Distributing Proxy PAC using GPO (Active Directory)

If your organization uses Active Directory and Internet Explorer, Google Chrome, Safari or Firefox, you can use the Active Directory Group Policy Object (GPO) feature to distribute the PAC file URL to all devices in your organization. Read More …

Configuring Let’s Encrypt TLS Certificates

Let’s Encrypt® has revolutionized the way to obtain, install and use TLS/SSL certificates for websites and other services. With its Read More …

Microsoft Active Directory Cached Credentials

On Microsoft Active Directory environments, Cached credentials allow a user to access machine resources when a domain controller is unavailable. After a successful domain logon, a form of the logon information is cached. Later, a user can log on to the computer by using the domain account, even if the domain controller that authenticated the user is unavailable. Because the user has already been authenticated, Read More …

Exchange Online – Preventing Domain Spoofing

In many business environments domain spoofing can be a real threat: this is a common form of phishing and usually occurs when an attacker appears to use a company’s domain to impersonate a company or one of its employees. Read More …

Windows 7 – Windows Server 2008 – Skip the KB4480970 Update (Bug)

The Windows 7 KB4480970 is one of those updates that will bring a lot of pain on multiple Windows 7 and Windows Server 2008 (and probably 2008 R2) systems. This is the first Patch Tuesday of 2019 and is all about security. Read More …

Internet Explorer 11 – SChannel – The internal error state is 10013

You may run into Schannel – The internal error state is 10013 message if your website fails establishing TLS connection and usually this could occur using Internet Explorer 11 to connect to modern websites or portals that are using TLS 1.2 or better protocols for encryption. Read More …

Nginx – Configuring Reverse Proxy

A reverse proxy is an in-the-middle proxy service which takes a client request, passes it on to one or more servers, and subsequently delivers the server’s response to the client: basically the communication will be only between the proxy and the client, there will be no direct traffic between these two endpoints. Read More …

Windows Server 2016 – Disable Internet Explorer Enhanced Security Configuration

In most Windows Server systems, Enhanced Security Configuration (IE ESC) is designed to protect a server from dangerous websites capable to infect system with malware. When this mode is enabled (it is by default) you will need to add each website you want to see to the Trusted Sites Zone to open all its content in IE. Read More …

Segment a LAN into VLANs

VLANs or virtual LANs, are a great tool to segment LANs without having to build a complex and costly network infrastructure. Even with only a unique switch you can build a network with multiple broadcast domains. Read More …