• Home
  • Archive
  • Tools
  • Contact Us

The Customize Windows

Technology Journal

  • Cloud Computing
  • Computer
  • Digital Photography
  • Windows 7
  • Archive
  • Cloud Computing
  • Virtualization
  • Computer and Internet
  • Digital Photography
  • Android
  • Sysadmin
  • Electronics
  • Big Data
  • Virtualization
  • Downloads
  • Web Development
  • Apple
  • Android
Advertisement
You are here: Home » Hardening Rackspace Cloud Server for WordPress : Part 3

By Abhishek Ghosh April 20, 2014 10:08 am Updated on April 20, 2014

Hardening Rackspace Cloud Server for WordPress : Part 3

Advertisement

We are ending our ongoing discussion on the topic Hardening Rackspace Cloud Server for WordPress, to make it improbable to get hacked ever. Unless you have been targeted, it is actually quite rare to get the Server hacked (not WordPress), if the basic points of security are maintained. Without reading the previous articles, probably it will be difficult to understand what we have talked about so far :

 

  1. Hardening Rackspace Cloud Server for WordPress : Part 1
  2. Hardening Rackspace Cloud Server for WordPress : Part 2

 

You can read an interesting guide to Make WordPress Scalable. It has relationship with this final episode of the Hardening Rackspace Cloud Server for WordPress Series. Website with pure HTML pages are not only easy to scale, its easier, cost saving way, less vulnerable to the hacking efforts and Google actually loves pure HTML pages. If you can change the $PATH and the names of the contents served from wp-content,  wp-includes – that is great.

 

Hardening Rackspace Cloud Server for WordPress : Using Load Balancer and/or Reverse Proxy Server in Front

 

Whatever setup you’ll have, basically there will be one server which is important for generating content and holds the main files of WordPress. Instead of exposing the bare IP of the server or server group, it is a good idea to add a load balancer in front of your nodes / servers. Apart from making the script kiddies fool by using the different IP address, a load balancer can perform HTTP caching. You will always get a great header response if you use a load balancer. If FTP server is one in number, use round robin algorithm. Do not resolve DNS with main server’s IP – that is, do not add your main server’s IP on Cloud DNS settings. It will be meaningless for the security purpose – we want to pass public internet traffic only via the Load Balancer’s IP. In case of server failure where no nodes are available, Load Balancers serve a nice custom page.

Advertisement

---

Hardening Rackspace Cloud Server for WordPress

Google bots hugely dislike servers to be down – so adding at least two servers (where one is another’s pure HTML copy) is not a bad idea. However, round robin will not work fine for the best page speed. If you want to use nginx reverse proxy, you can read our guide on Reverse Proxying with Nginx.

On the WordPress side, MySQL Database Server and wp-config.php are common targets of the scripted attacks. chown and chgrp the file to the privileged user, not to the Database Server user name. Probably you’ll require a more liberal chmod value – chmod is of lesser importance on our setup as others are not the World in our case plus we have protected the wp-config.php from .htaccess and .htaccess is also protected.

Never use localhost or IP of localhost in wp-config.php file.

You will get some details on editing my.cnf file on our Optimizing MySQL Database Performance guide. Probably you will love to load balance your MySQL server, you need to bind the IP on that file. Obviously you can use FQDN instead of bare IP. As you are closing the Ports to access over HTTP and masking MySQL server’s real IP, with proper settings; without the private key, it is actually impossible to login to the server, even with the right username and password.

 

Hardening Rackspace Cloud Server for WordPress : Monitor the Activities of the Plugins and Themes

 

Best is to use custom Plugins and Themes, at least modified Plugins and Themes. The Plugins and Themes can give API based access to your database, eventually can perform sql injection. Another weak point is any kind of web form – comment or whatever form when hosted on the same server and can access the database.

