Wordfence: Site Compromised

So, while I’ve been busy hardening my blog site blog.udance.com.au, by stealth, hackers appear to have been busy on the WordPress site attached to the main domain udance.com.au. The tell-tale signs suggest that the site appears to be compromised. As there’s no content yet on this site, the easiest thing to do is blow it …
Continue reading Wordfence: Site Compromised

WordPress: A Disaster Recovery Strategy

The infographic below describes a streamlined approach to WordPress disaster recovery that minimises the room for error, and maximises the chances of fully restoring a WordPress site under a wide range of WordPress disaster scenarios. I’ve tested the approach against my own blog site and apart from a minor tweak of WP Super Cache, a WordPress …
Continue reading WordPress: A Disaster Recovery Strategy

WordPress Plugin: Wordfence logging lots of failed login attempts

It’s scary to see a WordPress site being probed for vulnerabilities Dashboard > Wordfence > Tools > Live Traffic Most are for invalid users blog and admin. As part of tuning Wordfence, block these immediately Dashboard > Wordfence > All Options > Brute Force Protection Activity detail reflects the change:

WordPress Plugin: A Marriage made in Heaven for UpdraftPlus and FreeNAS

The goal here is to use FreeNAS storage to store UpdraftPlus backups of WordPress sites. Local user authentication is assumed for FreeNAS. Outline of the basic steps: A. Set up the UpdraftPlus storage root. Set aside storage space on FreeNAS for UpdraftPlus. Create the UpdraftPlus user and group on FreeNAS. Configure and start the FTP …
Continue reading WordPress Plugin: A Marriage made in Heaven for UpdraftPlus and FreeNAS

WordPress Plugin: WP Super Cache

When installing and activating, you will see the following errors: Assuming your jail name is wordpress, enter the jail from a terminal iocage console wordpress. To resolve the first issue, enter the following commands in the terminal: cd /usr/local/www/wordpress/wp-content cp plugins/wp-super-cache/wp-cache-config-sample.php wp-cache-config.php chown www:www wp-cache-config.php Refreshing WP Super Cache on the dashboard: Edit wp-config.php ee …
Continue reading WordPress Plugin: WP Super Cache

WordPress Plugin: File Manager – Vulnerability

September 2020 was a bad month for WordPress websites running File Manager. You can read all about it in the article Hackers are exploiting a critical flaw affecting >350,000 WordPress sites. So, a couple of nights ago I was posting in the support forum for the WordPress Plugin: Wordfence Security – Firewall & Malware Scan …
Continue reading WordPress Plugin: File Manager – Vulnerability