Technology

Technology implementations and how-to’s

Change WordPress Admin Login URL

I’m long overdue for improving my WordPress website security. With that said, I’m embarking on a journey to enhance my site security. Security implementation #1 is to protect my site against brute force attack . A brute force attack is when a hacker attempts to try various permutations and combinations of usernames and passwords to get inside of your WordPress blog. All WordPress websites have a common admin URL in the form of www.domain.com/wp-admin. Knowing this common URL makes it easy for a hacker to get started with brute force attack. Ok, enough blabbing … let’s get to work (follow my Github project for securing WordPress to see new implementations)

Continue reading…

Configuring Ansible To Manage A Windows Host Using WinRM

I recently setup Ansible to communicate with a Windows host. Unlike NIX-based hosts (Linux/Unix), which use SSH by default, Windows hosts are not a good fit for SSH configuration with Ansible. As per the Ansible documentation, “use this (SSH with Windows) feature at your own risk! Using SSH with Windows is experimental, the implementation may make backwards incompatible changes in feature releases. The server side components can be unreliable depending on the version that is installed”. So instead, I choose the WinRM setup. Here’s how I did it.

Continue reading…

An Easy Approach To Oracle Database Security Assessment

Performing routine holistic database health checks is a must – good database administrators do more than just keep their database up to PAR . I perform these health checks on a quarterly basis to analyze database capacity/resource utilization, availability, performance, and security. Oracle Database Security Assessment Tool (DBSAT) just made my life alot easier and my health checks more effective. DBSAT is a command line tool focused on identifying how securely the database is configured, who are the users and what are their entitlements, what security policies and controls are in place, and where sensitive data resides with the goal of promoting successful approaches to mitigate potential security risks. DBSAT is a lightweight utility that will not impair system performance in a measurable way.

Continue reading…

Understanding EC2 Status Checks

I recently had a student ask me “what’s up with 2/2 checks passed” message on EC2 dashboard of AWS console. Great question, here’s the answer. Elastic Compute Cloud (EC2) is a virtual server offering in Amazon Web Services (AWS). Each EC2 server is known as an instance. An EC2 instance goes through two status checks at startup, then continuously performed every minute afterwards. The automated status checks allow engineers to quickly determine whether Amazon EC2 has detected any problems that might prevent the EC2 instance from running properly. The two status checks are known as a system check and a instance check. There’s a “Status Check” tab for each EC2 instance – you can access it by simply selecting the instance -> navigating to the details -> selecting status check tab. You can also refer to the image below for an example.

Continue reading…

Keeping Your Database Up To PAR Isn’t Enough In 2019

Ensuring the database is up to PAR (Performance, Availability, Recoverability) has long been the focus of database administrators everywhere. Although this is still true, it is no longer an accurate depiction of the full scope of a DBA’s responsibilities. Modern businesses operate as online data driven machines. The demand and value placed on data, coupled with the current cyber security concerns means that database administrators have to redefine their focus. This blog is intended for DBA’s looking to a add value in a modern IT world. I will mention technology implementations specific to Oracle databases, however the concepts mentioned in this blog post are applicable to any database platform.

Continue reading…

Flashback An Oracle Data Guard Database

Logical mistake, end of testing cycle, need to rollback database to a previous state? RMAN restore can help, however there’s an easier way: we can address these scenarios with the Flashback technique. In the case of a standalone Oracle database, there is nothing special to take into account when performing flashback. However, performing flashback of a Data Guard environment needs special treatment of the Standby Database to ensure data consistency. This article will show you how to do that:

Continue reading…