Category: Security

Keeping safe

How to Fix ERR_TOO_MANY_REDIRECTS on Your WordPress Site

We come across a lot of different errors here at Kinsta, and ERR_TOO_MANY_REDIRECTS (also known as a redirect loop) is one we see on a regular …

The post How to Fix ERR_TOO_MANY_REDIRECTS on Your WordPress Site appeared first on Kinsta Managed WordPress Hosting.

How to Check Integrity of File and Directory Using “AIDE” in Linux

In our mega guide to hardening and securing CentOS 7, under the section “protect system internally”, one of the useful security tools we listed for internal system protection against viruses, rootkits, malware, and detection...

What goes into protecting your credit card information on the web?

*  This post was originally posted on November 28, 2014, and has been updated for accuracy.  Purchases happen with the click of a button, a swipe of a finger, or simply, no human interaction at all. Whether it’s our monthly subscription to Netflix, the plane tickets that just went on flash sale, or the book that we purchased with Prime shipping, our request for immediacy and automation has placed our credit card information all over …

How to Configure Basic HTTP Authentication in Nginx

Basic HTTP authentication is a security mechanism to restrict access to your website/application or some parts of it by setting up simple username/password authentication. It can be used essentially to protect the whole HTTP...

3 Ways to Prevent Email Abuse

*  This post was originally posted on July 12, 2016, and has been updated for accuracy.  Over 100 billion emails get sent per day. Everything from out-of-office alerts to billing summaries gets transferred across the web, from server to server. While we expect the things we send and deliver to remain secure, we know it isn’t always the case. There are various ways mail servers can be compromised, however, there are also …

How to Lock User Accounts After Failed Login Attempts

This guide will show how to lock a system user’s account after a specifiable number of failed login attempts in CentOS, RHEL and Fedora distributions. Here, the focus is to enforce simple server security...

How to Enable or Disable SELinux Boolean Values

Security-Enhanced Linux (SELinux) is a security mechanism for mandatory access control (MAC) implemented in the Linux kernel. It is a flexible operation designed to boost overall system security: it enables access controls imposed using...

H

How To Protect Hard and Symbolic Links in CentOS/RHEL 7

In Linux, hard and soft links are referenced to files, which are very important, if not protected very well, any vulnerabilities in them can be exploited by malicious system users or attackers. A common...

TMOUT – Auto Logout Linux Shell When There Isn’t Any Activity

How often do you leave a Linux system idle after login; a situation which can be referred to as an ‘idle session’, where you are not attending to the system by running commands or...

How to Protect Images On Your Site (+ What To Do After Theft)

Unfortunately, as the internet grows, image theft becomes more and more common. As a content creator ourselves, we have to deal a lot with this reoccurring …

The post How to Protect Images On Your Site (+ What To Do After Theft) appeared first on Kinsta Managed WordPress Hosting.

How to Stop a DDoS Attack in Its Tracks (Case Study)

In our last case study, we showed you how we cleaned up a negative SEO attack on Kinsta. Today we are going to show you some …

The post How to Stop a DDoS Attack in Its Tracks (Case Study) appeared first on Kinsta Managed WordPress Hosting.

WordPress 4.7.4 and the ‘noopener noreferrer’ attribute

Some of you may have noticed that after you upgrade to WordPress 4.7.4, when you edit a post using the visual editor tab and add an internal link (a link… More »

Email Authentication – Don’t Let Your Emails End Up in Spam

The dreaded spam folder. One thing all businesses try to avoid when it comes to sending out emails. Winding up in the spam folder can drastically …

The post Email Authentication – Don’t Let Your Emails End Up in Spam appeared first on Kinsta Managed WordPress Hosting.

How to Safely Enable WordPress SVG Support (2 Simple Clicks)

SVG is an XML-based vector image which is commonly used by websites and brands to display logos and icons on their websites. The main reason they are …

The post How to Safely Enable WordPress SVG Support (2 Simple Clicks) appeared first on Kinsta Managed WordPress Hosting.

Why Premium DNS is No Longer Optional

You’ve probably heard the term “premium DNS” thrown around before and maybe you didn’t give it a second thought. Most people know that using a premium …

The post Why Premium DNS is No Longer Optional appeared first on Kinsta Managed WordPress Hosting.

WordPress Security – 19+ Steps to Lock Down Your Site

When it comes to WordPress security, there are a lot of things you can do to lock down your site to prevent hackers and vulnerabilities from …

The post WordPress Security – 19+ Steps to Lock Down Your Site appeared first on Kinsta Managed WordPress Hosting.

How to Secure Network Services Using TCP Wrappers in Linux

In this article we will explain what TCP wrappers are and how to configure them to restrict access to network services running on a Linux server. Before we start, however, we must clarify that...

An Overview of TLS 1.3 – Faster and More Secure

It has been over eight years since the last encryption protocol update, but the final version of TLS 1.3 has now been published as of August 2018. …

The post An Overview of TLS 1.3 – Faster and More Secure appeared first on Kinsta Managed WordPress Hosting.

4 Useful Tips to Secure PhpMyAdmin Login Interface

Normally, advanced users prefer to use and manage MySQL database management system from its command prompt, on the other side, this method has proved to be a great challenge for relatively new Linux users....

How to Disable root Login Access to PhpMyAdmin

If you are planning on using phpmyadmin on a regular basis to manage your databases over the network (or worse, over the Internet!), you don’t want to use the root account. This is valid...