Prev: New functional language - Fling
Next: Rado Integral Ladies Watch R20339712
From: Ignoramus25096 on 14 May 2010 22:42
On 2010-05-15, Sam <sam(a)email-scan.com> wrote:
> So, from the Internet, only those URLs that pull static content off the blog
> will work. URLs for the login page, etc, will not be accessible.

This is also a very good idea.

i
From: Sam on 14 May 2010 23:09
Ignoramus25096 writes:

>
> Maybe I should block any access to
>
> http://firstname.lastname.com/blog/wp-admin/
>
> to anything except localhost and our home LAN?
>
> Would that be sufficient?

From a security standpoint, the correct approach is the reverse: block
everything, then allow only those URLs that you've verified retrieve only
the static content.

Start by blocking everything except the home page, the stylesheet, and any
javascript files. Load the home page, look for the links that navigate to
the next/previous blog entries. Allow those. Keep looking and expanding the
list of allowed URLs until you feel that sufficient amount of content is
reachable over the Internet, and all of is static data.


First  |  Prev  | 
Pages: 1 2
Prev: New functional language - Fling
Next: Rado Integral Ladies Watch R20339712