Securing a WordPress installation

WordPress is the most popular blogging and CMS system on the Internet which makes it a favorite target for hackers. Having a WordPress site means that you have to take some extra efforts in order to protect your and your visitors data.

Here is a summary of the best practices for securing a WordPress, that will help you do that.

  • Keep your WordPress site and plugins up-to-date
  • Protect your WordPress Admin Area
  • Don’t use the “admin” username
  • Securing wp-admin
  • Add a Unique Database Prefix and Authentication Keys
  • Hide your username from the author archive URL
  • Limit Login Attempts
  • Secure accessing via FTP
  • Wise selection of themes/plugins
  • Ensure your computer is free of viruses and malware
  • Monitoring
  • Keep a backup Continue reading…

Installation Of PECL_HTTP extension from source code in custom PHP in Cloudlinux

 

Suppose that your linux server has PHP version selector installed and configured.

As you know alternative php5.x (while using PHP version selector) versions should load /opt/alt/php5x/etc/php.ini file and scan /opt/alt/php5x/etc/php.d directory for modules::

====
Configuration File (php.ini) Path /opt/alt/php5x/etc
Loaded Configuration File /opt/alt/php5x/etc/php.ini
Scan this dir for additional .ini files /opt/alt/php5x/etc/php.d
additional .ini files parsed /opt/alt/php5x/etc/php.d/alt_php.ini
====
Those are default locations for alt-php.

Steps in installing pecl http package in cloudlinux platform:

1. Download the pecl_http package from pecl website http://pecl.php.net/package/pecl_http and compile it.

#wget http://pecl.php.net/get/pecl_http-2.0.4.tgz

2. Extract the package
#tar -xvzf pecl_http-2.0.4.tgz

3. Now run the ‘phpsize’ command. The phpize command is used to prepare the build environment for a PHP extension

#phpize

4. Proceed with the installation of the module as below:

#./configure –with-php-config=/opt/alt/php53/usr/bin/php-config ;
# make && make install

Once the above steps are completed, the package pecl-http will be available in the server and we would need to load the extension.

Inorder to load the Http php extension, proceed as below:

1. Create a custom http.ini at location /opt/alt/php5x/etc/php.d.all and add the following lines inside that file:

#cd /opt/alt/php5x/etc/php.d.all

#vi http.ini

; Enable http extension module
extension=http.so

2. The module is loaded via /opt/alt/php53/etc/php.d in the cagefs. (CageFS is a virtualized file system and a set of tools to contain each user in its own ‘cage’. Each customer will have its own fully functional CageFS, with all the system files, tools, etc.)

The command cagefsctl –rebuild-alt-php-ini rebuilds customers alt_php.ini files,

# Cagefsctl –rebuild-alt-php-ini
The location of the file will be /opt/alt/php53/etc/php.d/alt_php.ini

4. Finally, inorder to enable the module, restart the webserver

#service httpd restart

5. Also ensure to enable our ‘http’ module from WHM as below:

1. Login to WHM and proceed to
Home >>Server Configuration>>CloudLinux LVE Manager

2. Select the ‘Selector’ tab

3. Enable the checkbox near the ‘http’ module, after selecting the appropriate PHP version from the drop down menu near ‘Choose default modules for’

Now the PHP-HTTP extension will be available for the PHP version 5.x and we could test the same by creating a sample phpinfo page in any account that uses the php5.x version.