If your WordPress site is being served by an NGINX web-server there are a couple of configuration directives you will want to add to your server configuration. If you are uncertain about how to do this, consult with your hosting provider and they can help you.
Categories for Tutorials
What is WP-Bruiser?
WP-Bruiser, formerly known as “Goodbye Captcha” is a free plugin for WordPress which blocks bot spam in your comment forms. It also has some non-free extensions which integrate with various popular contact forms and other addons to block bot spam in those as well. It does this using a clever token system which bots cannot defeat. This eliminates the need to annoy your users with a “Captcha” and presents a more professional web experience to your visitors. WP-Bruiser also includes some security features which is and what we are going to focus on today.
We know it can be difficult for many people to navigate the technology marketplace, especially if technology is not your expertise. So we have compiled a list of vendors that we can personally vouch for. Some of these links will be “Affiliate” links which means we’ll get a little credit if you sign up using our link. Those links will be marked for the purpose of full disclosure.
WordPress is the most popular and possibly best software for operating a modern website. The built in tools that it provides for free are extremely valuable for any web project. WordPress is built on top of PHP which is a “Server Side” programming language. That means when WordPress performs computational tasks it is performing them on the server, rather than in the visitor’s browser. This presents significant security risks, because hackers can exploit vulnerabilities in WordPress to take over the server, which they can then add to their botnets to perform DDoS for Hire attacks, or to act as Crypto-Miners, or to grow their BotNet by infecting the machines of your visitors.
The most important maintenance task for any website is keeping regular backups. You should be backing up your website at least every week. That might seem like a lot if your content remains static, but a well-maintained website is also going to be receiving regular updates to the WordPress core software as well as plugins, and if something breaks you will be thankful that your backup strategy was thorough.
So Many Choices
In the early days of the web there were not many considerations when planning a new site. You would simply write your content in HTML, style your site in CSS, and publish. These days we want more from a website. Complex capabilities such as secure logins, rotating graphics, shopping carts and database handling. To handle all of these requirements, we’ve created a new class of software called “Content Management Systems” or CMS for short. When you’re planning a new website there’s many different CMS available and it can be challenging to know which one you should use for your project. Developer opinions on this subject vary, however I am going to tell you that for most web projects, especially hobby blogs, business and non-profit websites, WordPress is the best choice. Here are the top 5 reasons.
There are lots of “plugins” and “applications” being sold to people these days which perform this step but they are not necessary. All you need is a small configuration edit. This works for both Apache and Nginx.