Technical Blog

Rule Exclusion Script on Steroids

The ModSecurity / OWASP Core Rule Set tutorials here at are visited by over 8,000 times a month. With many of the unique visitors, the auxiliary script modsec-rulereport.rb is a favorite. The tool allows you to generate rule exclusions based on a ModSecurity rule alert message. Today, I’m presenting you a new version of […]

The risks and merits of automation

Today morning a customer decided to deploy a new /etc/ntp.conf configuration file, using his own automation software. His approach was somewhat more aggressive than desired, so he broke NTP on 30+ servers, leading to an alert flood. Using an Ansible role, I was able to re-install the correct ntp.conf and restore this important service within […]

Redundant PostgreSQL connection in Django

Let’s assume you have a redundant cluster of PostgreSQL servers, eg built with repmgr, and you want your Django application to benefit from this redundancy. As of Django 3.1, this is not really documented, but some easy steps gets you there, if you are using recent versions of PostgreSQL, psycopg2, Django and Python. First of […]

Cisco Prime 3.x fills up /var

Symptom : Prime 3.7 won’t start. Reason : /var is full, as /var/log/wtmp fills up quickly : sudo -i ls -l /var/log/wtmp ade # utmpdump /var/log/wtmp | more [5] [06834] [tyS0] [ ] [ttyS0] [ ] [] [Tue Feb 04 21:30:45 2020 CET] [5] [06835] [tyS1] [ ] [ttyS1] [ ] [] [Tue Feb 04 […]

/var usage