• Home
  • Archive
  • Tools
  • Contact Us

The Customize Windows

Technology Journal

  • Cloud Computing
  • Computer
  • Digital Photography
  • Windows 7
  • Archive
  • Cloud Computing
  • Virtualization
  • Computer and Internet
  • Digital Photography
  • Android
  • Sysadmin
  • Electronics
  • Big Data
  • Virtualization
  • Downloads
  • Web Development
  • Apple
  • Android
Advertisement
You are here:Home » Hardening Rackspace Cloud Server for WordPress : Part 3

By Abhishek Ghosh April 20, 2014 10:08 am Updated on April 20, 2014

Hardening Rackspace Cloud Server for WordPress : Part 3

Advertisement

We are ending our ongoing discussion on the topic Hardening Rackspace Cloud Server for WordPress, to make it improbable to get hacked ever. Unless you have been targeted, it is actually quite rare to get the Server hacked (not WordPress), if the basic points of security are maintained. Without reading the previous articles, probably it will be difficult to understand what we have talked about so far :

 

  1. Hardening Rackspace Cloud Server for WordPress : Part 1
  2. Hardening Rackspace Cloud Server for WordPress : Part 2

 

You can read an interesting guide to Make WordPress Scalable. It has relationship with this final episode of the Hardening Rackspace Cloud Server for WordPress Series. Website with pure HTML pages are not only easy to scale, its easier, cost saving way, less vulnerable to the hacking efforts and Google actually loves pure HTML pages. If you can change the $PATH and the names of the contents served from wp-content,  wp-includes – that is great.

 

Hardening Rackspace Cloud Server for WordPress : Using Load Balancer and/or Reverse Proxy Server in Front

 

Whatever setup you’ll have, basically there will be one server which is important for generating content and holds the main files of WordPress. Instead of exposing the bare IP of the server or server group, it is a good idea to add a load balancer in front of your nodes / servers. Apart from making the script kiddies fool by using the different IP address, a load balancer can perform HTTP caching. You will always get a great header response if you use a load balancer. If FTP server is one in number, use round robin algorithm. Do not resolve DNS with main server’s IP – that is, do not add your main server’s IP on Cloud DNS settings. It will be meaningless for the security purpose – we want to pass public internet traffic only via the Load Balancer’s IP. In case of server failure where no nodes are available, Load Balancers serve a nice custom page.

Advertisement

---

Hardening Rackspace Cloud Server for WordPress

Google bots hugely dislike servers to be down – so adding at least two servers (where one is another’s pure HTML copy) is not a bad idea. However, round robin will not work fine for the best page speed. If you want to use nginx reverse proxy, you can read our guide on Reverse Proxying with Nginx.

On the WordPress side, MySQL Database Server and wp-config.php are common targets of the scripted attacks. chown and chgrp the file to the privileged user, not to the Database Server user name. Probably you’ll require a more liberal chmod value – chmod is of lesser importance on our setup as others are not the World in our case plus we have protected the wp-config.php from .htaccess and .htaccess is also protected.

Never use localhost or IP of localhost in wp-config.php file.

You will get some details on editing my.cnf file on our Optimizing MySQL Database Performance guide. Probably you will love to load balance your MySQL server, you need to bind the IP on that file. Obviously you can use FQDN instead of bare IP. As you are closing the Ports to access over HTTP and masking MySQL server’s real IP, with proper settings; without the private key, it is actually impossible to login to the server, even with the right username and password.

 

Hardening Rackspace Cloud Server for WordPress : Monitor the Activities of the Plugins and Themes

 

Best is to use custom Plugins and Themes, at least modified Plugins and Themes. The Plugins and Themes can give API based access to your database, eventually can perform sql injection. Another weak point is any kind of web form – comment or whatever form when hosted on the same server and can access the database.

Either close the comment forms after a period or specially on a particular post when you notice lot of spammy comments on a certain post. It is better either to offload the comments to Discuss like service or fully close it. Weighing the risk of tracking, data sniffing, keyword sniffing, possibilities of redirection and increase in Page loading speed – its better to not allow comment at all.

Facebook Twitter Pinterest

Abhishek Ghosh

About Abhishek Ghosh

Abhishek Ghosh is a Businessman, Surgeon, Author and Blogger. You can keep touch with him on Twitter - @AbhishekCTRL.

Here’s what we’ve got for you which might like :

Articles Related to Hardening Rackspace Cloud Server for WordPress : Part 3

  • Nginx WordPress Installation Guide (All Steps)

    This is a Full Nginx WordPress Installation Guide With All the Steps, Including Some Optimization and Setup Which is Compatible With WordPress DOT ORG Example Settings For Nginx.

  • WordPress & PHP : Different AdSense Units on Mobile Devices

    Here is How To Serve Different AdSense Units on Mobile Devices on WordPress With PHP. WordPress Has Function Which Can Be Used In Free Way.

  • How To Install mod_pagespeed on Rackspace Cloud Server

    Step by Step Guide on How To Install mod_pagespeed on Rackspace Cloud Server Running Ubuntu 13.10 plus Add On Tips to Configure Cloud Files.

  • Installing WordPress on Rackspace Cloud Server with Cloud Database

    Installing WordPress on Rackspace Cloud Server with Cloud Database can give you a good performance with scalable and economically best solution. Simple Guide.

performing a search on this website can help you. Also, we have YouTube Videos.

Take The Conversation Further ...

We'd love to know your thoughts on this article.
Meet the Author over on Twitter to join the conversation right now!

If you want to Advertise on our Article or want a Sponsored Article, you are invited to Contact us.

Contact Us

Subscribe To Our Free Newsletter

Get new posts by email:

Please Confirm the Subscription When Approval Email Will Arrive in Your Email Inbox as Second Step.

Search this website…

 

Popular Articles

Our Homepage is best place to find popular articles!

Here Are Some Good to Read Articles :

  • Cloud Computing Service Models
  • What is Cloud Computing?
  • Cloud Computing and Social Networks in Mobile Space
  • ARM Processor Architecture
  • What Camera Mode to Choose
  • Indispensable MySQL queries for custom fields in WordPress
  • Windows 7 Speech Recognition Scripting Related Tutorials

Social Networks

  • Pinterest (24.3K Followers)
  • Twitter (5.8k Followers)
  • Facebook (5.7k Followers)
  • LinkedIn (3.7k Followers)
  • YouTube (1.3k Followers)
  • GitHub (Repository)
  • GitHub (Gists)
Looking to publish sponsored article on our website?

Contact us

Recent Posts

  • Affordable Earphone/IEM for Audiophiles: HiFiMan RE-400 WaterlineOctober 2, 2023
  • What is Hardware Security Module (HSM)September 30, 2023
  • Transducer Technologies of HeadphonesSeptember 28, 2023
  • What is Analog-to-Digital Converter (ADC)September 27, 2023
  • Comparison of Tube Amplifiers and SemiconductorsSeptember 26, 2023
PC users can consult Corrine Chorney for Security.

Want to know more about us?

Read Notability and Mentions & Our Setup.

Copyright © 2023 - The Customize Windows | dESIGNed by The Customize Windows

Copyright  · Privacy Policy  · Advertising Policy  · Terms of Service  · Refund Policy