Install Suhosin php5-fpm Security for WordPress

Suhosin hosted on github is PHP security extension. Suhosin can protect you from insecure code and possible buffer overflows. Install Suhosin on your VPS or dedicated server only takes a few minutes and could protect you from poorly coded WordPress plugins. This tutorial was tested on Debian 7 (Wheezy), 8 (Jessie) and Ubuntu 14.04 (Trusty) … Learn more…

Cache WooCommerce Currency from GeoIP with Varnish 4 vmod

Aelia Currency Switcher allows WooCommerce and Easy Digital Downloads online business owners to display their products in different currencies depending on the visitor’s geolocation. It works by probing each visitor’s IP address and setting the currency based on their country, city or other parameters the business owner has chosen to decide the currency. I had a long … Learn more…

Protect WordPress wp-login with nginx HTTP Auth + fail2ban

Protecting wp-login.php for WordPress is essential for brute force protection from hackers. Most WordPress administrators will use a plugin like All-in-One Security (recommended) or Wordfence to block users who are making excessive login attempts. The problem with the plugin technique is that these brute force protection methods are still expensive for your web server. When a user … Learn more…

Install WPScan on Debian 8 for WordPress Vulnerability Scanning

WPScan is a WordPress vulnerability scanner written in Ruby. It is sponsored by Sucuri and hosted on github. Using its security vulnerability database for WordPress core, plugins and themes it will provide a report on your site’s known security problems which can be exploited by hackers. Install WPScan dependencies for Debian 8 Install the WPScan … Learn more…