web-security   289

« earlier    

The complete guide to WordPress security
This literally isn’t the complete guide to WordPress security, because security is a continually evolving practice and not a defined and narrow set of rules.
...
we’ll keep this page up-to-date over time, and we think that it covers all the basics and lot more.

-- David Hayes
WPShout | wpshout.com | 30 jan 2018

Very complete.
4web-warriors  web-security  WordPress  wordpress-00-top  wordpress-admin  wordpress-security  type-article 
23 days ago by tometaxu
I’m harvesting credit card numbers and passwords from your site. Here’s how.
I know that sometimes my relentless sarcasm can be difficult to unravel by people on the English-learning path (and also people in need of lightening up). So just to be clear, I have not created an npm package that steals information. This post is entirely fictional, but altogether plausible, and I hope at least a little educational.
web-security 
6 weeks ago by ble
Redirecting WordPress / .htaccess / HSTS / SSL
how to. Applies to any website, not just a WordPress website.

WordPress Development Stack | wordpress.stackexchange.com | begin dec 2017
4web-warriors  HSTS  htaccess  SSL/TLS  web-development  web-security  web-server  WordPress  wordpress-development  type-discussion 
8 weeks ago by tometaxu
WordPress wp-admin https redirect loop
Some good info here and wp-config setting.

WordPress Development Stack Exchange | wordpress.stackexchange.com | dec 2014
4web-warriors  cloudflare-redirect-problem  SSL/TLS  Web  web-development  web-security  WordPress  wordpress-optimise  wordpress-plugin  wordpress-security  type-discussion 
8 weeks ago by tometaxu
'Page isn't redirecting properly' errors on wp-admin using Cloudflare
A lot of good information about the redirect problem with Cloudflare and flexible SSL.

Cloudflare Community | community.cloudflare.com | jun 2017
4web-warriors  CDN  cloudflare  cloudflare-configuration  cloudflare-redirect-problem  SSL/TLS  Web  web-development  web-security  WordPress  wordpress-optimise  wordpress-plugin  wordpress-security  type-discussion 
8 weeks ago by tometaxu
CloudFlare Flexible SSL - WordPress plugin
this is the one to prevent redirect loops when using Cloudflare's flexible ssl.

-- paultgoodchild
wordpress.org/plugins | retr dec 2017
4web-warriors  CDN  cloudflare  SSL/TLS  Web  web-development  web-security  WordPress  wordpress-optimise  wordpress-plugin  wordpress-security  type-discussion 
8 weeks ago by tometaxu
Troubleshooting flexible ssl in Cloudflare
* If you are using Flexible with Wordpress you may need to install this plugin, cloudflare-flexible-ssl, to avoid infinite redirect issue
* You will want to enable ‘Always use HTTPS’ on the Crypto tab when you are done with your testing. This saves you from creating a similar Page Rule for HTTPS.
* You may need to enable ‘Automatic HTTPS Rewrites’ on the Crypto tab for mixed content issues
* Once everything is satisfactory you should change your Wordpress URL to use ‘https’.

Cloudflare Community | community.cloudflare.com | jul 2017
4web-warriors  CDN  cloudflare  SSL/TLS  Web  web-development  web-security  WordPress  wordpress-optimise  wordpress-plugin  wordpress-security  type-discussion 
8 weeks ago by tometaxu
Using wordpress caching plugin with Cloudflare
Discussion of caching plugins, trouble-shooting.
Good info on how to check headers to see whether page is going through Cloudflare.

Cloudflare Community | community.cloudflare.com | jun 2017
4web-warriors  CDN  cloudflare  cloudflare-cache  Web  web-development  web-security  WordPress  wordpress-optimise  wordpress-plugin  type-plugin 
8 weeks ago by tometaxu
Unable to manage site after flexible SSL
About solving the mixed-content issue.

Cloudflare Community | community.cloudflare.com | jun 2017
4web-warriors  CDN  cloudflare  SSL/TLS  Web  web-development  web-security  WordPress  wordpress-optimise  wordpress-plugin  wordpress-security  type-discussion 
8 weeks ago by tometaxu
Sunny - WordPress plugin for purging Cloudflare cache
Purges cache everything rules’ caches, which the Cloudflare plugin does not.
Requires PHP 7.0 or later.

-- typisttech, tangrufus
wordpress.org/plugins | retr 26 dec 2017
4web-warriors  CDN  cloudflare  cloudflare-cache  Web  web-development  web-security  WordPress  wordpress-optimise  wordpress-plugin  type-plugin 
8 weeks ago by tometaxu
Cloudflare plugin for WordPress
Pros and cons of the Cloudflare plugin

Cloudflare Community | community.cloudflare.com | jun 2017
4web-warriors  CDN  cloudflare  SSL/TLS  Web  web-development  web-security  WordPress  wordpress-optimise  wordpress-plugin  wordpress-security  type-discussion 
8 weeks ago by tometaxu

« earlier    

related tags

4web-warriors  audit  auth0  authentication  aws  bestpractices  browser  bug-bounty  bug  cdn  challenge  checklist  china  cloud-computing  cloudflare-cache  cloudflare-configuration  cloudflare-redirect-problem  cloudflare  community  computer-security  cors  crime  crypto  csp  csrf  data-protection  development  devops  docker  ec2  encryption  exploitation  five-stars  fuzzer  golang  govtech  have-i-been-pwned  haveibeenpwned  hsts  htaccess  http  https  iam  identity  internet-control  internet-dns  internet-domain_registration  internet-freedom  internet-security  internet-surveillance  internet-vpn  internet  ios  jan18  javascript  jwt  leak  learning  lets-encrypt  login  monitoring  nginx  nist  opensource  ops  password-management  password  policy  privacy  protocol-relative-urls  remote-work  saas  secret-management  secrets  secuity  security  sri  ssh  ssl/tls  ssl  system-administration  tcpdump  tech-howto  tech-information  tech  threat-modelling  tibet  tibetan-cause  tool  toosl  type-article  type-compendium  type-discussion  type-information  type-online-tool  type-plugin  type-website  vpn  web-browser  web-building  web-decentralization  web-deployment  web-dev  web-development  web-hosting  web-performance  web-reverse-engineering  web-security__reference  web-server  web-sessions  web-tool  web  webdev  website-safety  wordpress-00-top  wordpress-admin  wordpress-development  wordpress-optimise  wordpress-plugin  wordpress-security  wordpress 

Copy this bookmark:



description:


tags: