Advertisement

NEW CGI Directory

Home Guides General Information Article

Managing DNS For Better Wordpress Security

Page Visited Visited: 2478
Not rated
Rate:

Harry Trott
November 29, 2016


Harry Trott
Harry Trott has written 1 articles for DomainInformer.
View all articles by Harry Trott...

A little more than a quarter of the top 10 million websites on the internet today use Wordpress. This figure should be radically higher if you take into account the entire internet ecosystem. Given the widespread use of Wordpress as a CMS, it is incumbent upon website managers to make sure that all aspects of their Wordpress website is secured against hackers and data thieves. This includes a number of Wordpress security best practices like disabling directory indexing, limiting the login attempts, disabling PHP file executions, to mention a few.

In this article however, we will specifically focus on a topic that has not been explored at length with respect to Wordpress websites - DNS management for Wordpress security.

DNS Hijacking

The biggest security threat from a DNS perspective is DNS hijacking. DNS, or Domain Name Server, is a sort of a directory that maps your website name (like google.com) to its server IP address (like 64.233.160.0). Malware scripts are capable to modifying this mapping so that when a user types a web address like google.com, they are instead redirected to another IP address with spammy ads or fake websites. This is called DNS hijacking and is not poses a threat to people who visit your website, it can also potentially impact the trust that your customers have for your business; not to mention that search engines like Google may drop your website from their search results because of this drop in credibility.

With Wordpress, you could pick from one of the several popular plugins to manage your DNS features better. Plugins like Wordfence Security are popular in this category and can, among other things, monitor your DNS for unauthorized changes and thus notify you in case of any hijacking attempts.

Protecting Subdomains

While website owners take good care of their content to secure their websites from DNS hijacking, very few businesses take equally good care of potential subdomain hacking. Hackers who gain entry into your DNS can create new subdomains that can be used to confuse potential visitors into thinking they are visiting the real site while in fact they are being redirected to a different site. For instance, hackers may send emails to potential victims with a link to payment.google.com - the visitor may assume it is part of Google.com while in fact it could be a hijacked subdomain.

The fix for this is quite simple though and is regarded a best practice. Instead of not attending to unused subdomains, configure them using a wildcard option and point them to your main IP address. This makes it possible to monitor them for any possible changes and thus fix any hijacking attempt whenever they are attempted.

Protecting Non-HTTP Content

There are a number of Wordpress plugins that can help you cache your static content to prevent downtimes. One of the most popular plugins is the WP Super Cache. A more secure way to do this is by using a dedicated Content Delivery Network (CDN). This way, your DNS is configured to point your website at the IP address of the CDN server instead of your own IP address. This way, visitors to your website do not get to reach your IP address to access content. This however does not work for non-HTTP content like FTP or SMTP. A plugin like WP Mail SMTP helps you configure your SMTP server to point at a third party server like Gmail or Zoho. This helps protect your own IP address from potential abuse.

               Hosting Bookmarks   


Submit Your Articles or Press ReleaseAdd comment (Comments: 0)  

Advertisement

Related Resources

Other Resources

arrow