Loading...
Loading...
Found 44 Skills
Manage B2C Commerce eCDN (embedded Content Delivery Network / edge CDN, powered by Cloudflare) settings with the b2c CLI. Use for CDN zone management, cache purging, SSL certificate provisioning, WAF rules, firewall rules, rate limiting, logpush, Page Shield, MRT routing, mTLS, cipher suites, origin headers, and speed optimization.
This skill covers designing and implementing security zones and conduits for industrial automation and control systems (IACS) per IEC 62443-3-2. It addresses zone partitioning based on risk assessment, assigning Security Level targets (SL-T), designing conduit security controls, implementing microsegmentation with industrial firewalls, and validating zone architecture through traffic analysis and penetration testing against the Purdue Reference Model.
WAF bypass methodology and generic evasion techniques. Use when a web application firewall blocks injection payloads (SQLi, XSS, RCE) and you need to craft bypasses using encoding, protocol-level tricks, or WAF-specific weaknesses.
Create security architecture diagrams using PlantUML syntax with identity, encryption, firewall, and compliance stencil icons. Best for IAM flows, zero-trust architectures, encryption pipelines, compliance auditing, and threat detection. NOT for general cloud infra (use cloud skill) or simple flowcharts (use mermaid).
Linux (Ubuntu/Debian) server initial setup and ongoing administration skill. Covers new server hardening, user management, package management, file permissions, resource limits, log rotation, cron scheduling, and disk management. USE WHEN: - Performing initial setup of a fresh Ubuntu/Debian server (VPS, bare metal, cloud VM) - Hardening SSH, disabling root login, configuring sudo - Configuring system-level resource limits (ulimits, sysctl) for high-concurrency workloads - Managing users, groups, file permissions, and ACLs - Setting up log rotation, journald retention, swap, and NTP - Troubleshooting disk full, FD exhaustion, locale errors, or time drift DO NOT USE FOR: - Container-level administration (use docker or kubernetes skill) - Application deployment pipelines (use deployment-strategies or ci-cd skill) - Firewall/fail2ban configuration (use firewall skill) - Nginx or service configuration (use nginx or systemd skill)
Install and configure fail2ban on VPS servers to automatically ban IP addresses that show malicious signs like too many password failures, seeking exploits, or brute-force attacks.
防火墙配置
Query and analyze Alibaba Cloud public network exposure, identify unnecessary exposed assets and ports, assess exposure risks, and generate remediation recommendations. Triggers when user mentions public network exposure, exposed assets, exposed ports, public IP security, port scan results, attack surface analysis, internet reachability, high-risk port detection. Also triggers when user asks about "which IPs/ports are exposed to the internet", "public asset inventory", "security baseline check", even without explicitly saying "exposure".