Enable AWS MFA Using Google Authenticator
  1
By
In AWS IAM, AWS MFA Posted

Enable AWS MFA Using Google Authenticator

In this article we explain how to enable Multi-Factor authentication (MFA) on an AWS Identity and Access Management (IAM) account using the Google Authenticator Virtual MFA application. We firstly describe the different types of MFA device (physical v's virtual) and explain where and why each should be used. We then provide a HowTo showing how to enable the Google Authenticator on a user account that forces them to use MFA to login to the AWS Management Console

Read More
AWS S3 Security – Immutable S3 Buckets
  2
By
In AWS S3 Posted

AWS S3 Security – Immutable S3 Buckets

In this article we show how you can enhance AWS S3 Security by creating an Immutable S3 Bucket using Cross Account Access. Firstly we explain the concept of an Immutable S3 Bucket and then go on to demonstrate how one can be created and used. We then show how the bucket is immutable from the point of view of the account using it by demonstrating how the account could be compromised. Finally we demonstrate what could have happened if the bucket was not created immutable I.E what what happen in a normal situation

Read More
Using AWS WAF to Secure WordPress Login
  1
By
In AWS WAF Posted

Using AWS WAF to Secure WordPress Login

In this article we explain how one can use AWS WAF to protect the Wordpress Login pages. We walk through a practical example of how this can be achieved by creating a web access control list (web-ACL) and applying a rule to it that contains one or more match conditions. We then go onto show how this rule can be tested before deploying it to a live environment. Finally we show how to create a custom error page that is in keeping with your website theme. The example used in this post can easily be applied to other content management systems and websites

Read More