Security Archives - Canadian Web Hosting Blog

Wazuh: What Open-Source SIEM Security Monitoring Means for Your Business

Published May 28, 2026 by Alvin Chu · 6 min read

The Problem: Security Monitoring Is Expensive and Complex Customers ask us every week: “How do we monitor our servers for intrusions, vulnerabilities, and audit without …

Laptop, server, checklist, and red alert light representing server incident response

Your Server Is Compromised: A Step-by-Step Incident Response Guide

Published May 27, 2026 by Alvin Chu · 9 min read

Symptom: You Suspect Your Server Has Been Breached Something is wrong. Maybe your site is serving pop-up ads you never installed. Maybe outbound traffic spiked …

Colourful keys and padlocks representing SSH access hardening

Hardening SSH Access on Your VPS: A Complete Security Guide

Published May 27, 2026 by Alvin Chu · 7 min read

Every minute your VPS is online, automated bots are probing port 22, trying common usernames and passwords. SSH is your server’s front door — and …

Traditional and digital padlocks representing VPS security tools

9 Essential Security Tools for Your VPS (And Which Ones You Can Skip)

Published May 27, 2026 by CWH Staff · 10 min read

The Problem: Your New VPS Is a Sitting Duck You’ve just spun up a fresh VPS. You SSH in, run apt update, install Docker — …

Cloud server protected by a shield representing UFW firewall rules

UFW Firewall: A Practical Guide for Linux Servers

Published May 27, 2026 by Theodore Chu · 8 min read

“I Just Got My First VPS — What Do I Do First?” We hear this question almost every week. A new Canadian Web Hosting customer …

Vertical split composition: left side a medieval castle gate with warm torchlight, right side a modern glass security turnstile with biometric scanner and blue LEDs

Authelia vs Authentik: Choosing Your Self-Hosted SSO Provider

Published May 11, 2026 by Alvin Chu · 5 min read

The Problem: Too Many Apps, Too Many Logins If you manage more than two or three self-hosted applications — a wiki, a project management board, …

Split composition showing two different technical approaches side by side

Langflow CVSS 9.8 RCE Exploited in 20 Hours — Patch Before CISA’s April 8 Deadline

Published April 7, 2026 by Solo C. · 5 min read

On March 17, 2026, a critical remote code execution vulnerability was disclosed in Langflow, the popular open-source visual AI workflow builder with over 145,000 GitHub …

Tandoor Recipes Auth Bypass: How CVE-2026-33152 Lets Attackers Crack Passwords at Full Speed

Published April 6, 2026 by Alvin Chu · 5 min read

If you self-host Tandoor Recipes — the popular Django-based recipe manager with meal planning, shopping lists, and cookbook collections — you need to upgrade right …

A chain of interconnected automation nodes with six links snapped and glowing red against a dark cyberspace background with security indicators

n8n Under Siege: 6 Critical CVEs in Q1 2026 and How to Lock Down Your Instance

Published April 3, 2026 by Solo C. · 6 min read

Six CVEs in Three Months: n8n’s Worst Security Quarter Ever If you self-host n8n for workflow automation, stop what you’re doing and check your version …

A server rack with one glowing amber server unit being administered via terminal commands, four red security patch slips being inserted

NGINX Patches 4 CVEs Including Buffer Overflow RCE — How to Audit and Upgrade Your Server

Published April 1, 2026 by Solo C. · 6 min read

On March 24, 2026, NGINX released emergency patches for four security vulnerabilities affecting both NGINX Open Source and NGINX Plus. The worst of them — …