Category: Security

Keeping safe

How to Add an Extra Layer of Security on PhpMyAdmin Login Interface

MySQL is the world’s most used open source database management system on the Linux ecosystem and at the same time Linux newbies find it difficult to manage from the MySQL prompt. PhpMyAdmin was created,...

CVE-2016-6309 – Patching NGINX for OpenSSL Security Issues

Security is of the utmost importance to us here at Kinsta. That is one reason why we recently launched two-factor authentication to secure your Kinsta accounts. …

The post CVE-2016-6309 – Patching NGINX for OpenSSL Security Issues appeared first on Kinsta Managed WordPress Hosting.

The Importance of WordPress Two-Factor Authentication

We take security very seriously here at Kinsta and that’s why we offer two-factor authentication for all of our WordPress hosting clients. Nothing could be worse than someone …

The post The Importance of WordPress Two-Factor Authentication appeared first on Kinsta Managed WordPress Hosting.

In-Depth HTTP to HTTPS Migration Guide for WordPress

As of July 24th, 2018, Google Chrome is now be marking all non-HTTPS sites as “Not Secure.” Regardless of whether they collect data or not. This is why …

The post In-Depth HTTP to HTTPS Migration Guide for WordPress appeared first on Kinsta Managed WordPress Hosting.

How to Setup HTTPS (SSL Certificates) to Secure PhpMyAdmin Login

To introduce this tip, let’s sniff the HTTP traffic between a client machine and the Debian 8 server where we have made the innocent mistake to login using the database root user’s credentials in...

How to Change and Secure Default PhpMyAdmin Login URL

By default, the login page of phpmyadmin is located at http://<ip address>/phpmyadmin. The first thing that you will want to do is changing that URL. This will not necessarily stop attackers from targeting your...

Speed up your browsing with help from your hosts file

Web pages these days are so full of advertisements, trackers, counters, hidden pixels, it’s a wonder they load at all. And who knows what information you’re revealing about your browsing… More »

Implementing Mandatory Access Control with SELinux or AppArmor in Linux

To overcome the limitations of and to increase the security mechanisms provided by standard ugo/rwx permissions and access control lists, the United States National Security Agency (NSA) devised a flexible Mandatory Access Control (MAC)...

How to Scan for Rootkits, backdoors and Exploits Using ‘Rootkit Hunter’ in Linux

Guys, if you are a regular reader of tecmint.com you will notice that this is our third article on security tools. In our previous two articles we have given you all the guidance in...

The Mega Guide to Hardening and Securing CentOS 7 – Part 2

Continuing the previous tutorial on how to secure CentOS 7, in this article we’ll discuss other security tips that will be presented on the below checklist. Requirements The Mega Guide To Harden and Secure...

The Mega Guide To Harden and Secure CentOS 7 – Part 1

This tutorial only covers general security tips for CentOS 7 which can be used to harden the system. The checklist tips are intended to be used mostly on various types of bare-metal servers or...

Connecting to Let’s Encrypt SSL sites via cURL from MAMP

This is a brief lesson in diagnostics that some may find helpful. The Scenario I develop websites on a Mac running MAMP. On my Mac I have an installation of… More »

Lynis 2.5.5 Released – Security Auditing and Scanning Tool for Linux Systems

Lynis is an open source and much powerful auditing tool for Unix/Linux like operating systems. It scans system for security information, general system information, installed and available software information, configuration mistakes, security issues, user...

The Ultimate Guide to Secure, Harden and Improve Performance of Nginx Web Server

Based on the wonderful things you have heard about Nginx, perhaps you decided to give it a try. You may have liked it so much that are considering replacing your Apache installations with Nginx...

How to Block SSH and FTP Access to Specific IP and Network Range in Linux

Typically we all use SSH and FTP services often to access the remote servers and virtual private servers. As a Linux administrator, you must aware about how to block SSH and FTP access to...

What is WordPress XML-RPC and How To Stop an Attack

The XML-RPC implementation in WordPress allows external services and desktop clients to interact with WordPress. In this article I’ll take a look at what XML-RPC is, how it works and what the future holds once the WordPress API becomes a part of core.

The post What is WordPress XML-RPC and How To Stop an Attack appeared first on Kinsta Managed WordPress Hosting.

How to remove the security hole in WordPress comment HTML

Before reading further, you should read my earlier post, Your WordPress site comments are giving information to hackers, since this post provides a neater solution to the problem described in… More »

RHCSA Series: Mandatory Access Control Essentials with SELinux in RHEL 7 – Part 13

During this series we have explored in detail at least two access control methods: standard ugo/rwx permissions (Manage Users and Groups – Part 3) and access control lists (Configure ACL’s on File Systems –...

Your WordPress site comments are giving information to hackers

Something I recently discovered: if you run a WordPress site and make a comment on a post yourself while logged in, information relating to your username is added to the… More »

RHCSA Series: Installing, Configuring and Securing a Web and FTP Server – Part 9

A web server (also known as a HTTP server) is a service that handles content (most commonly web pages, but other types of documents as well) over to a client in a network. A...