0 votes
75 views
by Talented
I've seen in other questions people asking about the possibility of adding a firewall to webinoly, I think it would be very useful.

It is true that most VPS have a firewall but they basically have only rules to block and allow ports, ips, etc. No log, such as login attempts in ssh, is generated.

I do not know if I can quote other lemp stacks here but I use a well known one and every day I saw many login attempts by brute force, this was easy to solve by disabling password access, but I would never have discovered these attacks if it were not for the firewall logs.

Anyway, I think this could be considered and would make the webinoly the best and most complete lemp current pile.

Anyway, thank you very much for your work!

1 Answer

0 votes
by Expert

Hi fabianski,

To be honest, I will never install a firewall package when I have a better one that is external. Most of the cloud providers offers "SSH Keys" for authentication, so it has no sense having SSH logs, any other logs can be consulted using our "log" command.

And also, if you know a better tool than Webinoly, go with them. smiley

Thanks for your suggestion.

Regards.

by Talented
Thanks for answering.

I did not say there is another tool better than Webinoly, I just quoted the existence of one that has a firewal, I'm sorry.

I recently migrated to your stack and I'm only concerned about security, could you tell me what modifications you made to prevent attacks? like xss, http headers, etc. I've seen that there is an httpauth protection on the wordpress login page.

Thank you!
by Expert
We take security very seriously, but if you have a very sensitive site with high security requirements you should better hire a proffesional, security is a lot more complicated than just the LEMP stack, you should start by reviewing your cloud provider, infrastructure design and coding standars (plugins, themes, scripts, etc.).

Best regards.
Welcome to the Community site for Webinoly.

If you have a question about Webinoly, please ask in English or Spanish.

To report a bug, please ask a question here with the bug tag.

News: Now you can use any external SMTP service in your server. All the server outgoing emails from any of your websites will be sent through this service.

Donations

Webinoly Support Paypal Donations Webinoly Support Bitcoin Donations

Your regular donations is what keep this project moving forward. If you like Webinoly, buy me a coffee or a beer to show support.

Affiliate Links

It is very important that any visitor to the site read the disclaimer, terms of use and privacy and legal statement before start browsing.

...