February 20, 2007 around lunchtime
· Filed under LAMP, OpenSSH, PKI, centos, fedora core linux, information security, linux, unix
As discussed in my earlier articles on how to secure wordpress server and other LAMP application servers (part I, part II), it is imperative to protect the big ‘L’ in the LAMP, the Linux host server itself. One main step is to restrict and secure access to the server. On a Linux server, OpenSSH (sometimes in couple with a VPN solution) is the most commonly vetted choice. It should be used in lieu of telnet and FTP.
The OpenSSH that comes with mainstream Linux distributions may not be as tailored as you want to afford maximum security you desired. This should not be much of a surprise, since any pre-packaged software needs to reach broader audience and wider range of use cases, plus the packager may not share the same information security principles as you and may assess the risks differently. Read the rest of this entry »
Permalink
February 19, 2007 late at night
· Filed under LAMP, apache, fedora core linux, information security, php, wordpress
In part I of this article, we discussed how to secure wordpress server by applying PHP secure configurations such as to switch on safe_mode, and to switch off expose_php, enable_dl, and allow_url_fopen. This time we’ll cover more secure PHP configurations. Read the rest of this entry »
Permalink
February 5, 2007 around lunchtime
· Filed under LAMP, SELinux, apache, change control, fedora core linux, information security, linux, live journal, wordpress, wordpress plugin, wordpress theme
This post, as a live journal, will document the journey of this self-hosted wordpress blog server: how it gets created, maintained, altered, upgraded, and secured. The live diary will cover the whole spectrum of a wordpress blog server, or as a business-savvy would put it, the blog’s “ecosystem”: the hardware, networking (DNS, routing, firewall), operating system, Apache, PHP, MySQL, wordpress blog server software, security, themes and plug-ins, Google AdSense, backup and restore, disaster recovery, performance boosters, and etc. Read the rest of this entry »
Permalink
February 3, 2007 around lunchtime
· Filed under LAMP, apache, fedora core linux, information security, linux, php, wordpress
A new article has been added. It covers how to cover all angles to maintain CIA (Confidentiality, Integrity, and Availability) of a wordpress server or a LAMP server. It is a part II of an earlier article on how to secure a wordpress server or other LAMP servers. The latter covers securing individual software components of a wordpress server or other LAMP servers.
Right now it is a long check list. I plan to expand and elaborate item by item over time. If you like any particular item be covered first, please leave a note in the comment section below.
Permalink
