DEV Community: ajinm98

Unlocking Cloudflare's Threat Score: Enhance Your Security Without Upgrading Your Plan

ajinm98 — Wed, 10 Apr 2024 10:45:08 +0000

Cloudflare assigns a threat score to each request that is proxied through its services. This threat score ranges from 0, indicating no risk, to 100, signaling a high risk. The score classifies the IP reputation of a visitor based on several factors, including data from Project Honeypot, external public IP information, and internal threat intelligence derived from WAF managed rules and DDoS mitigation efforts.
However, users on the Basic or Pro plans do not have direct access to the threat scores of their traffic, nor can they create rules based on these scores. But there's a workaround that allows you to access this risk score and utilize it to create rules within your application.
The key is to create a Transform Rule that modifies the request header. By doing this, you can get the risk score information and make rules/decisions to enhance your application's security.

Please follow the steps below:

Go to transform rules
Select Modify Header request
Set a dynamic header with value 'cf.threat_score' That's it now you will get threat score for each request using the dynamic header name

Total data transfer of Individual sites from access log

ajinm98 — Fri, 19 Aug 2022 19:08:35 +0000

Command - cat /website/access.log | awk 'BEGIN{sum=0} {sum=sum+$10} END {print sum}'

Swiss army knife of Linux

ajinm98 — Tue, 05 Jul 2022 19:00:52 +0000

BusyBox - The Swiss Army Knife of Embedded Linux

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides minimalist replacements for most of the utilities

Here is how to launch a simple web server using busybox on port 8080, just run

busybox httpd -f -p 8080

https://manpages.ubuntu.com/manpages/trusty/man1/busybox.1.html#:~:text=BusyBox%20combines%20tiny%20versions%20of,%2C%20util%2Dlinux%2C%20etc. refer for more info

Why do we use port 8080 for http in some webservers?

ajinm98 — Sun, 03 Jul 2022 15:35:37 +0000

The reason is that
listening on any port less than 1024 requires root user privileges. This is a security risk,
because any attacker who manages to compromise your server would get root privileges too.

Convert virtualisation of your EC2 from PV to HVM

ajinm98 — Fri, 24 Jun 2022 18:35:55 +0000

I recently came across a script which will enable us to convert the virtulization of our instance from ParaVirtual to HVM

https://gist.github.com/comeara/e06bdf2666923a810e58507ee6833988
Check out this script!!!

How to install latest version of packages on Amazon Linux 1

ajinm98 — Mon, 06 Jun 2022 19:20:52 +0000

As we all know that Amazon linux 1 support is no linger available ,hence some of the latest packages are not available for the same,I faced this issue while installing nrpe v 4.0.0 for nagios, The supported version for amazon linux was only 2.3
But I was able to install nrpe 4.0.0 package on my instance my changing the "OS" value in /etc/release file from "Amazon Linux 1" to "Cent OS" .

Since both are Red Hat based, most of the packages might work using this trick

MYSQL DUMP showing error in parsing data

ajinm98 — Mon, 06 Jun 2022 19:16:14 +0000

Can be solved by adding this to your query

mysqldump --column-statistics=0

Word-Press plugin issue where FTP creds are asked and Connection Issue is shown

ajinm98 — Mon, 06 Jun 2022 19:14:53 +0000

Add this to your wp-config.php file to solve the issue

define('FS_METHOD', 'direct');