Christian Folini
Welcome to my website. I am a Swiss webserver engineer and security consultant working at netnea.com. I studied History and Computer Science and graduated with a PhD in Medieval History in 2004. I continue this interest with my commitment to the Company of St. George, a medieval reenactment group, which I run together with European friends.
On this website, you will find links to my work in information technology and also texts and publications around history. Outside of that, there are also two or three items about me.
I hold an LPIC-3 certification from the Linux Professional Institute and I have been specialised in Apache Security for more than ten years now. In 2006, I started to work with ModSecurity. I am an active contributor / committer of the OWASP ModSecurity Core Rules project. If you are looking to hire a contractor in this field, then please get in touch.
Publications on webservers and security
- German Tutorial showing options for visualisation of logfiles in the shell with the help of gnuplot (12/Feb/2016).
- Blogpost proposing the mechanics of a new OWASP ModSecurity Core Rules Paranoia Mode (04/Feb/2016).
- German Tutorial presenting an efficient workflow for apache configuration in multiple terminals (29/Jan/2016).
- Blogpost covering the over most frequent OWASP ModSecurity Core Rules false positives (17/Jan/2016).
- OWASP ModSecurity Core Rules: Comparing 2.2.x and 3.0.0-dev. A blogpost that compares the next version of the core rules to the former release (19/Dec/2015).
- German Tutorial explaining the various configuration options of an apache reverse proxy (12/Dec/2015).
- Don’t let 981172 and 981173 disappear from the Core Rules! A blogpost lobbying for two individual core rules, bound to be removed from the OWASP ModSecurity Core Rules Set (25/Nov/2015).
- German Tutorial about OWASP ModSecurity Core Rules tuning (17/Nov/2015).
- Cyber Risks Switzerland 2015 conference organised by MELANI in Bern. A blog post reporting about the event. (05/Nov/2015).
- SIGS Talk in Berne, about Practical ModSecuriy Tuning. An “After Work Event” of the Security Interest Group Switzerland with my talk as main topic. (10/Mar/2015).
- Cyber Risks Switzerland 2014 conference organised by MELANI in Bern. A blog post reporting about the event. (22/Nov/2014).
- Malware Workshop focusing on live traffic inspection and adjacent topics. A blog post about a workshop I hosted. (18/Nov/2014).
- Summary of OWASP Talk in Zurich covering core topics and the discussion. A blog post about my presentation. (18/Nov/2014).
- OWASP Talk in Zurich presenting advanced ModSecurity concepts. A standard OWASP Chapter meeting with my talk as main topic. (12/Nov/2014).
- German Report about a Cybersecurity workshop at the Swiss Federal Office for Civil Protection (Bundesamt für Bevölkerungsschutz). The second national Swiss Cyberattack Workshop examining a DDoS attack on national infrastructures (2/Sep/2014).
- Big Data - Eine Einführung. A German introductory speech on Big Data at an evening conference of Swiss Privacy Advocates. (06/May/2014).
- German Tutorial with a step by step guide to integrate the OWASP ModSecurity Core Rules (13/Aug/2013).
- German Tutorial explaining the integration of ModSecurity into the Apache webserver configuration (03/Jul/2013).
- 1 + 2 Backup Procedure is a simple backup method that works for people without technical background (11/Jun/2013).
- German Report about a Cybersecurity workshop at the Swiss Federal Office for Civil Protection (Bundesamt für Bevölkerungsschutz). The first national Swiss Cyberattack Workshop examining a DDoS attack on national infrastructures (14/Oct/2012).
- German Tutorial explaining how to extend the Apache access log in a useful way. A German step by step guide (5/Feb/2012).
- Video about practical defense against application layer DDoS attacks: “Sniping Slowloris and Friends”. The video was taken at Swiss Hashdays Conference October 2011 (27/Jan/2012).
- Video about defense concepts against application layer DDoS: “Hunting Slowloris and Friends”. The video was taken at Swiss Cyberstorm Conference May 2011 (23/Juni/2011).
