Web Hosting And Web Servers Archives

OSSEC FOR WEBSITE SECURITY: PART III – Optimizing for WordPress

By Tony Perez | December 13, 2018

The previous OSSEC articles went through through the process of installing OSSEC and deploying a distributed architecture. This article will focus on configuring OSSEC to make better sense of WordPress activity. WordPress is a powerful open-source Content Management System (CMS). Its biggest security weakness has always been its biggest blessing – its extensibility (e.g., plugin,…

OSSEC For Website Security: PART II – Distributed Architectures Using Agents and Managers

By Tony Perez | November 30, 2018

This article assumes you already have OSSEC deployed. If you need a refresher, refer to the Part I of OSSEC for website security, written March 2013. OSSEC is popular open-source Host Intrusion Detection System (HIDS). It was founded by Daniel Cid, and currently maintained by a very large community of security professionals. Please note that…

How HTTPS Works – Let’s Establish a Secure Connection

By Tony Perez | October 28, 2018

The need to use HTTPS on your website has been spearheaded by Google for years (since 2014), and in 2018 we saw massive improvements as more of the web became encrypted by default. Google now reports that 94% of its traffic on the web is now encrypted. What exactly does HTTPS mean though? And how…

Automattic’s Push into Managed WordPress and It’s Potential Impacts to the Hosting Ecosystem

By Tony Perez | August 7, 2017 |

The Managed WordPress ecosystem welcomes a new entrant – Automattic. Today they officially announced that WordPress.com Business now supports plugins and third-party themes. I am fascinated by the move because I believe it to be an obvious impact to the Managed WordPress ecosystem. In the interest of full disclosure, I work in the security division…

VPS vs Shared Hosting – Which is more secure?

By Tony Perez | August 19, 2015

The world of hosting is complex, it’s further complicated when you throw security into the mix. A few months back I wrote an article on the delicate line between where the hosts security responsibility begins, and where yours, as the website owner, is required. That however did not address one key question – Which hosting…

OSSEC: Stop Agent Email Notifications from Being Grouped

By Tony Perez | August 22, 2013

This a quick post, for those of you that manage multiple agents under your manager, there might be instances where your email notifications will group different agent notifications together. This has to do with two things: Number of emails sent in an hour Grouping setting is On Default Max Emails By default, OSSEC has a…