Adventures in Cloud Security

Malicious hackers have made computer security breaches a constant concern.  Groups like Anonymous have shown that even some of the most secure networks in the world are vulnerable to attack.  When I bought the domain it occurred to me that there is always the possibility that someone could break into my website.  To keep costs low for the site I picked a host that uses shared hosting.  There is nothing I can do to improve the security of the server itself.  The only action I can take is to make sure that my password for cPanel is secure.  My hosting provider was hacked some time ago before I was a customer and I can only hope they’ve learned their lesson and keep a better eye on security.

To protect the site I set up two cloud based security measures.  The first tool is CodeGuard.com.  CodeGuard backs up my site daily using delta backups to minimize storage consumption.  This protects the content of the site if my server is hacked or taken offline.  The second tool I’m using is CloudFlare.com.  CloudFlare is a content delivery network and security service.  CloudFlare is installed by changing the name servers for the site.  This means that all visitor traffic to my site passes through CloudFlare’s security screen first.  All the reviews I read about CloudFlare before I set it up were amazingly positive.  This company has the chance to turn the tide in the internet security war.  The content distribution portion of CloudFlare is an added bonus that speeds up loading times.

The other set of security measures I set up were meant to protect the blog as well as the other modules of the site, forum and photo gallery.  WordPress has made a lot of improvement in the inherent security of the software over the years.  That being said, there is still some vulnerability.  There are two plugins I installed to protect the blog.  First, I installed BulletProof Security (BPS).  BPS modifies the .htaccess files to prevent hackers from accessing certain portions of the site.  It was a little complicated to set up but I have a lot of confidence in the security it provides.  The second plugin I installed was Better WP Security.  This plugin automates backups of the WordPress MySQL database and monitors the files in the WordPress directory for changes.  In addition, the plugin also prevents brute force login attacks on the blog and prevents attackers for scanning through the blog for vulnerabilities.  The last security measure is probably the simplest of all, make sure the software is running the most current version.  WordPress makes updating painless.  phpBB hasn’t needed to be updated yet but I think the process is also automated.  Coppermine photo gallery is the one that is difficult to update but it’s still not too bad.

I put links at the bottom of my homepage to support the companies that have provided the tools to build this site.  Check them out.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.