PacktLib: WordPress 3 Ultimate Security
WordPress 3 Ultimate Security
Credits
About the Author
Acknowledgement
About the Reviewers
www.PacktPub.com
Preface
So What's the Risk?
Calculated risk
An overview of our risk
Meet the hackers
Physically hacked off
Social engineering
Weighing up Windows, Linux, and Mac OS X
Malwares dissected
World wide worry
Overall risk to the site and server
Summary
Hack or Be Hacked
Introducing the hacker's methodology
Ethical hacking vs. doing time
The reconnaissance phase
Demystifying DNS
Domain name security
The scanning phase
Summary
Securing the Local Box
Breaking Windows: considering alternatives
Windows security services
Proactive about anti-malware
The almost perfect anti-malware solution
Windows user accounts
Managing passwords and sensitive data
Securing data and backup solutions
Programming a safer system
Summary
Surf Safe
Look (out), no wires
Network security re-routed
Using public computers – it can be done
Hotspotting Wi-Fi
E-mailing clients and webmail
Browsers, don't lose your trousers
Anonymous browsing
Networking, friending, and info leak
Summary
Login Lock-Down
Sizing up connection options
WordPress administration with SSL
SSL and login plugins
Locking down indirect access
Apache modules
Summary
10 Must-Do WordPress Tasks
Locking it down
Backing up the lot
Updating shrewdly
Neutering the admin account
Correcting permissions creep
Hiding the WordPress version
Nuking the wp_ tables prefix
Setting up secret keys
Denying access to wp-config.php
Hardening wp-content and wp-includes
Summary
Galvanizing WordPress
Fast installs with Fantastico ... but is it?
Considering a local development server
Added protection for wp-config.php
WordPress security by ultimate obscurity
Revisiting the htaccess file
Good bot, bad bot
Setting up an antimalware suite
More login safeguards
Concerning code
Hiding your files
Summary
Containing Content
Abused, fair use and user-friendly
Illegality vs. benefit
A nice problem to have (or better still to manage)
Sharing and collaboration
Protecting content
Pre-emptive defense
Reactive response
Tackling offenders
Summary
Serving Up Security
.com blogs vs .org sites
Host type analysis
Control panels and terminals
Managing unmanaged with Webmin
Users, permissions, and dangers
Sniffing out dangerous permissions
System users
Repositories, packages, and integrity
Tracking suspect activity with logs
Summary
Solidifying Unmanaged
Hardening the Secure Shell
chrooted SFTP access with OpenSSH
PHP's .ini mini guide
Patching PHP with Suhosin
Isolating risk with SuPHP
Containing MySQL databases
phpMyAdmin: friend or foe?
Bricking up the doors
Fired up on firewalls
Enhancing usability with CSF
Service or disservice?
Gatekeeping with TCP wrappers
Stockier network stack
Summary
Defense in Depth
Hardening the kernel with grsecurity
Integrity, logs, and alerts with OSSEC
Using OSSEC
Updating OSSEC
Easing analysis with a GUI
Slamming backdoors and rootkits
(D)DoS protection with mod_evasive
Sniffing out malformed packets with Snort
Firewalling the web with ModSecurity
Summary
Plugins for Paranoia
Plugins for Paranoia
Plugins for Paranoia
Plugins for Paranoia
Plugins for Paranoia
Plugins for Paranoia
Plugins for Paranoia
Plugins for Paranoia
Don't Panic! Disaster Recovery
Don't Panic! Disaster Recovery
Don't Panic! Disaster Recovery
Don't Panic! Disaster Recovery
Don't Panic! Disaster Recovery
Don't Panic! Disaster Recovery
Don't Panic! Disaster Recovery
Don't Panic! Disaster Recovery
Don't Panic! Disaster Recovery
Don't Panic! Disaster Recovery
Security Policy
Security Policy
Essential Reference
Essential Reference
Essential Reference
Essential Reference
Essential Reference
Essential Reference
Essential Reference
Essential Reference
Essential Reference
Essential Reference
Essential Reference
Essential Reference
Essential Reference
Essential Reference
Essential Reference
Index
'