Finally, after much deliberation, I decided to move my blog to https. For the past few months I had encountered articles pointing that google gives a higher ranking for sites served over https. I had decided against https as I was afraid it may slow down by blog. However, the following message from google forced me to take the issue seriously and finally move to https.
Read More
Tag: security
A Complete Guide on WordPress FileSystem Permissions and Ownerships
WordPress is a CMS platform that keeps on dictating the trend for all the obvious reasons. The ease with which it lets users achieve higher goals for their site and embed new capabilities to make it stand out, is something that’s difficult to find in any other CMS out there. But, irrespective of its blockbuster features, WordPress can be easily beleaguered with security attacks. Cyber criminals out there can drive ways to leave out rough spots to cripple the legitimacy of your site. As the tools used to hack a website have evolved, security has become a primary concern for most website owners.
Read More
Integrating Googles new reCAPTCHA in PHP
For the past several years Google’s reCAPTCHA has helped verify that a user is not a bot by forcing you to decipher warped text. reCAPTCHA’s method of protecting websites from spam has always been a kind of burden on the end user who has to solve the captcha to prove that he is human and not a bot.
Read More
Building a simple Node.js crypto hash server
The Crypto module is one of the important modules available for Node.js, and allows you to use it for encrypting content, creating digests and creating public-key signatures. In this post we will work with creating a simple message digest from some given content. Here we will create a Node.js server that responds with a cryptographic hash for the content provided. e.g if we query with the following url, passing the text helloworld and the hash function name md5 the server will return the digest of the text. Note that the crypto module requires OpenSSL to be available on the underlying platform. Although a toy program, this is an exercise in using the ‘crypto’ and ‘querystring’ modules.
Read More
Changing WordPress admin login error message
It can be surprising how easy it is to overlook security issues in software design. WordPress for example, after all the versions, still displays login error information that can be informative for a potential hacker. Rather than displaying a generic login error message, WordPress admin specifically displays whether a ‘username’ was entered wrong or a ‘password’ as the following screenshot shows.
Read More
WordPress plugins to check for security threats
With WordPress installations on the rise, security threats are a common concern for users. Below is a small collection of WordPress plugins that I found adequate for use on most WordPress installations to keep security in check. As always security is not 100% achievable, but the following plugins will help you find any loopholes in your site and help you monitor for any security breaches.
Read More