- 632 024 182
- [email protected]
- Lunes - Viernes: 9:00 - 20:00
Menu
Tips for keeping your WordPress web server secure
According to statistics more than 59% of the websites are made with WordPress, therefore, it is very important to know how to keep our website safe. In this article I am going to give you some tips that will help you with this task.
Disable directory lookup
Directory lookup is the method used by attackers/users to access sensitive system information. It also shows your web structures, so it is useful to know how to navigate around your system. It must be disabled to prevent that.
To disable it, simply open your apache configuration file, usually /etc/apache2/sites-available/000-default.conf and delete Indexes from the following line.
Note: Remember to restart the apache service for the changes to take effect.
Disable server signatures
The attacker wants to know the server signature, including PHP and Apache web server versions. This is very useful for the attacker to find vulnerabilities in your system and therefore launch the appropriate exploit. Therefore, disable signatures.
In the php.ini file of your PHP version find the line expose_php and change it to off.
In the general apache configuration file /etc/apache2/apache2.conf (normally) add the line ServerSignature Off.2 at the end.
Note: Remember to restart the apache service for the changes to take effect.
Enable your firewall with iptables on your server
It is very important to have a well configured firewall to close possible open doors that make it easier for an attacker to get into your system. To do this, I recommend using iptables to open or close the necessary ports on your system. You can even allow or deny access to specific IPs or macs.
To allow access to your website without being specific would be (80 HTTP, 443 HTTPS):
Iptables -A INPUT -p tcp -m tcp –dport 80 -j ACCEPT
Iptables -A INPUT -p tcp -m tcp –dport 443 -j ACCEPT
To specify an IP it would be:
Iptables -A INPUT -s x.x.x.x.x/xx -p tcp -m tcp –dport 8- -j ACCEPT
Note: Remember to save all rules with sudo service iptables knows and restart the iptables service.
Keep an eye on your system logs
All of your Linux system logs are in /var/log/. It is very important to look at your system logs often as they give you a lot of information about what is going on in your system. This information will always keep you alerted in case a problem occurs. Being able to detect the problem as early as possible will save you a lot of headaches.