Auto Whitelist Multiple Dynamic DNS Addresses for nginx Security

Whitelisting your IP address for login pages on WordPress ensures that only your IP address can access the login page. It is by far one of the best security methods for preventing brute force attacks on your website.Previously I have shown how to whitelist a single dynamic DNS address which is great security practice for … Learn more…

Configure Automatic Security Updates with Webmin

Webmin is an indispensable tool for some WordPress self-hosters. You get a file manager, cronjob manager, can manage your nginx virtual hosts, CSF Firewall (configuration guide) and more.I always configure Webmin to automatically install security updates and notify me via email (Mailgun guide) if there are other package updates. This keeps your VPS or dedicated … Learn more…

Configure Webmin Email Alerts with Mailgun

Webmin is an awesome tool for people self-hosting WordPress on a VPS (Digital Ocean or Vultr) or dedicates server. It can help bridge the gap when moving from the chains of cPanel to a more flexible solution since you can add cronjobs, update your Linux distribution’s packages and more management tasks.I like to get email alerts … Learn more…

Automatically Back up WordPress to Google Drive WP-CLI Bash Script

Previously I have shown how to upload WordPress backups to Dropbox without a WordPress backup plugin. If your site isn’t that large than Dropbox’s free limit of 2 GB may suit your needs. However, if you have a larger site then Google Drive may be a better option since you get 15 GB of space … Learn more…

Configure WordPress wp-login + XMLRPC DDoS Protection nginx + fail2ban

I have helped many users speed up their sites by implementing server-side security to prevent XMLRPC and wp-login.php attacks. CloudFlare have blogged about XMLRPC.php as an attack vector. Basically, hacker bots scan for WordPress or WooCommerce sites and will try a senseless amount of password attempts over and over again. This can lead to your system … Learn more…