To better secure WordPress, and access to the wp-login administration page, I will explain how to avoid attacks by Brute-Force through the establishment of new fail2ban filters.
When you arrive on the wp-login.php space, you enter your login / password, if correct, wordpress lets you enter the administration area, and writes the code HTTP/302 “redirect” in your log file “access_log”,you are redirected to the “wp-admin” folder. By cons, if you enter the wrong login / password, you stay on your wp-login page, and HTTP/200 code “OK” is registered in your access_log file.
Therefore, we will ask our fail2ban to filter the access_log file HTTP/200 codes on wp-login page of your wordpress.
Nginx is a powerful web server processing requests asynchronously. Not a memory guzzler as Apache! Nginx can be used as a web server, reverse proxy web proxy or email. It wants to be very modular.
In this article we will see how to install Nginx 1.2.7 on Centos, and some basic configurations. The purpose of this paper is to lead us to the following: installing Naxsi, a web application firewall for Nginx.
Some times ago, I bought a Raspberry Pi, so I had the idea to put up a VPN on my RPI to surf safely in public places :). So I tried OpenVPN, which is an open-source tools. It is based on OpenSSL library, the private key is shared among peers, it offers a good security level, and the client is available on multiple platforms. Here’s how to install OpenVPN on a Raspberry PI (Debian Wheezy).
Regarding the ownCloud service, where confidential data maybe stored, the first thing to do is to secure the frond end seting up an SSL security and force HTTPS connection so that your passwords do not circulate in clear text on the WWW. It’s take less than 10 minutes and that prevent some data leak.
Here is the How To :