Posts Tagged ‘secure’
How to secure SSH in your server ?
1) Set a very strong password, keep it in your mind but dont write in somewhere.
2) Disable direct root login
emacs /etc/ssh/sshd_config
Search for
More »
five important tips to secure your wordpress blog
One of the utmost concerns among those of us running web applications on the web that are always available should be security. Whether or not you have personal data in your blog is immaterial. A compromised site can be used as a jumping off point for many other types of malicious behavior. Very few hackers will overlook a free lunch no matter how insignificant you may feel like your blog might be. An easy target is an easy target and although your site might be obscure, like anything else on the web, that isn’t protection against intrusion. Proactive security is the only thing that will keep your content safe. This becomes especially important if you’re using WordPress for commercial purposes as a hacked site that generates a lot of spam or otherwise hostile activity is going to be delisted from the major search engines and possibly included on spam blacklists. Here a are a few tips for getting started and some plugins that can help ease the burden a little.
1. Keep your version of WordPress current. Whenever you see the notification that there is a new version of WordPress available it is your best interest to download and install it. Keeping your software current is a minimum requirement for security. Unlike most other things in life, software does not age gracefully and you can save yourself a lot of hassle by staying current with releases. WordPress Instant Upgrade can help out with that if you’ve not done large numbers of modifications of the original files. You can find out which version of WordPress you’re currently using by looking near the bottom of your admin page. It should say something like Version 2.x.x on the bottom most line. If it says something like Version 1.x then you need to take action immediately.
2. Make backups. Whether you do this manually with an FTP client and the output of PHPMyAdmin for database tables or with an automated solution like the WP-DB-Backup plugin. Try to do them weekly if possible and keep a copy on your computer if possible. The WP-DB-Backup plugin gives the option to do both of those as well as deliver the backups to an email address. Offsite is always best but your home or work computer is better than no backup at all. You could always grab a Gmail address specifically for this plugin which shouldn’t give you trouble with capacity given the large quotas that Gmail gives us to work with.