Mod_security rules for Dokuwiki and Nextcloud

Mod_security is a great tool for security websites. I submitted some rulesets for Dokuwiki (here) and Nextcloud/Owncloud (here), and they were merged into the rules, so people can activate them, rather than have to write their own for those platforms.

Status: Archived


wptool is a tool used to edit, manage, fix, and otherwise take care of WordPress sites. You can read more about it and get it here.

Status: Archived

Dokuwiki Secure Login

This plugin (code here) encrypts submitted login passwords during transit, giving Dokuwiki sites an extra layer of security. It uses Tom Wu’s implementation of RSA algorithm in JavaScript on the client to encrypt the password with the servers public key. The passwords are sent encrypted over HTTP. Man-in-the-middle attacks are prevented by using a variable token (salt) added to the password before encrypting. Therefore, replay attacks don’t work.

In short, it takes this:


And will encrypt the login password and submit it as:


Status: Archived