References
-
4.11. checking integrity with aide Red Hat Enterprise Linux 7. (n.d.). Retrieved from Red Hat Customer Portal: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-using-aide#doc-wrapper
-
antirez. (n.d.). Hping network tool. Retrieved from GitHub: https://github.com/antirez/hping
-
Balkhi, S. (2023, June 6). How to add HTTP security headers in WordPress (Beginner's Guide). Retrieved from WPBeginner: https://www.wpbeginner.com/beginners-guide/how-to-add-http-security-headers-in-wordpress/
-
Balkhi, S. (2023, October 17). How to Disable PHP Execution in Certain WordPress Directories. Retrieved from wpbeginner: https://www.wpbeginner.com/wp-tutorials/how-to-disable-php-execution-in-certain-wordpress-directories/
-
Balkhi, S. (2023, August 22). The Ultimate Wordpress Security Guide - Step by step. Retrieved from WPBeginner: https://www.wpbeginner.com/wordpress-security/
-
Best Practices - MariaDB Documentation. (n.d.). Retrieved from MariaDB Enterprise Server: https://mariadb.com/docs/xpand/deploy/best-practices/
-
BurpSuite Professional. (n.d.). Retrieved from PortSwigger: https://portswigger.net/burp/pro
-
Chapter 2. nagios core installation and Configuration Red Hat Ceph storage 4. (n.d.). Retrieved from Red Hat Customer Portal: https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/4/html/monitoring_ceph_with_nagios_guide/nagios-core-installation-and-configuration
-
Chipeta, C. (2023, February 7). What is HTTPS? how it works and why it's so important. Retrieved from UpGuard: https://www.upguard.com/blog/what-is-https
-
CloudFlare. (n.d.). What is IP spoofing? Retrieved from CloudFlare: https://www.cloudflare.com/learning/ddos/glossary/ip-spoofing/
-
CloudFlare. (n.d.). Why is HTTP not secure? | HTTP vs. HTTPS. Retrieved from CloudFlare: https://www.cloudflare.com/learning/ssl/why-is-http-not-secure/#:~:text=HTTPS%20is%20HTTP%20with%20encryption,far%20more%20secure%20than%20HTTP.
-
Cockpit Project. (n.d.). Retrieved from Cockpit Project: https://cockpit-project.org/
-
File Permissions and Sharing Files. (n.d.). Retrieved from University of Cambridge: https://www.maths.cam.ac.uk/computing/linux/unixinfo/perms#:~:text=644%20means%20you%20can%20read,users%20can%20only%20read%20it.
-
Gill, R. (2023, February 23). What is Open-Source Intelligence? Retrieved from SANS Institute: https://www.sans.org/blog/what-is-open-source-intelligence/#:~:text=Open%20Source%20Intelligence%20(OSINT)%20is,%2C%20and%20non%2Dgovernmental%20organizations.
-
Godley, J. (2023, September 10). WordPress.org. Retrieved from Redirection: https://wordpress.org/plugins/redirection/
-
Goldeneye: Kali linux tools. (2022, August 5). Retrieved from Kali Linux: https://www.kali.org/tools/goldeneye/
-
Hayes, D. (2022, September 18). How to Disable File Editing in the Admin Area of WordPress. Retrieved from WPSHOUT: https://wpshout.com/quick-guides/how-to-disable-file-editing-in-the-admin-area-of-wordpress/
-
Hess, K. (2023, January 12). Linux security: Protect your systems with fail2ban. Retrieved from Red Hat: https://www.redhat.com/sysadmin/protect-systems-fail2ban
-
IBM. (2023, October 16). Configuring the SSH Server. Retrieved from IBM: https://www.ibm.com/docs/en/ahts/4.4?topic=iu-configuring-ssh-server
-
IBM. (2023, April 28). Securing your SSH server. Retrieved from IBM Documentation: https://www.ibm.com/docs/en/aspera-fasp-proxy/1.4?topic=appendices-securing-your-ssh-server
-
Identify technologies on websites. (n.d.). Retrieved from Wappalyzer: https://www.wappalyzer.com/
-