- German Tutorial about simple and effective ssl/tls configuration on apache. A German step by step guide (21/Jan/2012).
- Flying-Frog Script. A ruby network monitoring script that is able to detect slowloris / request delaying attacks (15/Oct/2011).
- German Tutorial about the setup of a php application server in an external fast-cgi-daemon. A German step by step guide (11/Oct/2010).
- German Tutorial about minimalistic Apache configuration without sacrificing security. A German step by step guide (6/Nov/2010).
- German Tutorial on apache compilation. A German step by step guide (21/Oct/2010).
- Sein Kampf für das Teilen. A German article in the Bernese magazine Unilink about a visit of Richard Stallman (April/2010).
- Linux Weekly News Article on Slowloris. This is an article explaining slowloris type / request delaying DoS attacks on the application layer (24/Juni/2009).
- OWASP Europe Training Files about ModSecurity. A one day training I gave at OWASP Europe in Kraków (May/2009).
- Presentation at OWASP Europe about REMO, a positive Rule Editor for ModSecurity. A graphical user interface and rules generator with a whitelisting / positive approach. (May/2008).
- REMO - The Rule Editor for ModSecurity. A graphical user interface and rules generator with a whitelisting / positive approach. (2007/2008).
- How2Forge Article - Introducing REMO - An Easy Way to Secure an Insecure Online Application with ModSecurity. (6/Jun/2007).
- Tutorial about graphical visualisation of logfiles with graphviz. A very simple introduction (Jun/2006).
- Article on database design in historical research. History and Computing Volume 12 (2000).
Publications in the historical field
- German opinion piece about producing your reenactment equipment yourself. Miroque Edition 6 : I/2013 (15/Apr/2013).
- The Ursula Shrine Linnen Armour (Padded Jack Series I) is a blogpost about the recreation of a historical piece of textile armour. On the Company of St. George website (Apr/2013).
- German interview with me about the Company of St. George. Karfunkel Combat 9 (12/Mar/2013).
- Video of a book presentation I participated in Nishny Novorod, Russia.
The book presented is the first Russian book on the medieval history of Switzerland (23/Sep/2012). - News program on Swiss TV interviewing me briefly. With the Company of St. George (19/Jul/2012).
- Blogpost about a juridical trial in a historical reenactment setting. On the Company of St. George website (Jul/2012).
- Blogpost about the upcoming reenactment event in Lenzburg, Switzerland. On the Company of St. George website (30/May/2012).
- Johannes Kummer (+1444). An article in the Historical Dictionary of Switzerland about an Abbot of Engelberg (6/Nov/2011).
- Blogpost about the way how religion can be reenacted. On the Company of St. George website (5/Jul/2011).
- Blogpost on crucial questions for reenactors. On the Company of St. George website (6/Jun/2011).
- Blogpost and video about the military in Medieval Chillon. On the Company of St. George website (23/May/2011).
- Blogpost and video about the daily life in Medieval Chillon. On the Company of St. George website (2/May/2011).
- Rohrmoos, von. An article in the Historical Dictionary of Switzerland about a noble family (23/Nov/2010).
- Blogpost on the idea of taking the visitor by the hand. On the Company of St. George website (15/Nov/2010).
- Ried, von. An article in the Historical Dictionary of Switzerland about a noble family (20/Oct/2010).
- Blogpost about castles, queens and bombards. On the Company of St. George website (27/Sep/2010).
- Schlacht bei Murten (1476). An article in the Historical Dictionary of Switzerland about the Battle Of Morat (2/Sep/2010).
- Blogpost about the medieval goat game. On the Company of St. George website (30/August/2010).
- Blogpost about interesting books for reenactors. On the Company of St. George website (9/August/2010).
- Blogpost about a leather sheath to protect a set of carving knives. On the Company of St. George website (2/August/2010).
- Blogpost about a new set of carving knives. On the Company of St. George website (28/Jun/2010).
- Blogpost about medieval dishes like “Tripe disguised as omelette balls”. On the Company of St. George website (21/Jun/2010).
