Forum Updates for 2020-10-07: Increased Security Measures
A website can never be too secure, so we've upgraded and added new security protocols, just in time for hitting our 500,000th post milestone.
7G Website Application Firewall (WAF)
Previously (i.e. yesterday), we were using the 6G Firewall. In early September, the next generation of this firewall, 7G, came out of beta. We awaited further testing in the real world before implementing it here, plus made some customizations specifically for RPLS Today. I'm happy to report that we've upgraded to 7G this morning. The new firewall is installed at the server level, stopping bad guys before they even reach the website itself. You can read more about the 7G Firewall here: https://perishablepress.com/7g-firewall/
Security Protocol Updates
We've always made a big deal out of blocking stuff from the bad guys. Or even the good guys, for that matter -- what I'm saying is, if there's a script or piece of code somewhere in the software that we use to run RPLS Today that we aren't actively using, or maybe it doesn't need to be accessed by users or guests, it makes sense to block it. There are built-in processes to block them by default, but you can never be too sure. So we've gone out of our way in this latest round of security checks and updates to ensure (then ensure again) that stuff is as protected as possible.
For the curious security nerds, here's a list of some of the implemented and/or improved security protocols:
- Disable user enumeration
- Block scanning agents
- Block software version numbers
- Block install and upgrade paths/files
- Block load-scripts concatenation
- Block OPML linking
- Block spam (even better than before)
- Block common usernames
- Guard comments and password resets
- Block bad bots
- Block bad methods
- Block bad query strings
- Block bad referrers
- Block bad requests
One More Thing...
All of my Website Care Plan clients over at Harness Media enjoy these same benefits. We don't screw around with website security. It's critical that your business' website stay secure, especially in this current client of cyber attacks, spamming, scamming, etc. In fact, having good security protocols in place at the server level actually improves page loading times as well, since we are blocking visits by the bad guys before they even reach your website.
If you wish to host and maintain your own website, I've put together a free ebook entitled, Five Essentials For Keeping Your Website Safe, which you can download here: https://harnessyourwebsite.com/five-essentials-for-keeping-your-wordpress-website-safe/
And yes, I did get approval to post this advertisement. 🙂
And yes, I did get approval to post this advertisement.
It's not just great to have a sense of humor, it's essential!