Security

Welcome to the Security section of PHP Systems Blog. Here, I explore practical ways to protect your systems, data, and privacy - covering everything from server hardening and password management to encryption, backups, and threat detection. My focus is on real-world, actionable steps you can take to secure your technology without overcomplicating it.

Using Kestra to update my proxmox IPSet

I've been using Kestra for a while now to automate some of the more mundane tasks around my network. One of these tasks is keeping the firewall up to date. This blog sits behind cloudflare, and as such, only cloudflare needs to access it. All other sources should be be denied (except internally).

Updating docker hosts with Kestra

Patching is a balancing act. There are some who say you shouldn't if it works, others who say you should, but stay a certain about of time behind and those that think that bleed edge is the way to stay protected.

Smart doorbell failure #2?

Following on from my failure to detect my doorbell button being pushed, I considered a few different alternatives solutions. The first solution to spring to mind was to use a zigbee button.

Security Through Marketing?

Need extra sponsors to drive your email security program? Want to see your logo in certain mail clients like gmail? If so, then you need BIMI.

Deploying vault via docker and ansible

Adding to my in-promptu series on automating docker containers with ansible, this time I'm looking at Hashicorp's Vault. This is slightly different, in that it required a binary to be installed on the ansible controller (a raspberry pi). Once vault is deployed, we need to unseal the containter.

Monitoring DMARC with Docker

In this post, I deploy a docker container via docker compose and ansible to read my dmarc reports.

Wireless doorbell hacking

I bought a wireless doorbell from B&M and the doorbell works great. I have always been interested in decoding radio, so this gave me a chance to try this out. My end goal here is to be able to press the doorbell and have home assistant act on the button press.

Gitlab pipelines

As a later post will show, I've been using gitlab pipelines to validate some of my code for me. As a security conscious person, I've been interested in building security in to pipelines.

The laziest talk I've ever done.

Tonight, when this post goes live, I'll be presenting my laziest talk ever. It is entitled "Security horror stories". I can't share any of the content, but I can share how it came to be.

About the author

Tim Wilkes is a UK-based security architect with over 15 years of experience in electronics, Linux, and Unix systems administration. Since 2021, he's been designing secure systems for a telecom company while indulging his passions for programming, automation, and 3D printing. Tim shares his projects, tinkering adventures, and tech insights here - partly as a personal log, and partly in the hopes that others will find them useful.

Want to connect or follow along?

LinkedIn: [phpsytems]
Twitter / X: [@timmehwimmy]
Mastodon: [@timmehwimmy@infosec.exchange]

If you've found a post helpful, consider supporting the blog - it's a part-time passion that your support helps keep alive.