• Home
  • Archive
  • Tools
  • Contact Us

The Customize Windows

Technology Journal

  • Cloud Computing
  • Computer
  • Digital Photography
  • Windows 7
  • Archive
  • Cloud Computing
  • Virtualization
  • Computer and Internet
  • Digital Photography
  • Android
  • Sysadmin
  • Electronics
  • Big Data
  • Virtualization
  • Downloads
  • Web Development
  • Apple
  • Android
Advertisement
You are here: Home » Hardening Rackspace Cloud Server for WordPress : Part 3

By Abhishek Ghosh April 20, 2014 10:08 am Updated on April 20, 2014

Hardening Rackspace Cloud Server for WordPress : Part 3

Advertisement

We are ending our ongoing discussion on the topic Hardening Rackspace Cloud Server for WordPress, to make it improbable to get hacked ever. Unless you have been targeted, it is actually quite rare to get the Server hacked (not WordPress), if the basic points of security are maintained. Without reading the previous articles, probably it will be difficult to understand what we have talked about so far :

 

  1. Hardening Rackspace Cloud Server for WordPress : Part 1
  2. Hardening Rackspace Cloud Server for WordPress : Part 2

 

You can read an interesting guide to Make WordPress Scalable. It has relationship with this final episode of the Hardening Rackspace Cloud Server for WordPress Series. Website with pure HTML pages are not only easy to scale, its easier, cost saving way, less vulnerable to the hacking efforts and Google actually loves pure HTML pages. If you can change the $PATH and the names of the contents served from wp-content,  wp-includes – that is great.

 

Hardening Rackspace Cloud Server for WordPress : Using Load Balancer and/or Reverse Proxy Server in Front

 

Whatever setup you’ll have, basically there will be one server which is important for generating content and holds the main files of WordPress. Instead of exposing the bare IP of the server or server group, it is a good idea to add a load balancer in front of your nodes / servers. Apart from making the script kiddies fool by using the different IP address, a load balancer can perform HTTP caching. You will always get a great header response if you use a load balancer. If FTP server is one in number, use round robin algorithm. Do not resolve DNS with main server’s IP – that is, do not add your main server’s IP on Cloud DNS settings. It will be meaningless for the security purpose – we want to pass public internet traffic only via the Load Balancer’s IP. In case of server failure where no nodes are available, Load Balancers serve a nice custom page.

Advertisement

---

Hardening Rackspace Cloud Server for WordPress

Google bots hugely dislike servers to be down – so adding at least two servers (where one is another’s pure HTML copy) is not a bad idea. However, round robin will not work fine for the best page speed. If you want to use nginx reverse proxy, you can read our guide on Reverse Proxying with Nginx.

On the WordPress side, MySQL Database Server and wp-config.php are common targets of the scripted attacks. chown and chgrp the file to the privileged user, not to the Database Server user name. Probably you’ll require a more liberal chmod value – chmod is of lesser importance on our setup as others are not the World in our case plus we have protected the wp-config.php from .htaccess and .htaccess is also protected.

Never use localhost or IP of localhost in wp-config.php file.

You will get some details on editing my.cnf file on our Optimizing MySQL Database Performance guide. Probably you will love to load balance your MySQL server, you need to bind the IP on that file. Obviously you can use FQDN instead of bare IP. As you are closing the Ports to access over HTTP and masking MySQL server’s real IP, with proper settings; without the private key, it is actually impossible to login to the server, even with the right username and password.

 

Hardening Rackspace Cloud Server for WordPress : Monitor the Activities of the Plugins and Themes

 

Best is to use custom Plugins and Themes, at least modified Plugins and Themes. The Plugins and Themes can give API based access to your database, eventually can perform sql injection. Another weak point is any kind of web form – comment or whatever form when hosted on the same server and can access the database.

Either close the comment forms after a period or specially on a particular post when you notice lot of spammy comments on a certain post. It is better either to offload the comments to Discuss like service or fully close it. Weighing the risk of tracking, data sniffing, keyword sniffing, possibilities of redirection and increase in Page loading speed – its better to not allow comment at all.

