Lord Your glory is so obviously displayed and reflected in the power exhibited within creation. The floods lift up their roaring, the sea cries out Your name, the hills bear prosperity for all of us to enjoy, the lightning lights up the world so as to put on display your infinite power and knowledge. Yet Lord, your glory is displayed in its highest and surest regard in Your intentional pursuit and giving of Yourself to weakness resulting in unfathomable suffering. At the cross we see displayed what it took for you to make us Your own, what it took for our sins to be abolished, along with its due penalty: it took the God of the universe becoming nothing, taking the form of a bondservant, being nailed to a cross along with the record of debt that stood against us and bearing the curse due to us because of our lawlessness. Lord what kind of love is this that would move You to take regard of those who have betrayed your glory? And yet that is Your heart, to make rebels Your own children, to make us Your children. You were willing to be cut off from the land of the living that we might be brought in to paradise, to be cursed that we might be blessed, to be stripped of all that we might be clothed in your pure robe of righteousness. Lord help our unbelief. Heal our pride and our self-inflation by looking to that cross. Help our frail state and weakness, and would you shine forth in it to give us Your strength, the very strength of the Spirit that raised Christ from the dead. Would You give to us the gift of humbly walking in the reality of what we already are: Your justified, accepted, rejoiced-over children, and find our ultimate identity in this over the identities the world presses in and would have for us. Lord may we find our ultimate hope and joy and rejoicing in Your rejoicing over us.
Month: March 2019
After working through a number of WordPress sites over the years and either preventing hack attempts or intervening in cleaning up hacked sites, I’ve “engineered” a free way to keep your site secure with the use of these plugins in conjunction:
- iQ Block Country: This plugin will prevent certain countries that you set from accessing either the front-end of your site, or (in the cases I use it for almost exclusively) the back-end. For the purposes of the sites I manage, I block all except the United States on the back-end and leave the front-end open to all.
- Jetpack: this is a great plugin to utilize anyway just for stats collection, image/CDN offloading, but included within this plugin is the ability to turn on brute force login protection. Another very helpful prevent if these other tools don’t catch something.
- WordFence: this free tool (that actually does have a subscription service for even better protection) is a web application firewall for use directly within WordPress. One of the big things it prevents are brute force login attacks, XSS attacks and SQL injection attacks, amongst others. Now, a web app firewall (like ModSecurity or some other hardware appliance like a Barricuda or Cisco firewall) in front of the application itself would work even better at preventing attacks before they even got to your WordPress site (if setup correctly), but can be quite advanced to install and configure. Regardless, this plugin is a great way to keep those kinds of attacks at bay.
- Invisible reCaptcha: this utilizes the newer version 3 of Google’s reCaptcha to prevent automated bots from either spamming the comment sections of your posts or pages or from brute force attempts to login to your site as admin.
None of these methods are fool proof from attacks getting through some other threat vector, but I’ve found this to catch quite a bit of junk on all the sites I’ve set them up on.
And one last thing: make sure and secure your site with SSL?!? 🙂
In the course of attempting to find a good, fast solution to running backups from my Linux server to my laptop for all the important stuff, I worked through the ability to run rsync on my Windows laptop using the cygwin environment, bash scripts and scheduling the backups to run in Task Scheduler. Here’s a run down of the steps I went through:
The following commands enable, follow in real-time and disable the querylog entries for when you’re trying to troubleshoot or watch the connection.
1. Enable: sudo rndc querylog
2. Follow: sudo journalctl -f
3. Disable: sudo rndc querylog