Results 1 to 5 of 5

Thread: New website

  1. #1
    Junior Member
    Join Date
    May 2018
    Posts
    4

    New website

    I am creating a website for myself and need some help on the back end. I want to ensure that I am using the best security plugin available, please advice.

  2. #2
    Forum manager Chris's Avatar
    Join Date
    Feb 2018
    Location
    Aberystwyth, Ceredigion, Mid-Wales
    Posts
    12

    Hi Ben,

    Are you already using a content management system (CMS) on the site or is this something you want to look into?

    Examples of CMS are WordPress, Typo3, Drupal, vBulletin (This forum uses that), they're great tools to enable a user friendly environment in which to edit your content and update your work/site. But they come with downfalls.

    You are right to ask about security, especially in terms of websites. Below I will give a few pointers and suggestions to keep your site secure:

    • You might consider keeping your site static, that is, don't use a backend and only serve your site using html. This is very secure because there are very few 'holes' through which you could be attacked. There would be no database, so you would not be open to SQL Injection. You would not be using cookies, which would mean you were not susceptable to Cross site Scripting attacks. Don't worry too much about this terminology for now unless you're interested, I'm just making a point about the security. The real downside in this is that you'd have to edit your files manually (and have a knowledge of how to code in HTML) everytime you wanted to adjust the site.
    • If you do consider a CMS, lets take WordPress for example there are (as you suggested) plugins designed to work with your site to lock down things like login pages, to block attackers that are trying to access pages that don't exist multiple times in an attempt to find hidden information or login access. To discover more about these, you can install WordPress and then go to the Plugin section of the 'back end', you get there by default by going to wp-login.php or wp-admin/ it is also wise to hide these unless you plan to implement other security constraints.


    There are pro's and cons to using CMS vs not, security, Search Engine Optimisation (SEO) being just a couple.

    I'll stop for now, as this is quite a lot of information to go on with, but if you'd like me to exand on anything specific that I have (or haven't) mentioned here, please do ask.

    Kind regards,
    Chris

  3. #3
    Junior Member
    Join Date
    May 2018
    Posts
    4
    Hey Chris
    I'm using WordPress, so which plugins do I need for maximum security effect. I want to keep everything secure (as I can imagine anyone else would), which plugins would work well with others without compromising anything.

  4. #4
    Forum manager Chris's Avatar
    Join Date
    Feb 2018
    Location
    Aberystwyth, Ceredigion, Mid-Wales
    Posts
    12

    Red face

    Hi Ben,

    There are quite a few to choose from, I'll give you a link to a few that I have used in the past (and some I still do) I think they're all pretty good.

    The main two that I know of are:
    • iThemes Security. This used to be called "Better WP Security" and has a large array of options to lock down your site, things like brute force password protection; hide the back end; move database table name to non-default (the list goes on), they also have a paid version with even more functionality built in.
    • WordFence is the second one I feel is right up there in terms of competitive nature in locking down and monitoring the security of the site. I have always fealt this is more of a passive attempt as securing wordpress, however, it does also have inline security constraints that are active.


    It's worth searching the plugins for terms such as:
    • Hide wordpress login.
    • Remove generator tags.
    • Remove version numbers.


    I'll post again later if I can think of any more helpful suggestions of any more specific plugins to help you in your attemp to secure your site!

    Good luck,

    Kind regards,
    Chris

  5. #5
    Junior Member
    Join Date
    May 2018
    Posts
    4
    Thank you Chris for all off your help, it's, much appreciated.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •