Shane Hartman

Security

saslfail: Escalating Fail2ban Bans for Postfix SASL Authentication Attacks

Apr 14, 2026 in Code

Standard fail2ban bans just get waited out. saslfail uses escalating bans — 48 hours, 8 days, 32 days — backed by a persistent SQLite database that survives restarts and remembers

devops email-security fail2ban linux postfix security self-hosted

Hardening a WordPress Server in an Afternoon

Apr 12, 2026 in Security

Most WordPress hardening guides are bloated with solved problems. This is the version for self-hosters who want to spend an afternoon on what actually matters: permissions, auth, and server config.

apache devops fail2ban linux security wordpress

Parsing DMARC Reports with parsedmarc, Elasticsearch, and Kibana

Apr 10, 2026 in Security

Your domain is probably being spoofed right now. DMARC reports tell you exactly how — but they arrive as unreadable XML. parsedmarc, Elasticsearch, and Kibana turn them into something actionable.

dmarc docker elasticsearch email-security kibana parsedmarc self-hosted

Why Your Apache Cipher Suite Probably Has RC4 in It

Apr 9, 2026 in Security

If your Apache SSL config is a few years old, RC4 is probably still in it. Modern browsers skip it, but scanners flag it and it should go. Here's how

apache devops linux security ssl