- Blogpost about the upcoming reenactment event in Nykøbing, Denmark. On the Company of St. George website (31/May/2010).
- Rüediswil, von. An article in the Historical Dictionary of Switzerland about a noble family (19/May/2010).
- Blogpost on the creation of a whitelist of medieval foods. On the Company of St. George website (15/May/2010).
- Langspiess. An article in the Historical Dictionary of Switzerland about the soldier’s pike (3/Mar/2010).
- Johann von Eych (+1464). An article in the Historical Dictionary of Switzerland about a Bishop of Eichstätt (21/Sep/2009).
- Rudolf von Liebegg (+1332). An article in the Historical Dictionary of Switzerland about a scholar and writer (27/Nov/2008).
- Johannes Kreutzer (+1468). An article in the Historical Dictionary of Switzerland about a Dominican doctor in Theology and prior (4/Nov/2008).
- Konrad von Mure (+1281). An article in the Historical Dictionary of Switzerland about a Canon Regular and Writer (28/Oct/2008).
- Konrad Menger (+1501). An article in the Historical Dictionary of Switzerland about a Humanist and supposedly an Italian spy (24/Oct/2008).
- Josset (14th century). An article in the Historical Dictionary of Switzerland about a doctor (14/Feb/2008).
- Johannes von Lare (+1481). An article in the Historical Dictionary of Switzerland about a Franciscan guardian (14/Feb/2008).
- Libri confraternitatum / Libri memoriales. An article in the Historical Dictionary of Switzerland about memorial books (22/Jan/2008).
- Liebegg, von. An article in the Historical Dictionary of Switzerland about a noble family (21/Jan/2008).
- Johannes von Winterthur (+ ~1348). An article in the Historical Dictionary of Switzerland about a priest and writer (20/Jan/2008).
- Laupenkrieg (1338/39). An article in the Historical Dictionary of Switzerland about the Battle of Laupen (4/Dec/2007).
- Heinrich von Klingenberg (+1306). An article in the Historical Dictionary of Switzerland about a remarkable bishop of Constance (20/Aug/2007).
- Leonhard Mair (+ ~1455). An article in the Historical Dictionary of Switzerland about a Franciscan guardian (6/Aug/2007).
- Morgenstern. An article in the Historical Dictionary of Switzerland about the morning star (24/July/2007).
- Gutleben (+1406). An article in the Historical Dictionary of Switzerland about a Swiss doctor (13/Mar/2007).
- Katharinental und Töss. Zwei mystische Zentren in sozialgeschichtlicher Pespektive. The publication of my thesis (May/2007).
- Johannes I. An article in the Historical Dictionary of Switzerland about a bishop of Constance (12/Feb/2007).
- Ludwig Jäger. An article in the Historical Dictionary of Switzerland about a professor in Theology and Abbot (8/Feb/2007).
- Johannes Keck (+1450). An article in the Historical Dictionary of Switzerland about a doctor in Theology (5/Oct/2006).
- Johannes II (+782). An article in the Historical Dictionary of Switzerland about a bishop of Constance (7/Sep/2006).
- Hartmut (9th century). An article in the Historical Dictionary of Switzerland about an abbot of St. Gall (8/Aug/2006).
- Albrecht von Hohenberg (+1359). An article in the Historical Dictionary of Switzerland about a Bishop of Freising (21/Jul/2005).
- Magazine Article. A German event review of a reenactment gathering in Daaden, Germany, in Karfunkel Magazine (5/August/2002).
- German Article on historical research with databases. This article also appeared in English. See above (2000).
- German Article on Katharinental and Töss. A scholarly article in the German book “Lesen, Schreiben, Sticken und Erinnern” (2000).
Publications about me
- News program on Swiss TV interviewing me briefly. With the Company of St. George (19/Jul/2012).
- German portrait of my activities in reenactment. Der Bund (14/Aug/2003).
- French portrait of my activities in reenactment. La Liberté (27/Jul/1998).