Difference between revisions of "Educaship WordPress"

From CNM Wiki
Jump to: navigation, search
(Security)
 
(56 intermediate revisions by 3 users not shown)
Line 1: Line 1:
[[CNM WordPress]] (hereinafter, the ''Soft'') is a [[CNM stable app]] built with [[WordPress]].
+
[[Educaship WordPress]] (formerly known as [[CNM Pageware]]; hereinafter, the ''Soft'') is a [[CNM stable app]] built with [[WordPress]].
  
Missing -- Documentation that describes the software in technical details at CNM Wiki and access details at CNM Repo.
+
Development of the ''Soft'' occurs under the [[WordPress for CNM Cloud]] project.
  
Development of the ''Soft'' occurs under the [[WordPress for CNM Cloud]] project.
 
  
 
==Product specification==
 
==Product specification==
Line 9: Line 8:
  
 
===Database system===
 
===Database system===
It deploys [[MariaDB]] as its database management system -- why?
+
<gallery mode="packed" heights="300px" style="float:right; clear:right; margin-right:1em; margin-left:0">
 +
  Terminal.png
 +
  Database_wp.png
 +
</gallery>
 +
: It deploys [[MariaDB]] as its database management system. [[MariaDB]] maintains full compatibility with [[MySQL]], retaining the same APIs, commands, and replacements. MariaDB has several optimizations that improve performance over MySQL. MariaDB often gives slightly better results due to its superior engine and efficient SQL query optimizer. Because you don't need to make any code or configuration changes during the transition, MariaDB acts as a replacement for MySQL. MariaDB implements high availability and scalability based on the Galeria cluster solution from Finnish provider Codership.
 +
 
 +
: MariaDB has become a standalone database management system through continuous development and has gained a significant advantage over MySQL which WordPress usually uses as a database management system.
 +
 
 +
:The databases are connected on the Admin Terminal. You can learn more about databases on the [[Educaship MariaDB]], [[Educaship PostgreSQL]]. You can manage and configure the WordPress data not only with the database system but also with the database files, which are also located in the Admin Terminal.
 +
 
 +
:Databases cannot be administered by a [[Educaship WordPress]] administrator. They must be administered by a system administrator who has access to the [[CNM Campus Farm]]. The [[Educaship WordPress]] administrator only administers the content on websites.
 +
 
 +
===Hosting===
 +
:Server for Educaship WordPress websites is hosted by [[Contabo]]. We don't use a separate server for Educaship WordPress, Educaship WordPress is on the server along with all the applications on [[CNM Campus Farm]].
  
 
===Software instances===
 
===Software instances===
Software instances that power core, hands-on training, and experiential systems and applications. This software tend to be titled in the "CNM/Opplet COTS-name" format. For example, CNM MediaWiki powers the CNM Wiki, Inplz Wiki, and Kryvi Wiki applications.
+
: Software instances that power core, hands-on training, and experiential systems and applications. This software tends to be titled in the "CNM/Opplet COTS-name" format.  
* [[CNM Page]]
+
* CNM core WordPress:
* [[Kryvi Page]]
+
* [[HOTCOE app|HOTCOE]] WordPress:
* [[Inplz Page]]
+
* [[Inplz app|Inplz]] WordPress:
 +
** [[iDosvid.com]]
 +
** [[CNM Page]]
 +
** [[Bskol.com]]
 +
** [[WorldOpp.com]]
 +
** https://vebka.theeconomicgroup.com
 +
** https://vsemka.com
 +
** https://scheje.com
 +
** https://theeconomicgroup.com
 +
** https://worldopp.com
 +
** https://educaship.com
 +
** https://page.cnmcyber.com
 +
** https://wordpress.bskol.com
 +
** https://page.employableu.com
  
 
===Security===
 
===Security===
: For security, we use Fail2ban because it operates by monitoring log files (e.g. /var/log/auth.log, /var/log/apache/access.log, etc.) for selected entries and running scripts based on them. Most commonly this is used to block selected IP addresses that may belong to hosts that are trying to breach the system's security. It can ban any host IP address that makes too many login attempts or performs any other unwanted action within a time frame defined by the administrator. Includes support for both IPv4 and IPv6.
+
:Security is an important topic because any software becomes a target for hackers. WordPress is the most popular [[CMS]] and also has open source code, which is why sites built on WordPress, more often produce a variety of attacks, which include a number of '''ways to gain unauthorized access to the files''' of WordPress:
 +
# One of the ways we've noticed on our [[Educaship WordPress]] is through hackers in the form of bots that come into the chat room.  
 +
# The other way is when hackers know that there is an admin and there is a certain directory structure and they try to come in as an admin and infiltrate some program of their own. So the use of standard addresses and paths makes it easier for hackers. They also target plugins as the most vulnerable point.
 +
 
