Articles

Automatic Package Updates

ServerPilot automates daily updates of your Ubuntu server's installed .deb packages. This...
Firewall Rules

ServerPilot enables an iptables firewall on your server. The firewall allows only the following...
Guide to PCI Compliance

Introduction The Payment Card Industry (PCI) Data Security Standard is an information security...
How to Allow IP Addresses with a .htaccess File

If you wish to only allow specific addresses to access an app, you can add the following to your...
How to Block Brute Force Attacks in WordPress

A brute force attack on WordPress occurs when an attacker attempts to log in to WordPress by...
How to Block IP Addresses with .htaccess

If you suspect you are under attack from a specific IP address, you can block it from accessing...
How to Block IPs with CloudFlare

If you use CloudFlare for your site, you can change your settings to block visitors by IP range....
How to Check WordPress Plugins and Themes for Vulnerabilities

Vulnerable plugins and themes are the leading causes of WordPress compromises. To ensure the...
How to Configure Protect in WordPress

Protect is a key part of WordPress's Jetpack plugin that helps block brute force attacks against...
How to Create a Strong Password

The strength of your password is one of the most important factors in determining the ability of...
How to Customize Your Server's Firewall

If you need your server's firewall rules to be different than the firewall rules configured by...
How to Disable SSH Password Authentication

As long as you use strong passwords, it is not necessary to disable SSH password authentication...
How to Disable TLS 1.0

If you disable TLS 1.0, some browsers will not be able to access your apps over HTTPS. See...
How to Enable Cross-Origin Resource Sharing (CORS)

By default, web browsers do not allow websites to make cross-origin requests in certain...
How to Enable HTTP Strict Transport Security (HSTS)

HTTP Strict Transport Security (HSTS) is a security mechanism in which a website tells the...
How to Enable SSH Password Authentication

SFTP is a protocol that runs over SSH, so this means SFTP using passwords will not work by...
How to Force SSL by Redirecting HTTP to HTTPS

Once you have enabled SSL on your site, ServerPilot makes it easy to redirect all plain HTTP...
How to Install and Configure the Wordfence Plugin for WordPress

Wordfence Security is a free plugin for WordPress that includes a web application firewall, virus...
How to Password Protect a Directory

If you want to limit access to one of your apps, you can place password protection on it using a...
How to Password Protect a Single File

You can give limited access to a single file on your server by using a .htaccess file, similar to...
How to Reset the Firewall

If you have customized your firewall, you can easily reset it back to ServerPilot's default...
How to Stop Spam Comments on WordPress with Akismet

Just like the unwanted messages in your email inbox, comment spam consists of unsolicited...
How to Use CloudFlare with ServerPilot

For additional security from online threats to your site, CloudFlare is a popular—and...
How to Use CloudFlare with WordPress

The CloudFlare plugin works in tandem with Akismet to filter spam comments on your WordPress...
How to Use NinjaFirewall for WordPress

NinjaFirewall is a stand-alone web application firewall that stands between your WordPress site...
What Is SSL?

Secure Sockets Layer (SSL) and its successor, Transport Layer Security (TLS), are protocols used...
Why You Should Not Install mod_cloudflare

If you use CloudFlare, you should not install mod_cloudflare. In fact, there's nothing you need...