The previous OSSEC articles went through through the process of installing OSSEC and deploying a distributed architecture. This article will focus on configuring OSSEC to make better sense of WordPress activity. WordPress is a powerful open-source Content Management System (CMS). Its biggest security weakness has always been its biggest blessing – its extensibility (e.g., plugin,…

Read More

How HTTPS Works – Let’s Establish a Secure Connection

The need to use HTTPS on your website has been spearheaded by Google for years (since 2014), and in 2018 we saw massive improvements as more of the web became encrypted by default. Google now reports that 94% of its traffic on the web is now encrypted. What exactly does HTTPS mean though? And how…

Read More

Automattic’s Push into Managed WordPress and It’s Potential Impacts to the Hosting Ecosystem

The Managed WordPress ecosystem welcomes a new entrant – Automattic. Today they officially announced that WordPress.com Business now supports plugins and third-party themes. I am fascinated by the move because I believe it to be an obvious impact to the Managed WordPress ecosystem.  In the interest of full disclosure, I work in the security division…

Read More

VPS vs Shared Hosting – Which is more secure?

Website Servers

The world of hosting is complex, it’s further complicated when you throw security into the mix. A few months back I wrote an article on the delicate line between where the hosts security responsibility begins, and where yours, as the website owner, is required. That however did not address one key question – Which hosting…

Read More

OSSEC: Stop Agent Email Notifications from Being Grouped


This a quick post, for those of you that manage multiple agents under your manager, there might be instances where your email notifications will group different agent notifications together. This has to do with two things: Number of emails sent in an hour Grouping setting is On Default Max Emails By default, OSSEC has a…

Read More