What are 4 important security measures for Windows Server & IIS?

When you have just installed your new Windows Server, with or without IIS as web server, it is important to take a few extra security measurements. Securing your server is important to keep hackers out and your data safe. This article shows 3 4 key steps in securing your Windows Server web (IIS) or file server.

Read More »What are 4 important security measures for Windows Server & IIS?

How to disable SMBv1 in Windows 10 and Windows Server

Disable SMBv1 to prevent prevent Petya / NotPetya, WannaCry / WanaCrypt0r ransomware spreading through your network. These worm viruses exploit a vulnerability in Windows Server Message Block (SMB) version 1 (SMBv1), and spread like wildfire. It is urged you disable SMBv1 in your Windows variant (Windows 10, 8.1, Server 2016, 2012 R2), and here is how if you haven’t done so yet.

Read More »How to disable SMBv1 in Windows 10 and Windows Server

Check WordPress Core files integrity

Verify WordPress Core files md5 checksums against WordPress’ checksums API, using this standalone PHP file. I chose to use a standalone PHP script to check the md5sum of WordPress Core files against the API so you’re not dependent on a possibly hacked WordPress installation. This kind of guarantees the result can be trusted, as opposed to using a WordPress plugin. I think this is a better integrity check of WordPress Core files.

Read More »Check WordPress Core files integrity

Enable NTFS long paths in Windows Server 2016 and 2019 by Group Policy

Windows Server 2016 was finally released last week, meaning we can finally lift the idiotic 260 characters limitation for NTFS paths. In this post I’ll show you how to configure the Enable Win32 long paths setting for the NTFS file system, through Group Policy (a GPO). Also for Windows Server 2019.

Read More »Enable NTFS long paths in Windows Server 2016 and 2019 by Group Policy

Clear PHP opcode caches before WordPress Updates: ease the updating process

In various hosting environments, WordPress core-, plugin- and theme updates sometimes fail because of enabled opcode caches. Popular PHP opcode caches are OPcache, WinCache and APC. This little WordPress Must Use Plugin tries to flush opcode caches. Making your live a bit easier when updating WordPress Core, Plugins and Themes.

Read More »Clear PHP opcode caches before WordPress Updates: ease the updating process

Benchmarking WordPress, simple load & speed testing with ApacheBench

WordPress load testing with ApacheBench.

ab is a small benchmark utility that comes with Apache. It’s a really simple HTTP load generating tool, ideal for a simple WordPress load & speed test. How fast does your WordPress site respond? How many HTTP requests per second can your server handle? These are questions on which ab can shed some light.

Read More »Benchmarking WordPress, simple load & speed testing with ApacheBench

Intrusion Detection with Windows Event ID’s

Found via cyber-ir.com: This paper is the best I have ever read on how to build IOC’s with Windows Event ID’s. I highly recommend you to read it, it contains very useful information and some very interesting behavioural examples of attacker activity. If you are looking to enhance your detection in your core network this is the document!

Read More »Intrusion Detection with Windows Event ID’s