Either close the comment forms after a period or specially on a particular post when you notice lot of spammy comments on a certain post. It is better either to offload the comments to Discuss like service or fully close it. Weighing the risk of tracking, data sniffing, keyword sniffing, possibilities of redirection and increase in Page loading speed – its better to not allow comment at all.

This Article Has Been Shared 965 Times!

Facebook Twitter Pinterest

Abhishek Ghosh

About Abhishek Ghosh

Abhishek Ghosh is a Businessman, Surgeon, Author and Blogger. You can keep touch with him on Twitter - @AbhishekCTRL.

Here’s what we’ve got for you which might like :

Articles Related to Hardening Rackspace Cloud Server for WordPress : Part 3

  • Free Cloud Services and CDN are Risk Factors for your WordPress Blog

    Free Cloud Services and CDN service with or without caps are offered nowadays by various WordPress plugins. They can be dangerous for your valuable blog.

  • Cloud Computing Privacy : Are Service Providers Concerned about?

    Cloud Computing, especially the free public cloud has known issues with the privacy and security of the end users. But, how much the Cloud Service Providers are thoughtful about these?

  • Cloud Storage : Unsolved Problems

    Cloud Storage has some unsolved problems, despite the flexibility it offers. What if we want to take the data from the Cloud Storage or change our providers ?

  • Relocating Groupware to Cloud

    Relocating Groupware to Cloud should planned and prepared well. Collaboration and groupware solutions are well suited for cloud and are already widely used.

  • Cloud Computing and The Consequence of Employment in IT Sector

    Cloud Computing and The Consequence of Employment in IT Sector is quite burning topic now as happened few decades back while mass introduction of Computers.

Additionally, performing a search on this website can help you. Also, we have YouTube Videos.

Take The Conversation Further ...

We'd love to know your thoughts on this article.
Meet the Author over on Twitter to join the conversation right now!

If you want to Advertise on our Article or want a Sponsored Article, you are invited to Contact us.

Contact Us

Subscribe To Our Free Newsletter

Get new posts by email:

Please Confirm the Subscription When Approval Email Will Arrive in Your Email Inbox as Second Step.

Search this website…

 

Popular Articles

Our Homepage is best place to find popular articles!

Here Are Some Good to Read Articles :

  • Cloud Computing Service Models
  • What is Cloud Computing?
  • Cloud Computing and Social Networks in Mobile Space
  • ARM Processor Architecture
  • What Camera Mode to Choose
  • Indispensable MySQL queries for custom fields in WordPress
  • Windows 7 Speech Recognition Scripting Related Tutorials

Social Networks

  • Pinterest (24.3K Followers)
  • Twitter (5.8k Followers)
  • Facebook (5.7k Followers)
  • LinkedIn (3.7k Followers)
  • YouTube (1.3k Followers)
  • GitHub (Repository)
  • GitHub (Gists)
Looking to publish sponsored article on our website?

Contact us

Recent Posts

  • Zebronics Pixaplay 16 : Entry Level Movie Projector Review February 2, 2023
  • What is Voice User Interface (VUI) January 31, 2023
  • Proxy Server: Design Pattern in Programming January 30, 2023
  • Cyberpunk Aesthetics: What’s in it Special January 27, 2023
  • How to Do Electrical Layout Plan for Adding Smart Switches January 26, 2023

About This Article

Cite this article as: Abhishek Ghosh, "Hardening Rackspace Cloud Server for WordPress : Part 3," in The Customize Windows, April 20, 2014, February 3, 2023, https://thecustomizewindows.com/2014/04/hardening-rackspace-cloud-server-wordpress-part-3/.

Source:The Customize Windows, JiMA.in

PC users can consult Corrine Chorney for Security.

Want to know more about us? Read Notability and Mentions & Our Setup.

Copyright © 2023 - The Customize Windows | dESIGNed by The Customize Windows

Copyright  · Privacy Policy  · Advertising Policy  · Terms of Service  · Refund Policy

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Cookie SettingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT