Hardening WordPress – PHP Configuration

WordPress is written in PHP. In order to properly secure WordPress one needs to ensure that your server’s global PHP settings are configured in a secure manner in order to mitigate any security risks that may exist. In a shared … Continue Reading

Featured Post

WordPress Security – Setting File Permissions

Why Correct File Permission Settings are Important WordPress is a very popular platform for building websites.  WordPress sites could make up anything from 15% to 23% of sites on the Internet depending on where you get your statistics from. This … Continue Reading

Featured Post

Azure Security Center – Setting Security Policies

As per my previous overview post on Azure Security Center, this Azure service provides and overview of the security state of Azure apps and services running on a specific subscription. The power of Azure Security Center is only unleashed when … Continue Reading

Featured Post

Configuring SendGrid for WordPress on Azure

If you utilize Azure as your hosting provider for WordPress, you will need to configure an SMTP service so that your site can send outgoing email. Why would you need an SMTP service? Without this service proactively managing your site … Continue Reading

Featured Post

Case Study – Cost Effective Website Security

I manage several websites and generally follow industry standard practices to secure and harden these sites. I believe in ‘Defense in Depth’ and so I deploy several security focused products and services which focus on web applications. As many of … Continue Reading

Featured Post

Azure Security Center – Getting Started

How safe is my data and how secure are my applications in the cloud? This is one of the first questions many organizations ask when they first start investigating migrating data, applications and workloads to public cloud infrastructure. Securing data … Continue Reading

Featured Post

Yahoo – A Quantifiable Cost for a Data Breach

Yahoo posted a security advisory on December 14th, 2016 advising all users of a second data breach. This breach has resulted in a data compromise of over 1 billion user accounts and could cost Yahoo’s shareholders dearly. Second Data Breached … Continue Reading

Featured Post

Input must be of the form {key =”value”[;key=”value”]}

As part of my investigation into Microsoft’s new Nano Server I hit an unusual WinRM error that had me going round in circles for quite a while. I finally figured out what the issue was and decided to post this … Continue Reading

Featured Post

Creating an SMTP Service on Windows Server 2016

From time to time you may need an SMTP service to relay mail from an internal application. I generally create these services for applications which only need to send mail from an internal network segment. A good example would be … Continue Reading

Featured Post