Securing BLUDIT

Post Reply
quicklyweb
Jr. Bludit
Posts: 8
Joined: Wed Dec 16, 2020 12:32 pm

https://docs.bludit.com/en/security/bru ... protection
I have been looking at above documentation for best practices to secure BLUDIT instalation ie, renaming admin folder, removing admin user, brute force protection etc. But i also wanted to hear from other users about their practices to secure BLUDIT installation.
BLUDIT HOSTING QUICKLYWEBImage

SEE BLUDIT IN ACTION @ QUICKLYWEB
http://www.quicklyweb.com
Top
User avatar
Edi
Site Admin
Posts: 3121
Joined: Sun Aug 09, 2015 5:01 pm
Location: Zurich
Has thanked: 54 times
Been thanked: 77 times
Contact:
Contact Edi

You are a hoster... What do you recommend? ;)
Clickwork - Websites mit Bludit | Planet Bludit - Tipps und Snippets
Top
quicklyweb
Jr. Bludit
Posts: 8
Joined: Wed Dec 16, 2020 12:32 pm

From our point of view, documentation covers everything. But there is always someone who thinks outside the box and come up with a new idea. You can never be too secure :-) :mrgreen:
BLUDIT HOSTING QUICKLYWEBImage

SEE BLUDIT IN ACTION @ QUICKLYWEB
http://www.quicklyweb.com
Top
User avatar
Jay
Master Bludit
Posts: 133
Joined: Mon Feb 11, 2019 8:41 pm

Basically the most wanted option is to secure the website with ssl certificate and redirect incoming traffic from unsecured http to https protocol.
It opens couple additional possibilities like encrypting cookies, modifying headers by adding f.e. Content-Security-Policy. Also forcing HSTS is great for non technical users where added content or this hardcoded in templates isn't transferred through https.

Apart from securing own bludit instance it is a good practice to optimize it and fasten a bit. Keep-alive connection does its job. Also caching static files in browser's memory after finishing the website is advised.
Top
Post Reply

Return to “General”