1. Diagrams and Naming Conventions
25/5/2025
The first design phase — network segmentation, naming conventions, and the initial homelab layout. Includes network diagrams and a Japanese nature-themed hostname scheme.
This project started with a simple idea — build a website, but one that follows enterprise level security standards. I took the concepts I learned in the security+ exam and actually applied them. It's now blossomed into a playground to test and apply cybersecurity tools and concepts.
All text unless otherwise noted, is human written by me.
25/5/2025
The first design phase — network segmentation, naming conventions, and the initial homelab layout. Includes network diagrams and a Japanese nature-themed hostname scheme.
26.5.2025
Choosing hardware and installing Ubuntu Server on an old Dell Latitude laptop. First steps with OpenSSH, Fail2Ban, and UFW.
3.6.2025
Configuring VLANs on a TP-Link managed switch — tagging, untagging, trunking, and locking myself out in the process. Includes the final VLAN layout diagram.
12.7.2025
Setting up WireGuard via Ubiquiti to securely access the homelab from anywhere. A simple but key milestone for remote workflow.
13.7.2025
Wiring up GitHub to the webserver with a deploy script. Also: the danger of capitalising Index.html on a Linux server.
31.8.2025
The site goes live — and within the hour, automated scans from Korea are already probing for PHP admin files. A rude but exciting welcome to the public internet.
27.9.2025
Wiping the gaming PC and converting it into an Ubuntu server to host Wazuh via Docker — the first serious foray into both Docker and SIEM software.
9.28.2025
Changing default Wazuh credentials the wrong way, locking myself out, and discovering that security is harder than it looks. A humbling entry.
4.10.2025
AI confidently broke my Docker stack by telling me to do something unnecessary. A lesson in understanding your tools before following advice — and how Docker Compose actually works.
12.10.2025
Reformatting and rebuilding from scratch with lessons learned. Wazuh is finally up, agents are deployed to all three endpoints, and 1300 alerts are already waiting.
13.10.2025
Building a Wazuh dashboard to map inbound exploit attempts by geolocation. The internet is already very interested in this tiny static site.
19.10.2025
A Shellshock (CVE-2014-6271) attack detected — my first real incident response. Forensic log export, process scanning, and establishing a system baseline.
25.10.2025
One IP hammered the site 144 times. I built a Wazuh visualisation to surface the top offenders, then wrote a full threat intelligence report on the worst one.
21.12.2025
After feedback from friends and family, a new non-technical section for everyday security advice — keeping the project accessible beyond the homelab world.
02.03.2026
A complete infrastructure migration — from a dusty old laptop to a Hetzner dedicated server running Proxmox, OPNsense, and HAproxy, secured end-to-end with mutual TLS and a self-built PKI.