Create a Custom Mount Point with Noexec on Debian

Lets say we want to create a new mount point /test with flag “noexec” but we cannot create a new partition because, for example, we are using a VPS. How can we do that? Simple, we can create a file, make it an ext4 file system, mount it with “noexec” flag, and edit /etc/fstab to […]

How to Secure /tmp and /var/tmp on your VPS

It is very important to disable scripts execution on /tmp and /var/tmp. This way an attacker would not be able (at least not that easily) to become root by executing local root exploits or other bash scripts. We will use the flag “noexec” to disable execution of bash scripts on temp folders. * This guide […]

IP anonymization with analytics.js – Google Analytics

You can anonymize user’s IP with analytics.js Google Analytics like this: (function(i,s,o,g,r,a,m){i[‘GoogleAnalyticsObject’]=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,’script’,’//www.google-analytics.com/analytics.js’,’ga’); ga(‘create’, ‘GA_TRACKING_ID’, ‘auto’); ga(‘send’, ‘pageview’); ga(‘set’, ‘anonymizeIp’, true); </script> (function(i,s,o,g,r,a,m){i[‘GoogleAnalyticsObject’]=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,’script’,’//www.google-analytics.com/analytics.js’,’ga’); ga(‘create’, ‘GA_TRACKING_ID’, ‘auto’); ga(‘send’, ‘pageview’); ga(‘set’, ‘anonymizeIp’, true); </script> This code indicates the user’s IP is anonymized: ga(‘set’, ‘anonymizeIp’, true);ga(‘set’, ‘anonymizeIp’, true); Make sure to […]

IP anonymization with gtag.js – Google Analytics

You can anonymize user’s IP with Global site tag (gtag.js) like this: <!– Global site tag (gtag.js) – Google Analytics –> <script async src="https://www.googletagmanager.com/gtag/js?id=GA_TRACKING_ID"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag(‘js’, new Date());   gtag(‘config’, ‘GA_TRACKING_ID’, { ‘anonymize_ip’: true }); </script><!– Global site tag (gtag.js) – Google Analytics –> <script async src="https://www.googletagmanager.com/gtag/js?id=GA_TRACKING_ID"></script> <script> […]

Lets Encrypt certificate failed to renew

On a VPS I noticed that Lets Encrypt certificate failed to automatically renew correctly. After some research, I noticed that this issue was caused due to the certbot/letsencrypt script that didn’t execute the “post-hook” code (to reload the web server) after the certificate was renewed. Infact the certificate was renewed according to letsencrypt logs: Saving […]

Renew an expired Lets Encrypt / Certbot certificate

Yes it is possible to renew expired Lets Encrypt / Certbot certificate. First try to run the “-renew” command like this: certbot renew or letsencrypt renewcertbot renew or letsencrypt renew Then make sure to restart/reload your web server: /etc/init.d/nginx reload or /etc/init.d/nginx restart/etc/init.d/nginx reload or /etc/init.d/nginx restart That’s all.

GDPR Recommendations for AdSense Publishers

Some recommendations to be GDPR-compliant with AdSense: 1) Write a link to Google Privacy policy in your cookie banner/privacy policy: https://policies.google.com/technologies/partner-siteshttps://policies.google.com/technologies/partner-sites 2) Stop personalized ads for European EU traffic on AdSense: 3) Create a proper privacy policy page 4) Write on the privacy policy that personalized ads are disabled 5) Use a cookie banner script […]

Set BitLocker to use Alpanumeric and Symbols on PIN

How to set BitLocker to use alpanumeric and symbols on PIN? 1) Modify BitLocker policy via GPEdit Open gpedit.msc and browse to: Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Bitlocker Drive Encryption > Operating System Drives > BitLocker Drive Encryption > Operating System Drives On the right-panel, double-click on […]

Enable BitLocker to Prompt for Password (not PIN) on Startup

How to enable BitLocker to ask for a password when the PC is booted/startup? 1) Open cmd.exe as Administrator 2) Remove TPM-only protector manage-bde.exe -protectors -delete c: -type TPMmanage-bde.exe -protectors -delete c: -type TPM 3) Add Password protector: manage-bde.exe -protectors -add c: -Passwordmanage-bde.exe -protectors -add c: -Password * You will be asked to enter the […]