{"id":15954,"date":"2020-07-11T03:38:34","date_gmt":"2020-07-11T03:38:34","guid":{"rendered":"https:\/\/blog.taragana.com\/?p=15954"},"modified":"2020-07-11T03:38:34","modified_gmt":"2020-07-11T03:38:34","slug":"how-i-protect-admin-interface-of-this-wordpress-blog","status":"publish","type":"post","link":"https:\/\/blog.taragana.com\/how-i-protect-admin-interface-of-this-wordpress-blog-15954","title":{"rendered":"How I protect admin interface of this WordPress blog"},"content":{"rendered":"\n<p>One of the easiest way to attack WordPress blog is by targeting some script of admin interface or by brute force attack and it has been found that having a good password is not enough. I take two additional steps to protect my admin interface from even the most determined hacker while allowing access to the editors and authors.<\/p>\n\n\n\n<p>The first step is to enforce a password at proxy (<code>haproxy<\/code>) level. This is in addition to regular WordPress password and forms a gateway before WordPress admin can be accessed. Only the authors and editors know this password. Now, I could have made it different for everyone but it is not worth it. I chose and strong password. However even this may not be enough.<\/p>\n\n\n\n<p>My WordPress interface is not even visible to a regular user and the server gives <code>500 Internal Server Error<\/code> as it truly doesn&#8217;t exist. Only with a magic incantation and by that I mean by setting a HTTP parameter is the Admin interface accessible.<\/p>\n\n\n\n<p>Other than the admin interface, rest of this blog is just static pages. It makes it very fast and completely secure.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>One of the easiest way to attack WordPress blog is by targeting some script of admin interface or by brute force attack and it has been found that having a good password is not enough. I take two additional steps to protect my admin interface from even the most determined hacker while allowing access to [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[12],"tags":[178],"_links":{"self":[{"href":"https:\/\/blog.taragana.com\/wp-json\/wp\/v2\/posts\/15954"}],"collection":[{"href":"https:\/\/blog.taragana.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.taragana.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.taragana.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.taragana.com\/wp-json\/wp\/v2\/comments?post=15954"}],"version-history":[{"count":1,"href":"https:\/\/blog.taragana.com\/wp-json\/wp\/v2\/posts\/15954\/revisions"}],"predecessor-version":[{"id":15955,"href":"https:\/\/blog.taragana.com\/wp-json\/wp\/v2\/posts\/15954\/revisions\/15955"}],"wp:attachment":[{"href":"https:\/\/blog.taragana.com\/wp-json\/wp\/v2\/media?parent=15954"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.taragana.com\/wp-json\/wp\/v2\/categories?post=15954"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.taragana.com\/wp-json\/wp\/v2\/tags?post=15954"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}