Server security sounds so stark-staring staid. It is. Until you get hacked.
Let’s be frank, understanding server security is something we tend to try to avoid. Why? How much time do you spend securing a PC? I’ll bet quite a lot, especially if the OS happens to be Windows. And if it’s Linux or a Mac, likely you upgrade your packages, what, twice or thrice a week? Is a server, hosting anything from creative instinct to an online business, any less important?
wpCop's Server section explains and implements, near as damn it, each and every defensive technique. It's written to be accessible, not just another geeky insider guide. Tell me, please, if you disagree.
- The server security basics guides cover must-know info for site admins
- The server networking guides shield a server from online attacks
- Defense in depth caps security with more tripwires and alert systems
WordPress Server Security: Need-to-Know
WordPress Server Security: Network Defense
The networking guides collectively shield the server from network attacks by toughening admin access, adding a firewall, closing ports and restricting PHP and MySQL.
WordPress Server Security: Defense in Depth
Do I really need to know all this?
While an overall awareness is important, the benefit of many of wpCop's server guides will depend on your hosting type.
If you’re using wordpress.com, for instance, then the server security is looked after by Automattic and these pages become largely academic. If you’re running on a shared hosting plan, on the other hand, then there’s quite a lot you can and should do, or at least to check. For those with some kind of unmanaged hosting, for instance administering a VPS, you can expect to spend a lot of time immersed in these security pages.
In any case, it’s at least a good idea to scan these server guides, just for fun. 😉