Making sure software is kept up to date is very important. Especially when it comes to security updates. Unattended-upgrades is a package for Ubuntu and Debian based systems that can be configured to update the system automatically. We’ve already discussed manual patching vs auto patching, most of this post will assume you’d like to set-up […]
On 31st May 2018, Debian 7 “Wheezy” reaches end of life (EOL). We recommend that you update to Debian 9 “Stretch”. Over time technology and security evolves, new bugs are fixed and new threats prevented, so in order to maintain a secure infrastructure it is important to keep all software and systems up to date. […]
As you may have seen in previous blog posts, we have a Warboard in our office which shows the current status of the servers we manage. Most of our customers are using our new alerting stack, but some have their own monitoring solutions which we want to integrate with. One of these was Prometheus. This […]
From 15 Mar 2018 Google Chrome will start distrusting Symantec SSL Certificates. What is happening and why? Over the past few years various concerns have been raised regarding Symantec’s process for issuing and revoking SSL certificates. As a result Google Chrome have announced that they will be distrusting SSL certificates issued by Symantec. It is […]
Shellshock is a bug in the bash shell. The main issue comes from the fact that commands can be executed if they are crafted into environment variables. This means anyone who can send a user agent to Apache can run commands as the user running Apache. Am I affected? You can test if your server […]