This Article Has Been Shared 566 Times!

Facebook Twitter Pinterest
Abhishek Ghosh

About Abhishek Ghosh

Abhishek Ghosh is a Businessman, Orthopaedic Surgeon, Author and Blogger. You can keep touch with him on Twitter - @AbhishekCTRL.

Here’s what we’ve got for you which might like :

Articles Related to Hardening Rackspace Cloud Server for WordPress : Part 3

  • Free Cloud Services and CDN are Risk Factors for your WordPress Blog

    Free Cloud Services and CDN service with or without caps are offered nowadays by various WordPress plugins. They can be dangerous for your valuable blog.

  • Cloud Computing Privacy : Are Service Providers Concerned about?

    Cloud Computing, especially the free public cloud has known issues with the privacy and security of the end users. But, how much the Cloud Service Providers are thoughtful about these?

  • Cloud Storage : Unsolved Problems

    Cloud Storage has some unsolved problems, despite the flexibility it offers. What if we want to take the data from the Cloud Storage or change our providers ?

  • Relocating Groupware to Cloud

    Relocating Groupware to Cloud should planned and prepared well. Collaboration and groupware solutions are well suited for cloud and are already widely used.

  • Cloud Computing and The Consequence of Employment in IT Sector

    Cloud Computing and The Consequence of Employment in IT Sector is quite burning topic now as happened few decades back while mass introduction of Computers.

Additionally, performing a search on this website can help you. Also, we have YouTube Videos.

Take The Conversation Further ...

We'd love to know your thoughts on this article.
Meet the Author over on Twitter to join the conversation right now!

If you want to Advertise on our Article or want a Sponsored Article, you are invited to Contact us.

Contact Us

Subscribe To Our Free Newsletter

You can subscribe to our Free Once a Day, Regular Newsletter by clicking the subscribe button below.

Click To Subscribe

Please Confirm the Subscription When Approval Email Will Arrive in Your Email Inbox as Second Step.

Search this website…

 

Popular Articles

Our Homepage is best place to find popular articles!

Here Are Some Good to Read Articles :

  • Cloud Computing Service Models
  • What is Cloud Computing?
  • Cloud Computing and Social Networks in Mobile Space
  • ARM Processor Architecture
  • What Camera Mode to Choose
  • Indispensable MySQL queries for custom fields in WordPress
  • Windows 7 Speech Recognition Scripting Related Tutorials

Social Networks

  • Pinterest (20K Followers)
  • Twitter (4.9k Followers)
  • Facebook (5.8k Followers)
  • LinkedIn (3.7k Followers)
  • YouTube (1.2k Followers)
  • GitHub (Repository)
  • GitHub (Gists)
Looking to publish sponsored article on our website?

Contact us

Recent Posts

  • Wi-Fi for Old House With Thick Walls January 26, 2021
  • What is Inertial Navigation System? January 25, 2021
  • What is Miniaturization? January 24, 2021
  • What is Domain-Driven Design (DDD)? January 23, 2021
  • Top 10 Anti Hacking Software for Microsoft Windows January 22, 2021

 

About This Article

Cite this article as: Abhishek Ghosh, "Hardening Rackspace Cloud Server for WordPress : Part 3," in The Customize Windows, April 20, 2014, January 26, 2021, https://thecustomizewindows.com/2014/04/hardening-rackspace-cloud-server-wordpress-part-3/.

Source:The Customize Windows, JiMA.in

 

This website uses cookies. If you do not want to allow us to use cookies and/or non-personalized Ads, kindly clear browser cookies after closing this webpage.

Read Cookie Policy.

PC users can consult Corrine Chorney for Security.

Want to know more about us? Read Notability and Mentions & Our Setup.

Copyright © 2021 - The Customize Windows | dESIGNed by The Customize Windows

Copyright  · Privacy Policy  · Advertising Policy  · Terms of Service  · Refund Policy