{ 2 comments… read them below or add one }

will December 10, 2012 at 6:17 am

One of the best ways to secure the login process, which you see or hear little of for some strange reason, is to force SSL during login and admin usage. It seems really obvious, but no one does it. Even using a shared SSL certificate would be helpful.


Cyrus December 10, 2012 at 11:01 am

Yes. You could do that. I personally use IP based protection through Nginx. Never had anyone hack through my login or admin page but it is not 100% bulletproof either.


Leave a Comment

Previous post:

Next post: