ConfigServer Security & Firewall (CSF) is a stateful packet inspection (SPI) firewall and front-end manager for iptables. CSF is a more advanced alternative to APF and has integrations for Vesta Control Panel, Webmin, and more. Below we cover how to install CSF on Ubuntu and complete basic tasks such as manage ports, configure Login Failure Read More >
Search Results for: security
Add Feature-Policy in Drupal 8 with the Security Kit Module
The Feature-Policy HTTP header specifies what browser features can be used on a website and its <iframe> elements. The most common browser features among a long list are autoplay (for videos), camera, fullscreen, and microphone. Below we’ll cover how to install the Security Kit module in Drupal 8 and enable Feature Policy. Get high performance Read More >
DNSSEC in cPanel Managed Servers for Better Security
cPanel now supports DNS security extensions (DNSSEC) with PowerDNS. DNSSEC signs the DNS path for authentication to protect visitors from DNS spoofing and other man-in-the-middle (MITM) attacks. It’s worth the time to configure if your top-level domain (TLD), domain registrar, and web server support DS records. You can check to see if your TLD supports Read More >
Add X-Frame-Options in Drupal 8 with the Security Kit Module
The X-Frame-Options HTTP header specifies whether your Drupal website can be displayed within other websites with the <frame>, <iframe>, <object>, or <embed> HTML tags. This improves Drupal security against clickjacking and related cyber attacks. Below we’ll cover how to install the Security Kit module and enable X-Frames-Options. Mozilla recommends using the superseding Content Security Policy Read More >
Add HSTS in Drupal 8 with the Security Kit Module
Adding HSTS (HTTP Strict Transport Security) in Drupal 8 forces web browsers to only load your website with a valid SSL certificate. This improves Drupal security against downgrade attacks and similar man-in-the-middle (MITM) attacks. HSTS is similar to a HTTP to HTTPS redirect but within the browser. Below we’ll cover how to install the Security Read More >
Add Content-Security-Policy (CSP) in Drupal 8
The Content-Security-Policy Drupal module helps you configure a Header set Content-Security-Policy header to specify what sources your website should load scripts from – (e.g. your own website, embedded YouTube video, and analytics trackers). This forces supporting web browsers to ignore other external requests to mitigate cross-site scripting (XSS) and other code injection attacks. There are Read More >
WP Cerber Security Site Integrity
The WP Cerber WordPress plugin includes a manual scanner to check vulnerabilities and recently changed files within your WordPress site, plugins, and themes. Do this regularly for assistance logging changes within your WordPress root directory. Site Integrity Log in to your WordPress dashboard. Hover over WP Cerber and click Site Integrity. Click Start Full Scan. Read More >
How to Set WP Cerber Security Notifcations
In this article: WP Cerber Notifications Strong Email Authentication Your website truly is more secure with VPS Hosting. cPHulk brute force protection, ConfigServer and Firewall (CSF), and Scheduled cPanel backups safeguard your data and peace of mind in various ways. Yet those tools have one important thing in common with the WP Cerber Security plugin Read More >
WP Cerber Security Hardening Options
With WP Cerber Security having so many features, it can replace other single-purpose WordPress security plugins you may have installed. It can set up a maintenance page for when your website is under construction. It has an access control list (ACL) and custom email notifications. WP Cerber Security includes many other features as smaller “hardening” Read More >
WP Cerber Security Antispam and Bot Detection Settings
In this article: Antispam Settings reCAPTCHA As we stated when covering WP Cerber Security hardening options, the plugin can replace other WordPress security plugins. In that article, we discussed replacing the maintenance page as an example. This time we replace the WordPress Heartbeat API and reCAPTCHA plugins. WP Cerber Security has an antispam engine to Read More >
WP Cerber Security Tools
In this article: Export & Import Settings Diagnostic Info Logs Plugin Update Changelog License for Paid users These tools display info for troubleshooting and options for plugin setup. The WP Cerber Security WordPress plugin is a versatile security suite including an IP access list, automated email notifications, and other restriction settings to name a few. Read More >
How to Manage ConfigServer Security & Firewall (CSF) Profiles
In this article: Backup Restore Compare Configurations It behooves managed VPS with cPanel (or unmanaged VPS) and Dedicated server administrators to understand backup options available within WebHost Manager (WHM): cPanel, website, database, WHM-scheduled backups, and Softaculous backups. There’s also Snapshots in your Account Management Panel (AMP). If you’re auditing logs for how well your security Read More >
How to View Listening Ports with ConfigServer Security & Firewall (CSF)
In this article: View Listening Ports Related Tasks Whether you’re working toward PCI compliance or general server hardening, closing unneeded open ports is an important step for improved performance and security. WebHost Manager (WHM) has many security features available to help you achieve these goals. ConfigServer Security & Firewall (CSF) software has multiple capabilities which Read More >
Using Backups and Security within Jetpack Professional
Two of the most essential needs for a WordPress site are backups and security. The Jetpack Professional subscription includes both of these options within its interface. The security and backups are managed through an Automattic plugin called VaultPress. All files within WordPress are scanned and kept secure with a powerful and flexible backup service. Additionally, Read More >
How to Modify WP Cerber Security Access Lists
In this article: Ensure IP’s Detected Correctly Edit Access List Whitelist from Activity Page Allow only specified IPs Access control lists are one of many ways to block malicious activity, protect data, and save server resources. WP Cerber’s white list allows IP’s to bypass spam check, country geofencing rules, and two-factor authentication. Cerber’s black list Read More >
How to Configure Security Notifications in Sucuri for WordPress Hosting
In this article you can learn more about: This article describes the Sucuri plugin for WordPress and how it may be used to add security to your website. It also explains the various security alerts settings. NOTICE: Sucuri for WordPress is just one way to secure your website’s data. Check out the many features WordPress Read More >
Sucuri for WordPress Hosting: Security Activity Auditing
In this article This article describes how to leverage the Sucuri plugin for WordPress Hosting to audit security activity. It also describes the benefits of using this plugin to secure your WordPress website. NOTICE: Sucuri for WordPress is just one way to secure your website’s data. Check out the many features WordPress Hosting by InMotion Read More >
AMP Security Features
The security of your hosting account begins in your Account Management Panel (AMP). And the great thing is, you can give yourself a complete security check-up by just following these steps: Update your username and password regularly Enable two-factor authentication Use account verification for support contacts Reset your root password (advanced) How to Update Username Read More >
How to Resolve Site Health Security Issues
WordPress 5.2 release‘s new Site Health feature finds free ways to enhance website security and performance. Improving security doesn’t require extensive reading and configuration. Sometimes, it’s as simple as minimalism and removing what you don’t need. Psst! Want more speed with no complexity? Check out our Nginx-powered WordPress Hosting with our user-friendly Cache Manager. Below Read More >
AMP Security – How to Enable Two Factor Authentication
Your Account Management Panel (AMP) has just got a security upgrade. You can now add an extra layer of security via Two Factor Authentication, or 2FA. In this article, we’ll explain: With all this information available to you, you’ll see why enabling Two Factor Auth will make your security life easier all around. Increase Security Read More >
