Comments on: How to protect WordPress blog from hackers http://segala.com/blog/how-to-protect-wordpress-blog-from-hackers/ Enabling a Reliable, Consistent and Trusted Experience Sat, 22 Nov 2008 01:35:12 +0000 http://wordpress.org/?v=2.6.2 By: Kamrul http://segala.com/blog/how-to-protect-wordpress-blog-from-hackers/#comment-225446 Kamrul Mon, 10 Dec 2007 11:12:16 +0000 http://segala.com/blog/how-to-protect-wordpress-blog-from-hackers/#comment-225446 Cheers Mike for the tip, that Jail new for me. I was familiar with Chroot though, used it in several occasion. Have to look into that Jail. Virtual filesystem becoming increasingly popular and necessary every minute. Cheers Mike for the tip, that Jail new for me. I was familiar with Chroot though, used it in several occasion. Have to look into that Jail.

Virtual filesystem becoming increasingly popular and necessary every minute.

]]> By: Mike http://segala.com/blog/how-to-protect-wordpress-blog-from-hackers/#comment-225407 Mike Mon, 10 Dec 2007 10:25:59 +0000 http://segala.com/blog/how-to-protect-wordpress-blog-from-hackers/#comment-225407 Thanks Kamrul - I should have been a little clearer by writing a "FreeBSD Jail" (http://en.wikipedia.org/wiki/FreeBSD_jail) or on other flavours of Unix a chroot (http://en.wikipedia.org/wiki/Chroot). Chroot and Jail are not the exact same thing. A chroot setup creates a virtual filesystem. For example if your website was running in /var/www/segala and you have chrooted the web server to /segala then the web server program (and any programs run by the webserver ) think that /segala is the top level directory on your filesystem. A Jail is more powerful and can be used to create virtual machines that are kept separate from each other. Thanks Kamrul - I should have been a little clearer by writing a “FreeBSD Jail” (http://en.wikipedia.org/wiki/FreeBSD_jail) or on other flavours of Unix a chroot (http://en.wikipedia.org/wiki/Chroot).

Chroot and Jail are not the exact same thing.

A chroot setup creates a virtual filesystem. For example if your website was running in /var/www/segala and you have chrooted the web server to /segala then the web server program (and any programs run by the webserver ) think that /segala is the top level directory on your filesystem.

A Jail is more powerful and can be used to create virtual machines that are kept separate from each other.

]]> By: Kamrul http://segala.com/blog/how-to-protect-wordpress-blog-from-hackers/#comment-225078 Kamrul Mon, 10 Dec 2007 03:27:56 +0000 http://segala.com/blog/how-to-protect-wordpress-blog-from-hackers/#comment-225078 Good one Mike, though I won’t exactly call it a jail  perhaps secured facility sounds better. PHP's include is just one of the many ways to do that. But first of all we need awareness and full understanding of file permission Good one Mike, though I won’t exactly call it a jail  perhaps secured facility sounds better.

PHP’s include is just one of the many ways to do that. But first of all we need awareness and full understanding of file permission

]]> By: Mike http://segala.com/blog/how-to-protect-wordpress-blog-from-hackers/#comment-224072 Mike Sun, 09 Dec 2007 12:59:02 +0000 http://segala.com/blog/how-to-protect-wordpress-blog-from-hackers/#comment-224072 Also if you can: - Have your webserver and database running in a chroot / jail. Then even if someone gets into your server they face a significant barrier to doing more damage. - The ownership of files on the webserver and the process the webserver runs on should be different. Also makes its harder for a hacker to do more damage even if they do break in. Also if you can:

- Have your webserver and database running in a chroot / jail. Then even if someone gets into your server they face a significant barrier to doing more damage.

- The ownership of files on the webserver and the process the webserver runs on should be different. Also makes its harder for a hacker to do more damage even if they do break in.

]]>