Jackson, B. (2023, September 22). WordPress Security – 19 Steps to Lock Down Your Site. Retrieved from Kinsta: https://kinsta.com/blog/wordpress-security/
-
Jarrod. (2016, September 21). How to enable or Disable SELinux in Centos/RHEL 7. Retrieved from RootUsers: https://www.rootusers.com/how-to-enable-or-disable-selinux-in-centos-rhel-7/
-
Kaspersky. (2023, August 29). What is an SSL certificate – Definition and Explanation. Retrieved from kaspersky: https://usa.kaspersky.com/resource-center/definitions/what-is-a-ssl-certificate
-
Kili, A. (2017, December 1). 12 MySQL/MariaDB Security Best Practices for Linux. Retrieved from TecMint: https://www.tecmint.com/mysql-mariadb-security-best-practices-for-linux/
-
kingthorin. (n.d.). SQL Injection. Retrieved from OWASP Foundation: https://owasp.org/www-community/attacks/SQL_Injection
-
Linuxize. (2020, 6 June). Creating a self-signed SSL Certificate. Retrieved from Linuxize: https://linuxize.com/post/creating-a-self-signed-ssl-certificate/
-
ManageEngine. (n.d.). Common cyberattacks to look out for. Retrieved from ManageEngine: https://www.manageengine.com/log-management/cyber-security-attacks/common-types-of-cyber-attacks.html
-
Nmap. (n.d.). Retrieved from Nmap: https://nmap.org/
-
OpenVAS Greenbone. (n.d.). Retrieved from OpenVAS: https://www.openvas.org/
-
Overview of red hat subscription management. (2018, May 3). Retrieved from Red Hat Customer Portal: https://access.redhat.com/articles/143253
-
Red Hat. (2022, June 17). How to register and subscribe a RHEL system to the Red Hat Customer Portal using Red Hat Subscription-Manager? Retrieved from Red Hat Customer Portal: https://access.redhat.com/solutions/253273
-
Red Hat. (2023, September 29). How to upgrade from PHP 7.x to PHP 8.0 in Red Hat Enterprise Linux 8? Retrieved from Red Hat Customer Portal: https://access.redhat.com/solutions/6082961
-
Sqlmap®. (n.d.). Retrieved from sqlmap: https://sqlmap.org/
-
subscription-manager(8) - Linux man page. (n.d.). Retrieved from die.net: https://linux.die.net/man/8/subscription-manager
-
The Apache Software Foundation. (2023). Apache HTTP Server 2.4 vulnerabilities. Retrieved from Apache HTTP Server Project: https://httpd.apache.org/security/vulnerabilities_24.html
-
Tib3rius. (n.d.). AutoRecon. Retrieved from GitHub: https://github.com/Tib3rius/AutoRecon
-
Vanhauser-THC. (n.d.). Hydra. Retrieved from GitHub: https://github.com/vanhauser-thc/thc-hydra
-
What is a brute force attack?: Definition, Types & How It Works. (n.d.). Retrieved from Fortinet: https://www.fortinet.com/resources/cyberglossary/brute-force-attack
-
What is a denial-of-service (DOS) attack? (n.d.). Retrieved from CloudFlare: https://www.cloudflare.com/learning/ddos/glossary/denial-of-service/
-
Whitham, O. (2022, February 2). How & why you should remove unused WordPress plugins. Retrieved from WP Engine: https://wpengine.com/resources/removing-unused-wordpress-plugins/
-
Wireshark · go deep. (n.d.). Retrieved from Wireshark: https://wireshark.org/
-
Wordfence Premium. (n.d.). Retrieved from Wordfence: https://www.wordfence.com/products/wordfence-premium/
-
WP Hide & Security Enhancer. (2023, October 30). Retrieved from WordPress: https://wordpress.org/plugins/wp-hide-security-enhancer/
-
WPScan. (n.d.). Retrieved from WPScan: https://wpscan.com/
-
Penetration testing and ethical hacking linux distribution. (2023, November 17). Retrieved from Kali Linux: https://www.kali.org/
-
Parrot Security. (n.d.). Retrieved from Parrot Security: https://www.parrotsec.org/