Please or Register to create posts and topics.

Forum Updates for 2020-10-07: Increased Security Measures

#1 · October 7, 2020, 6:29 pm

Quote from Wendell on October 7, 2020, 6:29 pm
A website can never be too secure, so we've upgraded and added new security protocols, just in time for hitting our 500,000th post milestone.

?ÿ

7G Website Application Firewall (WAF)

Previously (i.e. yesterday), we were using the 6G Firewall. In early September, the next generation of this firewall, 7G, came out of beta. We awaited further testing in the real world before implementing it here, plus made some customizations specifically for RPLS Today. I'm happy to report that we've upgraded to 7G this morning. The new firewall is installed at the server level, stopping bad guys before they even reach the website itself. You can read more about the 7G Firewall here: https://perishablepress.com/7g-firewall/

?ÿ

Security Protocol Updates

We've always made a big deal out of blocking stuff from the bad guys. Or even the good guys, for that matter -- what I'm saying is, if there's a script or piece of code somewhere in the software that we use to run RPLS Today that we aren't actively using, or maybe it doesn't need to be accessed by users or guests, it makes sense to block it. There are built-in processes to block them by default, but you can never be too sure. So we've gone out of our way in this latest round of security checks and updates to ensure (then ensure again) that stuff is as protected as possible.

For the curious security nerds, here's a list of some of the implemented and/or improved security protocols:

Disable user enumeration

Block scanning agents

Block software version numbers

Block install and upgrade paths/files

Block load-scripts concatenation

Block OPML linking

Block spam (even better than before)

Block common usernames

Guard comments and password resets

Block bad bots

Block bad methods

Block bad query strings

Block bad referrers

Block bad requests

?ÿ

One More Thing...

All of my Website Care Plan clients over at Harness Media enjoy these same benefits. We don't screw around with website security. It's critical that your business' website stay secure, especially in this current client of cyber attacks, spamming, scamming, etc. In fact, having good security protocols in place at the server level actually improves page loading times as well, since we are blocking visits by the bad guys before they even reach your website.

If you wish to host and maintain your own website, I've put together a free ebook entitled, Five Essentials For Keeping Your Website Safe, which you can download here: https://harnessyourwebsite.com/five-essentials-for-keeping-your-wordpress-website-safe/

And yes, I did get approval to post this advertisement. 🙂

A website can never be too secure, so we've upgraded and added new security protocols, just in time for hitting our 500,000th post milestone.

7G Website Application Firewall (WAF)

Previously (i.e. yesterday), we were using the 6G Firewall. In early September, the next generation of this firewall, 7G, came out of beta. We awaited further testing in the real world before implementing it here, plus made some customizations specifically for RPLS Today. I'm happy to report that we've upgraded to 7G this morning. The new firewall is installed at the server level, stopping bad guys before they even reach the website itself. You can read more about the 7G Firewall here: https://perishablepress.com/7g-firewall/

Security Protocol Updates

We've always made a big deal out of blocking stuff from the bad guys. Or even the good guys, for that matter -- what I'm saying is, if there's a script or piece of code somewhere in the software that we use to run RPLS Today that we aren't actively using, or maybe it doesn't need to be accessed by users or guests, it makes sense to block it. There are built-in processes to block them by default, but you can never be too sure. So we've gone out of our way in this latest round of security checks and updates to ensure (then ensure again) that stuff is as protected as possible.

For the curious security nerds, here's a list of some of the implemented and/or improved security protocols:

Disable user enumeration
Block scanning agents
Block software version numbers
Block install and upgrade paths/files
Block load-scripts concatenation
Block OPML linking
Block spam (even better than before)
Block common usernames
Guard comments and password resets
Block bad bots
Block bad methods
Block bad query strings
Block bad referrers
Block bad requests

One More Thing...

All of my Website Care Plan clients over at Harness Media enjoy these same benefits. We don't screw around with website security. It's critical that your business' website stay secure, especially in this current client of cyber attacks, spamming, scamming, etc. In fact, having good security protocols in place at the server level actually improves page loading times as well, since we are blocking visits by the bad guys before they even reach your website.

If you wish to host and maintain your own website, I've put together a free ebook entitled, Five Essentials For Keeping Your Website Safe, which you can download here: https://harnessyourwebsite.com/five-essentials-for-keeping-your-wordpress-website-safe/

And yes, I did get approval to post this advertisement. 🙂