Mounting /proc with hidepid under Ubuntu

On most Linux systems, anyone can see everyone else’s processes, running commands, and so on. This can be achieved by simply issuing a ps ax or similar. The same applies to the process monitor command “top”. In certain circumstances, you may want to avoid this. …

Read more

Fail2WP for WordPress updated to 1.1.0

Fail2WP for WordPress 1.1.0 has been released with fixes, new functionality, and verified compatibility with WordPress 5.7. The updated version is available via the WordPress Plugin repository and Fail2WP provides security functionality for WordPress sites and plays nicely with Fail2ban and Cloudflare too 🙂 …

Read more

Apache goodies for WordPress security

The list of things to do to harden a WordPress site with Apache is long, but some things that could be done include: FileETag None <Files wp-config.php> Require all denied </Files> <Files xmlrpc.php> Require all denied </Files> <LocationMatch “/wp-content/uploads/.*(?i)\.php$”> Require all denied </LocationMatch>