My Vultr firewall group rules

A Few Steps to Secure a WordPress Site

Use a Password Manager

The very first layer of security starts with your password.

You could have the most secure server and WordPress setup ever, but if your password is “qwerty” or some other equally awful password, then all that security is for nothing.

Good passwords need to be lengthy, randomized, and every site and service you use should have it’s own unique password. Do NOT re-use passwords. Ever.

I recommend using KeePass, KeePassXC or Bitwarden.

Then the only the password you need to remember is your master password. Which should be more of a phrase than just a single pass”word”. It should be something you can remember, long, and include upper/lower case, numbers, and special characters.

All other passwords should be generated by your password manager.

Cloudflare Firewall Rules

Cloudflare provides of a number of benefits that many people probably already use such as their Content Delivery Network (CDN), DDoS mitigation, Bot filtering, and caching. All of which is offered for free!

Read More “A Few Steps to Secure a WordPress Site”

Enable DNS over HTTPS and Encrypted SNI in Firefox

In Firefox 62, Mozilla has added two new features called DNS over HTTPS (DoH) and Trusted Recursive Resolver (TRR). The ideal behind each of these features is to improve user privacy and improved performance. DNS has typically been sent over insecure HTTP allowing anyone on the wire, such as your ISP, to monitor what sites you are visiting.

Below we’ll look at how to enable TRR you can tell Firefox to make DoH it’s first choice and use the system DNS as a fallback option.

The second feature we will be enable is Encrypted SNI, which prevents others from intercepting the TLS SNI extension and use it to determine what websites you are browsing.

Read More “Enable DNS over HTTPS and Encrypted SNI in Firefox”