nftables has replaced iptables as the default firewall framework on most modern Linux systems. This practical guide covers the core structure, real rule examples, sets, NAT, rate limiting, and how to migrate from iptables to nftables cleanly.
Articles tagged: security
Cloudflare with Discourse: Setup Guide (WAF & Security Rules)
I run a Discourse forum behind Cloudflare, and getting the WAF rules right took more trial and error than I expected. Discourse is a Ruby on Rails application that most people self-host in a Docker container. It handles traffic differently from a typical CMS, and generic Cloudflare WAF rules will either break your forum or […]
30 Linux Sysadmin Tools You Didn’t Know You Needed
As a Linux server admin or Linux desktop user, you rely on familiar tools to manage your systems. But have you ever wondered what other tools might simplify your workflow, improve efficiency, and solve common Linux problems? Whether you’re looking into Linux system health, performance monitoring, security hardening, backups, or just general Linux administration, there […]
Linux Updates: Command Line Guide
Updating your Linux system is one of the most important things you can do to keep it secure, stable and running well. With updates, you can patch vulnerabilities, fix bugs and access new features. This article covers updating via the command line, automating updates for different distros, troubleshooting common issues and kernel updates to keep […]
Recommended Cloudflare Performance & Security Settings (Guide)
Cloudflare is a great tool for website performance and security. They have a whole suite of tools to help with performance and security and are a staple in millions of DevOps professionals’ toolboxes. But getting the most out of Cloudflare can be challenging. The platform has hundreds of settings and each one has its use […]
Securing Linux with SELinux (or AppArmor)
SELinux and AppArmor have been around for many years, but are still essential for maintaining a secure Linux environment. This article will cover how to set them up and troubleshoot these mandatory access control (MAC) frameworks. Even if they seem overwhelming at first, learning how they work and how to manage them is an important step […]
How to Keep ConfigServer Firewall (CSF) Running After the Shutdown
Update: CSF Project Status (January 2026) – Since the original publication of this article, there have been key developments in how ConfigServer Security & Firewall (CSF) is maintained following the shutdown of Way to the Web Ltd on August 31, 2025. The original CSF GitHub repository previously referenced in this article is no longer available and […]
Immutable Linux Distros: Are They Right for You? Take the Test.
Like the amber in “Jurassic Park,” immutable Linux distros safeguard the core system. Here’s a story about how I, like many of you, have been using Linux for a very long time. I’ve used most of the popular distros and have even seen some distros come and go over the years. I’ve run Arch, Ubuntu, […]
Ubuntu LTS Support Extended to 15 Years
If you’re like me and value a rock-solid Linux setup that you don’t have to reinstall every couple of years, you’ll appreciate this news. I recently wrote about switching my daily OS from Kali Linux Rolling to Ubuntu 24.04 LTS (with Ubuntu Pro’s ESM) specifically for its long-term support benefits. That move meant I could […]
Firewalla Gold Plus vs. Ubiquiti UDM Pro Max
In the market for a multi‑gigabit firewall/router, two names come up repeatedly: Firewalla Gold Plus and Ubiquiti Dream Machine Pro Max (UDM Pro Max). Both cost around $600 USD, sit at or near the top of their respective product lines, and promise enterprise‑class security for home labs, home offices, and small business networks. Despite serving […]
