Security Archives - Jason Whitehorn

5 Tips For Securing WordPress With Nginx

Securing your site isn’t as enjoyable as writing content, but it’s just as important.

Search the Internet for “securing WordPress” and you will see no shortage of articles discussing various plugins that promise to make your website more secure.

Many of what you’ll find is valid – I even use a few such plugins. However, plugins can only do so much. Security-minded WordPress admins should also be wary of installing too many plugins, as doing so increases the surface area of attack. For these reasons, I prefer to use Nginx as an added security layer for my WordPress sites. Below are 5 helpful tips for hardening a WordPress site with Nginx. read more

Internet, Security

Client Certificate Auth With Nginx

RSA Tokens are one form of enhanced authentication

When it comes to authentication on the web we’re pretty much all familiar with the password – king of the hill, infamous for both its flaws as well as its ubiquity. Outside of the password, you often run into authentication schemes such as token sharing (e.g., OAuth or RSA tokens). read more

Security

Previewing Chrome 68’s HTTP Security Change

Google made big news last week when they announced that Chrome 68 would mark all websites without SSL certificates as “Not Secure”. While the move was highly anticipated by many it will still be a disrupting process for many website operators who have yet to embrace the non-tangible benefits of HTTPS. read more