Written on 1. August 2023

Basic Security on Debian Server

One of my favorite server systems is Debian. After installing a Debian server system, there are a few security measures I always take as a first step.

Before we dive in, I want to make it clear that this article is not meant to be an exhaustive guide to Debian server security. These are just the initial steps I take to secure a new Debian server. Security is a vast and complex field, and it’s crucial to continually learn, adapt, and fortify your systems as best as you can. With that said, let’s get started!

Install Uncomplicated Firewall (ufw)

Uncomplicated Firewall, or ufw, is an interface to iptables that is geared towards simplifying the process of configuring a firewall.

Read more…
Written on 14. January 2023

Apache2 as reverse proxy with ModSecurity and OWASP Ruleset on Debian

Here I will describe as mentioned in article https://stangneth.com/2022/12/27/nginx-as-reverse-proxy-with-waf-modsecurity-on-debian/ how to install a reverse proxy with WAF based on Apache2.


To install Apache2 on Debian, use the following command:

apt install apache2 -y

Next, we need to enable the necessary modules. We will be using the proxy and proxy_http modules to configure reverse proxy functionality and the headers module to add custom headers to the proxied traffic:

Read more…
Written on 27. December 2022

NGINX as reverse proxy with ModSecurity and OWASP Ruleset on Debian

I have divided my home network into three separate areas: a datacenter, a DMZ (demilitarized zone), and an internal client network. To prevent my clients from having direct access to the datacenter, I have set up an NGINX reverse proxy in the DMZ. This allows both clients within the network and those from the WAN (wide area network) to connect. It is great to be able to secure all sites with a Let’s Encrypt certificate.

In the coming days, I plan to publish an article on configuring Apache2 as a reverse proxy with ModSecurity and the OWASP ruleset.


To install NGINX and Certbot from the default repository on a debian-based operating system, you can use the package manager apt:

apt update 
apt install nginx certbot python3-certbot-nginx
Read more…