Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
> It is not actually that hard to run Wordpress securely. Stick to supported plugins and themes, and install security patches quickly when they are released.
Depending on your site's functionality, it may also be possible to run a static WP site:
* https://wordpress.org/plugins/simply-static/
* https://wp2static.com
You do all your regular updates via the CMS, but, instead of putting the dynamic site on the public Internet, you generate static files and point your public web server's HTML rootdir at those.
If you are stuck on wordpress, consider using a static export plugin like wp2static [1]. I have been playing around[2] with a setup where the normal WP UI is protected behind HTTP Basic Authentication, and wp2static exports the public snapshot
[1] https://github.com/WP2Static/wp2static
[2] https://github.com/jessopb/wp_d_rymcg
I wonder if Snuffleupagus can block this exploit.
https://snuffleupagus.readthedocs.io/
Related posts
- Snuffleupagus – security module for PHP – killing bug classes and patching bugs
- Any reviews of Snuffleupagus based on actual experience?
- Snuffleupagus - Security module for PHP. Killing bugclasses and virtual-patching the rest.
- Bulletproof at home hosting?
- Snuffleupagus 0.7.0 is released, with PHP8 support