Skip to content
WordPress Hardening And Optimization

WordPress Hardening & Optimization Checklist

A minimal checklist for hardening (securely configuring) and optimization of a WordPress website is provided below. Hardening (secure configuration): Always keep the operating system of the server where the WordPress website is hosted up to date.Install and configure an application firewall (Wordfence plugin can be used).Install an SSL certificate, deactivate HTTP, and redirect all traffic to HTTPS.Change the URI of /wp-admin/ to something less obvious (WPS Hide Login plugin can simplify the job).Add a 404 page not found and redirect…

Read more

Identification Of Software Security Vulnerabilities

Classification and identification of software security vulnerabilities is not often easy and to facilitate it here I present a reference model, databases, metrics, and relationship between CVE, CVSS, CWE, CWSS, OWASP, and SANS standards. Many organizations and communities create and maintain a wide range of standards, databases, metrics, and classifications in order to identify, describe, publicize, and assess the severity of software vulnerabilities. Because of this plethora of entities and information, it is frequently difficult to understand the distinctions and relationships…

Read more
Software Security

Software Security Introduction

Software security is critical to keeping information secure and achieving the desired level of cybersecurity, and this can only be accomplished by implementing the appropriate security and specialized practices at all stages of the software development life cycle (SDLC). We are surrounded by interconnected computers (including embedded systems) that run software that can be exploited for unintentional or malicious use, causing serious damage to society or business. Network security is ineffective at reducing the risk of these threats, and software…

Read more