Get CMS Security Handbook: The Comprehensive Guide for WordPress®, Joomla!®, Drupal™, and Plone® now with O’Reilly online learning.
O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.
Chapter 1 Introduction to CMS Security and Operations
Educating Your Employees and End Users
Raising Security Awareness
Training on Information Security Policies
Providing a Standard Protocol for Threat Reporting
Ensuring E-mail Security
Applying Patches and Updates
Being Aware and Staying Safe
Looking at Your Site Through the Eyes of a Hacker
Steps to Gaining Access to Your Site
Using Google Hacking Tools (Dorks)
Using NMAP for Nefarious Means
Attacking and Owning the Site
Wiping Out Their Tracks
Examples of Threats
Calling into Your Office
Sending in a Trusted Friend
Using USB Keys
Indiscriminate Browsing or Instant Messaging
Vendors or External Clients/Customers as the Threat
Reviewing Your Perimeter
Using Virus Protection
Banning Passwords on Desks
Enforcing a Password Complexity and Change Policy
Policing Open Wireless
Tools for Wireless Detection
How Will You Respond to an Incident?
Does Your Plan Exist?
Is the Plan Up to Date?
Where Are Your Backup Tapes, Disks, and USBs?
Chapter 2 Choosing the Right Hosting Company
Types of Hosting Available
Virtual Private Server (VPS)
Security of Data in a Cloud
Selecting the Right Hosting Option
Determining the Appropriate Server Size
Case 1: Light Website Traffic (Shared Hosting) ...