PacktLib: WordPress 3 Ultimate Security

WordPress 3 Ultimate Security

Credits

About the Author

Acknowledgement

About the Reviewers

www.PacktPub.com

Preface

So What's the Risk?

Calculated risk

An overview of our risk

Meet the hackers

Physically hacked off

Social engineering

Weighing up Windows, Linux, and Mac OS X

Malwares dissected

World wide worry

Overall risk to the site and server

Summary

Hack or Be Hacked

Introducing the hacker's methodology

Ethical hacking vs. doing time

The reconnaissance phase

Demystifying DNS

Domain name security

The scanning phase

Summary

Securing the Local Box

Breaking Windows: considering alternatives

Windows security services

Proactive about anti-malware

The almost perfect anti-malware solution

Windows user accounts

Managing passwords and sensitive data

Securing data and backup solutions

Programming a safer system

Summary

Surf Safe

Look (out), no wires

Network security re-routed

Using public computers – it can be done

Hotspotting Wi-Fi

E-mailing clients and webmail

Browsers, don't lose your trousers

Anonymous browsing

Networking, friending, and info leak

Summary

Login Lock-Down

Sizing up connection options

WordPress administration with SSL

SSL and login plugins

Locking down indirect access

Apache modules

Summary

10 Must-Do WordPress Tasks

Locking it down

Backing up the lot

Updating shrewdly

Neutering the admin account

Correcting permissions creep

Hiding the WordPress version

Nuking the wp_ tables prefix

Setting up secret keys

Denying access to wp-config.php

Hardening wp-content and wp-includes

Summary

Galvanizing WordPress

Fast installs with Fantastico ... but is it?

Considering a local development server

Added protection for wp-config.php

WordPress security by ultimate obscurity

Revisiting the htaccess file

Good bot, bad bot

Setting up an antimalware suite

More login safeguards

Concerning code

Hiding your files

Summary

Containing Content

Abused, fair use and user-friendly

Illegality vs. benefit

A nice problem to have (or better still to manage)

Sharing and collaboration

Protecting content

Pre-emptive defense

Reactive response

Tackling offenders

Summary

Serving Up Security

.com blogs vs .org sites

Host type analysis

Control panels and terminals

Managing unmanaged with Webmin

Users, permissions, and dangers

Sniffing out dangerous permissions

System users

Repositories, packages, and integrity

Tracking suspect activity with logs

Summary

Solidifying Unmanaged

Hardening the Secure Shell

chrooted SFTP access with OpenSSH

PHP's .ini mini guide

Patching PHP with Suhosin

Isolating risk with SuPHP

Containing MySQL databases

phpMyAdmin: friend or foe?

Bricking up the doors

Fired up on firewalls

Enhancing usability with CSF

Service or disservice?

Gatekeeping with TCP wrappers

Stockier network stack

Summary

Defense in Depth

Hardening the kernel with grsecurity

Integrity, logs, and alerts with OSSEC

Using OSSEC

Updating OSSEC

Easing analysis with a GUI

Slamming backdoors and rootkits

(D)DoS protection with mod_evasive

Sniffing out malformed packets with Snort

Firewalling the web with ModSecurity

Summary

Plugins for Paranoia

Plugins for Paranoia

Plugins for Paranoia

Plugins for Paranoia

Plugins for Paranoia

Plugins for Paranoia

Plugins for Paranoia

Plugins for Paranoia

Don't Panic! Disaster Recovery

Don't Panic! Disaster Recovery

Don't Panic! Disaster Recovery

Don't Panic! Disaster Recovery

Don't Panic! Disaster Recovery

Don't Panic! Disaster Recovery

Don't Panic! Disaster Recovery

Don't Panic! Disaster Recovery

Don't Panic! Disaster Recovery

Don't Panic! Disaster Recovery

Security Policy

Security Policy

Essential Reference

Essential Reference

Essential Reference

Essential Reference

Essential Reference

Essential Reference

Essential Reference

Essential Reference

Essential Reference

Essential Reference

Essential Reference

Essential Reference

Essential Reference

Essential Reference

Essential Reference

Index