• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
WP Minder logo

WP Minder

  • WordPress Care Plans
    • Basic Care Plan
    • Advanced Care Plan
    • Premium Care Plan
    • Care Plans for Agencies
    • Compare Care Plans
  • FAQ
  • Blog
  • About
  • Contact
  • Find A Care Plan
  • Log In

firewall

Weekly Links Roundup – SEO Title, Membership Plugins, Security Plugins, Firewalls

February 9, 2018 by Debbie Campbell Leave a Comment

This week’s WordPress and web marketing links.

What’s the difference between the post title and the SEO title? Ever asked that question? Here’s a definitive explanation from Yoast.

If you’re thinking about creating a WordPress-based membership site, this is the post for you! Here’s a roundup of 15 of the top membership plugins to handle subscriptions, membership tiers and levels, payments, content restrictions and more. Personally I’m a big fan of MemberPress (which I use to run WP Minder’s membership program) – it should definitely be on this list too.

Wordfence has been my security plugin of choice for several years, but their recent redesign and changes in functionality leave a lot to be desired. Another good option is Sucuri – here’s a comparison of Wordfence and Sucuri.

While we’re on the topic of security, here’s a very fresh review of the top WordPress security plugins and services for 2018.

Let’s wander just a bit further down the security road and look at firewalls for WordPress. Best in class is Sucuri’s Web Application Firewall (which is included in WP Minder Small Business and higher plans). My experience with Sitelock support on behalf of clients was very poor and I cannot recommend them. If you want the most secure firewall for your business site and are not using managed WordPress hosting like our recommended partner WP Engine, Sucuri is the one to look at.

 

Filed Under: Security, SEO, WordPress Plugins Tagged With: firewall, membership plugins, security, seo title, sucuri, wordfence

A Quick Look at the Security Settings for Sucuri Firewall for the Non-Geek

October 6, 2016 by Debbie Campbell Leave a Comment

A lot of my clients opt to use the excellent Sucuri Web Application Firewall (WAF) with their Small Business, Business or Premium Plans. Just yesterday I had a new client request we set up a call to talk about the security options before turning on the firewall on his account. I think that’s an excellent idea (one most clients don’t inquire about) and as a result, I’m writing this post to help me get the details into an easy-to-understand format.

So here we go… first, the Sucuri WAF acts like a barrier between your site visitors and your website. It has two modes – High and Paranoid. What Sucuri says about High:

It will enable all our default security checks to prevent SQL injections, Cross site scripting, RFI, LFI, security scanners and a myriad of attacks from ever reaching your site. It will also enable our Virtual patching so if you are ever using an outdated software, it can’t be used to hack your site.

‘Paranoid’ does all that and also prevents anyone from POSTing anything to your site (it’s also called ‘lockdown mode’ ).

Some of the advanced options are a bit confusing, so here’s an attempt at simplification…

  • Restrict the admin panel to whitelisted IP addresses – this is great if you’re not running a membership or ecommerce site where you allow visitors to sign up and login. Basically, you supply a list of IP addresses for legitimate backend users. You can get a URL that will instantly add the user’s IP address to the whitelist (distribute this with care).
  • XMLRPC, Comments and Trackbacks blocked – if you don’t allow comments or use an external comment system like Disqus, turn this on. It will block any comment attempts.
  • Stop upload of PHP or executable content – as long as you don’t allow uploads of scripts or code, turn this on. It will block those attempting to load scripts on your site.
  • Enable Emergency DDoS protection – if your site’s experiencing a DDoS attack you can turn this on temporarily, it prevents anyone not using Javascript from reaching your site.
  • Block anonymous proxies and the top three attack countries (China, Russia and Turkey) – if your logs show repeated visits from these three countries, turn this on (unless of course you sell to or are in these countries). Visitors from them can see all content but can’t create an account or login.

Other things you can do with WAF security settings:

  • Protect individual pages with a password or 2-factor authentication (like mobile phone authentication).
  • Block visitors from specific countries. You can allow them to view content but not login or post, or can prevent them from seeing the site at all.

All WP Minder Plans except the Starter Plan include Sucuri Antivirus for malware scanning and the option to use Sucuri WAF. To learn more about what WAF does, check out this page.

And for an honest review of Sucuri and its services included WAF, take a look here. I really like Sucuri, I use them myself for my own sites and feel very good about offering it to clients as an integral part of my WordPress maintenance services.

Filed Under: Security Tagged With: firewall, sucuri

New Security Features for WP Minder Plans!

February 20, 2016 by Debbie Campbell Leave a Comment

Keeping your site safe!Our Small Business, Business and Premium Plans now come with additional security features from Sucuri.

Our malware monitoring is the same as before – your site is scanned continuously for malware and hacks, plus your site is checked against the biggest blacklists. Cleanup of malware and removal from blacklists continue to be key features.

The new offering we’re now including is Sucuri’s CloudProxy Firewall. Having a firewall in place lessens the likelihood of being hacked in the first place! The firewall protects against:

  • Brute force attacks (an antiquated attack that involves trying all possible combinations of usernames and passwords against your login page)
  • DDoS attacks which throw 10x, 100x or 100,000x more traffic at your site than normal
  • Exploits of insecure code, including Zero Day vulnerabilities

A side benefit of the cloud-based firewall is an included CDN (content delivery network). The CDN can dramatically increase performance as your site files are stored in high-performance servers worldwide – users access the files closest to them, which means faster loading times.

The CDN is highly configurable; you can choose to exclude specific directories, minimize the caching time to just a few minutes, or not use it at all. You’ll have the ability to clear the cache at any time.

Filed Under: News Tagged With: cdn, firewall, malware, security, sucuri

Primary Sidebar

Categories

  • About WordPress
  • About WP Minder
  • Blogging
  • Design
  • Ecommerce
  • Hosting
  • Legal Issues
  • Maintaining WordPress
  • Managing Content
  • Maximizing Your Business Website
  • Monetizing WordPress
  • Multisite
  • News
  • Online Marketing
    • Email Marketing
    • Podcasting
    • Social Media
  • Performance
  • Privacy
  • Productivity
  • Resources
  • Security
  • SEO
  • User Experience
  • WordPress Plugins
  • WordPress Problems
  • WordPress Themes
  • WordPress Tutorials

Footer

iubenda Certified Bronze Partner
Cloudways Agency Partner

From the Blog

  • WordPress 6.0 Due Out Today

  • Excluding WooCommerce Pages from Caching

  • The Latest US Privacy Law News

Latest WordPress Security Alerts

  • The Importance of Website Logs
    on August 11, 2022
  • Fake Instagram Verification & Twitter Badge Phishing
    on August 9, 2022
  • How to Create Secure Passwords for Your Website in 6 Easy Steps
    on August 4, 2022
© Copyright 2022 WP Minder · All Rights Reserved · Privacy · Terms · Affiliates
We use cookies on our site to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept," you consent to the use of ALL cookies.
.
Manage Cookies >Accept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
Powered by CookieYes Logo
WP Minder logo
  • WordPress Care Plans
    • Basic Care Plan
    • Advanced Care Plan
    • Premium Care Plan
    • Care Plans for Agencies
    • Compare Care Plans
  • FAQ
  • Blog
  • About
  • Contact
  • Find A Care Plan
  • Log In