Leveraging Web Security to Harden WordPress Security

Reading Time: 6 minutes

As you might already notice, my new blog is powered by WordPress. When I chose to start a new blog and run it WordPress, I started to look on WordPress security. There are already great posts about improving the security of your WordPress site (see for example this and this guides). There are also many posts describing various security plugins you should be installing.

All this information is critical – but it’s not enough. What about elementary web security practices? For example, leveraging security headers to protect your site? Or enabling security.txt┬áso good hackers will know how to contact you, in case they find a vulnerability in your site?

Continue reading “Leveraging Web Security to Harden WordPress Security”

Want to Write Good Code? Start Using Security Tests

Reading Time: 12 minutes

I like to write code. I’m doing it a lot, both┬áprofessionally and for fun. Still, writing a good code is a challenge. Writing a code that is working, maintainable and secure is very hard to achieve. This is why we need automation – to spot the issues we missed. Tools like unit tests, code coverage or security tests can help detect various issues and help us write a better code.

Let’s take an example. I’ve created a small sample app using .NET core, my favorite language. I also created one container so we have something to play with.

Now it’s time to ask – does this code has security issues? Can I publish it to production?

You can try to answer this question by reading the code, or read along and learn what tools you can start using today to spot these issues. Continue reading “Want to Write Good Code? Start Using Security Tests”