How to avoid eBay hack attacks

Back in September, eBay made the headlines due to a number of Cross Site Scripting (XSS) vulnerabilities found on their site. Following pressure from security experts and users, a few of these vulnerabilities were patched, although eBay were quoted as saying they would not remove the active content functionality which allows such attacks. In September, […]

Read More →

WordPress Security Tips – Part 2

Be Selective When Choosing Plugins and Themes WordPress allows you to extend and customize your site with thousands of plugins and themes. While extending your site’s capabilities and customization is important, it should not come at the price of your website’s security. Even if your WordPress installation, plugins and themes are all up to date, […]

Read More →

WordPress Security Tips – Part 1

Basic Security Measures With WordPress running on 1 in 5 sites on the Internet, it is no surprise that they are a very popular target for both experienced hackers and script-kiddies alike. The following are a few measures that can be taken to address some basic security holes or malpractices that are commonly present in […]

Read More →

Top tips to secure your web server

Powering over 90% of the world wide web, Apache, IIS and nginx are considered the 3 most important web servers. They are considered to be easy to get up and running, have an active development team behind them and react quickly to security issues. Most companies running these web servers trust the communication to the […]

Read More →

Tips to harden your nginx configuration; part 2

This is the second part in the series on nginx server security. This article follows on from Part 1 with more tips on hardening your nginx configuration. 5. Make use of ModSecurity ModSecurity is an open-source module that works as a web application firewall. Different functionalities include filtering, server identity masking, and null byte attack prevention. Real-time […]

Read More →