Categories
IT-Stuff

Friday & The World Backup Day Pledge some thinking

“I solemnly swear to backup my important documents and precious memories on March 31st.”

Time to think about Backup … Why What Where and how …. stay tuned

Categories
islba-company

a new week

I can’t care less if this was ever a friday afternoon problem. Let’s go!

And the Week starts with something like this …...

Client Call … have I been hacked or is just my hardeware dying
Log File Check
Call Hardware Folks
Call Legal

oh boy a week can’t start better ….

Categories
IT-Stuff

Hardening WordPress

most of the time when it comes to hardening an existing #wordPress installation or site, we are all used to listen to the same old tunes.

  • run update to the latest version
  • remove unused PlugIns
  • run update on used PlugIns
  • check twice if you need the PlugIn for real (else get rid of it)
  • disable PlugIns that run out of updates or look forward to replace them
  • minimize user permissions (not all yout users need to get admin privileges)
  • sort out users (users that no longer need access have to be removed)
  • use 2FA (google authenticator does the trick pretty well)
  • protect your login page
  • limit login attempts

But here are commin the new tunes …..

Disable PHP error display:
a simple edit of the site’s wp-config.php file with this code should do the trick

define ( 'WP_DEBUG' , false); 

Disable PHP execution in untrusted folders:
this is a pretty new one for me, that you can guard against it with a simple access control file.
just a little code is needed in .htaccess
We have to test this well, because I think, you can pretty fast overusing this restrictions, and most of WordPress involves PHP execution.

<FilesMatch "\.(php|php\.)$">
Order Allow,Deny
Deny from all
</FilesMatch
Categories
islba-company

a new week

I can’t care less if this was ever a friday afternoon problem. Let’s go!

And the Week starts with something like this …...

  • 2FA for VPN clients
  • what kind of VPN do you really want
  • video conferencing tools
  • and meetings lots of online meetings
  • and again thinkin about mailed in log reports of VPN usage per user