Like most good hosting support folks, security tops the list of my priorities. While a good firewall, and true Web Application Firewall are the best means for helping with this, sometimes shared hosting services will not change the configurations they have in place to support the necessary security for a Wordpress website. In steps the iThemes Security plugin. iThemes acts like a WAF, in that it can detect (via a vast network) bad bots, known hackers, and most known vulnerabilities in Wordpress. I will lay out what I use on all of the sites I manage hosting for (note, this number as of today, is in the thousands), as well as enabling the necessary configuration needed to allow iThemes to do it's thing when you… Read More
Kevin Pirnie' Articles
- Home / Kevin Pirnie’s Articles / Security
By: Kevin On: March 7, 2019
Posted In: Development Hosting Hosting Linux nGinx Security Security Security Server Management Ubuntu centos form security hosting nginx security ubuntu
Wow! It's been a little while since I have had the time to post another article. Well, here I am again, back at it.This time, I will show you an optimal way to keep your site secure utilizing a bit of nginx configuration. You will need to do some work before implementing this, so please do not attempt to simply copy/paste this and expect it to work out of the box. # Default security headers add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"; # enable, cache, and preload subdomains add_header X-Frame-Options "SAMEORIGIN" always; # generally only allow SAMEORIGIN frame sources add_header X-Xss-Protection "1; mode=block"; # protect against Cross-Site Scripting add_header X-Content-Type-Options "nosniff" always; # no sniffing allowed! add_header Referrer-Policy "strict-origin"; # protect agains cross-linking add_header X-Download-Options "noopen"; #… Read MoreBy: Kevin On: July 6, 2018
Posted In: Hosting Security Server Management Updates dns dns propagation hosting web hosting
Have you ever updated your domain’s A record and noticed that, for at least several hours, your new domain displayed the new site on one device (such as your smartphone), but the old site on another device, such as your home computer? Have you ever updated your domain’s MX records and found that, for at least several hours, not all new emails were delivered to the new email server you specified? I cannot count the number of times I have seen these sorts of situations cause website owners to panic, pull their hair out, or get frustrated with their hosting provider. So what exactly is going on, and what can you do about it? What is happening is that the change you made to your… Read MoreBy: Kevin On: September 27, 2017
Posted In: Hosting Linux Security Security Server Management Ubuntu Wordpress hosting site security ssl web hosting wordpress performance wordpress security
Many people think securing a website with SSL (SSL encryption) is necessary only if they’re selling products or services via their website and collecting credit card or payment information. What many website owners do not realize is that SSL encryption has other very important benefits for small business owners. To understand the benefits of having an SSL certificate installed for your website, it helps to understand what SSL is and actually does. What exactly is SSL encryption? SSL, which stands for Secure Sockets Layer, is an encryption technology that creates a secure connection between your website’s server and your website visitor’s web browser. This allows for information to be protected during transmission between the two. Without SSL encryption any computer could intercept the transmission from… Read MoreBy: Kevin On: June 10, 2016
Posted In: Development Hosting Lemp Commander Linux nGinx Security Security Server Management Software Theme Development Ubuntu Updates Wordpress bash nano nginx shell shell scripting speed up the web web hosting wordpress performance
I have successfully managed to get around a 1 second load time on my Wordpress site, While getting 250 concurrent users over a 1 minute test period. (Source: https://webpagetest.org/result/210128_Di26_15d11aa18013d1df9ebc867e1aa9c2f3/) This was done with a combination of items, stemming from the server install up to Wordpress theme development. Here is how I did it, so maybe you can too. Server Setup Here we will start from the ground up. Items you will need: VirtualBox, Ubuntu 16.04 64b Server ISO, Time My virtual machine is setup with 4G of RAM, using 2 CPU's, with 80G SSD, and a Bridged Networking adapter Boot to the ISO, and start the installation process. Everything can be setup how you wish, however, I custom partitioned, as well as, only installed the… Read More