software SSL Termination for Milestone XProtect using NGINX I recently began receiving warnings on the Milestone Mobile app stating that support for self-signed SSL certificates would soon be ending. I decided that the easiest solution would be to reverse proxy Milestone...
networking iptables Rules for CloudFlare IP Ranges Minimize the risk of DDoS attacks by only allowing CloudFlare's networks to access your web server directly.
software Advanced Email Server Configuration on Milestone XProtect Essential+ If you're using the free version of Milestone XProtect Essential+, you'll find that the built-in email settings are somewhat limited. In my case, I needed to configure email settings for SendGrid. Here's how to do it.
linux Quickly Enable root SSH Key Authentication Many VPS providers will enable SSH root password authentication by default. So one of the first things I like to do is install my public key and prohibit password authentication for the root account.
networking Managing Custom iptables Rules on a Debian Docker Host Docker relies on its own iptables chains and forwarding/NAT rules for container networking to work properly. My firewall loader script would break Docker networking every time iptables-restore was called, because it completely wiped out existing Docker rules.