 +
:As hackers gain experience in finding new ways to exploit vulnerabilities, so WordPress developers and experts are getting better at creating sites that are harder to hack. Not wanting the security of our sites to be circumvented and hackers to gain access to data we follow a '''list of must-have requirements''', we:
 +
:* restrict access to the wp-config, ht-access files in the database so that they cannot be edited;
 +
:* are constantly updating plugins because the biggest security hole in WordPress is plugins and themes;
 +
:* have as few themes as possible, 2 at most;
 +
:* only install themes and plugins from reliable sources;
 +
:* change the prefix in the database;
 +
:* do not use the standard login - admin;
 +
:* do not use the standard user;
 +
:* disable user registration directly on our site.
 +
:But we still had problems:
 +
#The first problem was with bots, but that was before we switched the registration to [[Opplet]]. And we have banned unregistered users from posting comments now.
 +
: Other things that are used for security are described at [[Educaship WordPress#Standing operating procedures|SOP]].
  
 
====Malware protection====
 
====Malware protection====
Previously, [[CNM Cloud]] developers struggled with the viruses, so an effective anti-virus strategy must be found -- what was the solution?
+
: Previously, [[Opplet]] developers struggled with the viruses, so an effective anti-virus strategy must be found -- what was the solution? The cause of the viruses was not found. There is an assumption that the viruses were not on [[Educaship WordPress]] but on the [[CNM Campus Farm]]. The problem with viruses was solved after switching to a new system.
  
 
==Standing operating procedures==
 
==Standing operating procedures==
 
: [[Standing operating procedure]]
 
: [[Standing operating procedure]]
 +
 +
===Monitoring process===
 +
: Monitoring is done in [[Nagios]] Snapshots are made by hand, not on [[Educaship WordPress]]. Read more: [[Educaship Nagios]].
 +
 +
===Backup===
 +
:Usually the main backup is done on the farm, not on [[Educaship WordPress]]. So you can read more about backup on [[CNM Campus Farm]].
 +
:To backup a WordPress site for free, you will first need to install the UpdraftPlus plugin. To do so, open your WordPress dashboard, and select Plugins > Add Plugins from the menu bar:
 +
: [[File:Plug.png]]
 +
* Then type UpdraftPlus into the Search Bar. Select the UpdraftPlus WordPress Backup Plugin and click Install Now > Activate.
 +
* To set up UpdraftPlus, select Settings > UpdraftPlus Backups from your WordPress menu.
 +
* This will open the UpdraftPlus Backup/Restore page, where you can customize the UpdraftPlus settings to suit your backup needs. Let’s take a look at what you can do…
 +
 +
====Backup manually====
 +
* In the main dashboard, UpdraftPlus lets you manually backup your WordPress website at any time. To do so, simply click on the Backup Now button.
 +
* You can either download the manual backup to your local server or have UpdraftPlus automatically upload it to a remote storage location.
 +
 +
====Configure scheduled backups====
 +
: To save yourself the trouble of remembering to manually backup, UpdraftPlus lets you create your own automatic backup schedule. To set up regularly scheduled WordPress backups, select the Settings tab on the UpdraftPlus Backup/Restore page.
 +
[[File:Backup.png|frameless|700px|right]]
 +
: Here you can choose how often to backup your database and files. Options include:
 +
*Every 4, 8 or 12 hours;
 +
*Daily;
 +
*Weekly, fortnightly, or monthly.
 +
:Your selection will depend on how often you update your site.
 +
 +
===Snapshot===
 +
: We take snapshots of the entire database it's made by hand. Separately, [[Educaship WordPress]] snapshots are not taken. More about snapshots: [[Educaship MariaDB]], [[Educaship Nagios]].
 +
 +
===Versions and patch===
 +
[[File:Updates.png|150px|right]]
 +
: Each minor update fixes bugs, crashes or security vulnerabilities found in the previous version. While most updates contain security improvements, many updates are performance-oriented, which may be more subtle.
 +
: It's not hard to update the version of WordPress, you should:
 +
* open your WordPress dashboard;
 +
* click the Updates on the left sidebar. Here you see will the current version and the option to update it.
 +
:Before updating, please back up your database and files. For help with updates, visit the Updating WordPress documentation page.
 +
:After updating the version you should check the plugins as they may not work correctly after the update.
 +
 +
===Plugins===
 +
[[File:Plugins.png|700px|right]]
 +
* You should check each plugins after the updated version of CNM WordPress;
 +
* You can set up auto-updates;
 +
 +
====Active Directory Integration for Intranet Sites==== 
 +
:After installing or updating the plugin, you need to check whether the registration passes or not.
 +
 +
===System recovery===
 +
:If restoring a site with a pre-existing UpdraftPlus installation, go to Settings->UpdraftPlus Backups and click the ‘Restore’ button. This will open the ‘Existing Backups’ tab. There you will see a record of your backup. In the Existing Backups tab click the ‘Restore’ button for the backup set that you want to restore (under the ‘Actions’ column). A pop-up will appear with a list of options to restore:
 +
:[[File:restore.png|750px]]
  
 
==Hands-on assignments==
 
==Hands-on assignments==
Hands-on assignments that CNM learners can use to get accustomed to the software while using its hands-on training systems and applications.
+
: Hands-on assignments that CNM learners can use to get accustomed to the software while using its hands-on training systems and applications.
  
