_http2.so

Configure virtual host for HTTPS

Create a new virtual host block for your domain:

<VirtualHost *:443>
    ServerName yourdomain.com
    DocumentRoot /var/www/html/yourdomain

    SSLCertificateFile /path/to/your/certificate.crt
    SSLCertificateKeyFile /path/to/your/private.key

    # Enable HTTP/2
    Protocols h2 http/1.1
</VirtualHost>

Replace yourdomain.com with your actual domain name.

Replace /path/to/your/certificate.crt and /path/to/your/private.key with the paths to your SSL certificate and private key respectively.

Restart Apache

sudo systemctl restart httpd

Important Considerations:

Obtain SSL certificates - You will need to obtain a valid SSL certificate from a trusted certificate authority (CA) to secure your website with HTTPS.
Firewall configuration - Ensure your firewall is configured to allow incoming connections on port 443 (HTTPS).
HTTP to HTTPS redirection - Consider using a rewrite rule to automatically redirect all HTTP requests to the HTTPS version of your website.

Why Zero-Day Vulnerabilities Are Exploding and How to Protect Your Business

Lance — Sun, 16 Feb 2025 14:59:20 +0000

Over the past few years, I've witnessed a dramatic surge in zero-day attacks—a trend that’s reshaping our approach to cybersecurity. Zero-day vulnerabilities, which are essentially unknown flaws in software, have become the go-to entry point for attackers. This explosion isn’t random; it stems from two key factors:

💻 Sophistication of Attackers

Today's cyber adversaries are not only better funded and more organized, but they're also constantly innovating. They’re leveraging advanced techniques to identify and exploit vulnerabilities before anyone else even knows they exist.

⚡ Speed of Technology Adoption

With businesses rapidly integrating new technologies—from cloud services to IoT devices—the window for patching vulnerabilities is shrinking. New systems often introduce unknown risks, leaving organizations exposed.

So, how can businesses minimize this risk?

Secure DevOps Practices (DevSecOps)

Embedding security into every stage of development helps catch potential vulnerabilities early. Regular code audits, automated testing, and continuous monitoring are essential to reduce the chances of a zero-day slipping through.

Leveraging Managed Detection and Response (MDR) Services

With MDR, you gain access to expert threat hunting and rapid incident response. These services are designed to detect unusual activities and mitigate threats—even those exploiting zero-day vulnerabilities—before they can wreak havoc.

Real-world case studies, such as recent breaches impacting major organizations, underscore the devastating aftermath when zero-day vulnerabilities are exploited. These incidents remind us that proactive defense is not just an IT issue—it’s a strategic business imperative.

Staying ahead means integrating security into your culture and operations. The evolving threat landscape demands we invest in our defenses as robustly as we invest in our growth.

Is Rust a Complex one ?

Lance — Sat, 22 Jul 2023 17:21:31 +0000

I have been working with Python, Golang, and JavaScript for more than 5 years, with C/C++ as slightly lesser. Each of the syntax, file structures, and even package management ecosystem (be it in existence or not), has largely been friendly to pickup as beginner coder. Myself as an example, is a self taught developer, using extensive Google, YouTube, and of-course, StackOverflow!

Recently, I have looked back into Rust, an programming language having complexity on-par, or even surpass that of C++, apart from cargo being the well controlled portion.

Nevertheless, the common concept of types, classes in conventional OOP, with functional methods and interface coding methodology are combined, with more granular controls in-built called macro, which added on each version update on rust core, has made it ever-harder to grasp fully.

This is my humble opinion on Rust, as of my current knowledge while learning it. Suggestion on learning methods on Rust are welcome and appreciated.

I will definitely keep this learning journey posted, that is if I ever climb up this rabbit hole.

Cheers!