Security

So you just deployed your kubernetes cluster and got the kubeconfig file to interact with it. What if you lose that file or want to share it only with trusted individuals? In this case, we can protect the kubeconfig file against OIDC authentication. Authentik is an open-source identity provider that can be integrated with an existing environment to enhance security through various authentication protocols. In this guide, we will see how to integrate Authentik OIDC with Google Kubernetes Engine (GKE) to add an extra layer of security for interacting with the cluster....

There are a lot of password management solutions out there but to me, it is always a good idea to manage passwords on-premises. By using bitwarden_rs, you can store all your secret info (password, note, two-factor authentication, credit card info) to your own server, even in your tiny raspberry pi . bitwarden_rs is an unofficial project of bitwarden which is written in Rust. The official self hosted bitwarden package needs minimum 2 GB ram in order to operate....

Fail2ban is an application which helps to protect your server from brute-force attack. It monitors the log file of the system and looks for the malicious activity. If malicious activity found like too many failed login attempts, it ban the IP address. It is an extremely helpful and must have application for a server. Few days ago one of my server has compromised. I checked the log and found out an astonishing number of brute-force attacks were going on:...

In OpenLiteSpeed web server, setting up a SSL certificate for a domain is a bit tricky. In this article I will show how to setup Cloudflare’s free SSL certificate for a domain name. Before we begin, make sure that your domain is using Cloudflare’s DNS. Getting certificate from Cloudflare Login to your Cloudflare dashboard and select your domain. Click on “Crypto” tab and within SSL settings, select “Full (strict)” Scroll down a bit and within “Origin Certificates” settings, click “Create Certificate” A pop up window will open....