Security

Database security: Why should you review yours?

Ah database security… the black sheep of topics and something you would really rather not have to deal with right?
I mean surely all the fanfare and paranoia is reserved for the neck beards with tinfoil hats whom live in their own D.I.Y Faraday cage … that must be it … it just has to […]

Read more

Hardening your Cacti setup

If you are using Percona Monitoring Plugins for Cacti, this article should be important to you.
By default, the Cacti setup is closed from accessing from Web. Here is an excerpt from /etc/httpd/conf.d/cacti.conf:

Shell

# httpd 2.4
Require host localhost

# httpd 2.2
Order deny,allow
Deny from all
Allow from localhost

1234567

# httpd 2.4 Require host localhost  # httpd 2.2 Order deny,allow Deny from all Allow from localhost

In […]

Read more

MySQL encryption performance, revisited

This is part two on a two-part series on the performance implications of in-flight data encryption with MySQL. In the first part, I focused specifically on the impact of using MySQL’s built-in SSL support with some rather surprising results. Certainly it was expected that query throughput would be lower with SSL than without, but […]

Read more