 
==Presentations==
 
==Presentations==
Presentations that present the software to its new users in multimedia, video, just audio, and/or just graphic formats.
+
: CNM WordPress was presented at a series of events called [[CNMCyber Guided Tours]]:
 +
* [[Guided Tour of CNM WordPress of 2023-3-15]]
 +
* [[Guided Tour of CNM WordPress 2023-3-22]]
  
 
==User group==
 
==User group==
User group at CNM Social; the group may organize software-related events and produce newsletters.
+
: User group at CNM Social; the group may organize software-related events and produce newsletters.
 +
 
 +
: [[Educaship WordPress]] (hereinafter, the ''App'') is the [[CNM app]] that is configured to power [[CNM Page]], [[PageHandsOn]], or [[PageNext]] [[CNMCyber service|service]] of [[CNMCyber]]. The ''App'' is based on [[commercial off-the-shelf]] ([[COTS]]) [[content management software]] ([[content management software|CMS]]), [[WordPress]]. The ''App'' is a part of [[Opplet]].
 +
 
 +
==Architecture==
 +
: The ''App'' is an instance of [[WordPress]] that is run on the [[CNM Farms]].
 +
 
 +
==Technical requirements==
 +
: To run WordPress is recommended your host supports:
 +
#PHP version 7.4 or greater;
 +
#MySQL version 5.7 or greater OR MariaDB version 10.3 or greater;
 +
#Nginx or Apache with mod_rewrite module;
 +
#HTTPS support.
 +
: Hosting is more secure when WordPress is run using your account’s username instead of the server’s default shared username. Ask your host what steps they take to ensure the security of your account.
 +
 
 +
==Instances==
 +
* https://vsemka.com/
 +
* https://vebka.theeconomicgroup.com/
 +
* https://theeconomicgroup.com/
 +
* https://worldopp.com/
 +
* https://scheje.com/
 +
 
 +
==See also==
 +
 
 +
===Related lectures===
 +
:*[[What CNM Page Be]].
  
 
==Related lectios==
 
==Related lectios==
 
Lectios that provide CNM learners with knowledge about the deployed software.
 
Lectios that provide CNM learners with knowledge about the deployed software.
[[Category:CNM COTS products]]
+
 
 +
[[Category: CNM Cyber Orientation]][[Category: Articles]][[Category:CNM COTS products]]

Latest revision as of 06:21, 15 April 2024

Educaship WordPress (formerly known as CNM Pageware; hereinafter, the Soft) is a CNM stable app built with WordPress.

Development of the Soft occurs under the WordPress for CNM Cloud project.


Product specification

The Product specifications are:

Database system

It deploys MariaDB as its database management system. MariaDB maintains full compatibility with MySQL, retaining the same APIs, commands, and replacements. MariaDB has several optimizations that improve performance over MySQL. MariaDB often gives slightly better results due to its superior engine and efficient SQL query optimizer. Because you don't need to make any code or configuration changes during the transition, MariaDB acts as a replacement for MySQL. MariaDB implements high availability and scalability based on the Galeria cluster solution from Finnish provider Codership.
MariaDB has become a standalone database management system through continuous development and has gained a significant advantage over MySQL which WordPress usually uses as a database management system.
The databases are connected on the Admin Terminal. You can learn more about databases on the Educaship MariaDB, Educaship PostgreSQL. You can manage and configure the WordPress data not only with the database system but also with the database files, which are also located in the Admin Terminal.
Databases cannot be administered by a Educaship WordPress administrator. They must be administered by a system administrator who has access to the CNM Campus Farm. The Educaship WordPress administrator only administers the content on websites.

Hosting

Server for Educaship WordPress websites is hosted by Contabo. We don't use a separate server for Educaship WordPress, Educaship WordPress is on the server along with all the applications on CNM Campus Farm.

Software instances

Software instances that power core, hands-on training, and experiential systems and applications. This software tends to be titled in the "CNM/Opplet COTS-name" format.

Security

Security is an important topic because any software becomes a target for hackers. WordPress is the most popular CMS and also has open source code, which is why sites built on WordPress, more often produce a variety of attacks, which include a number of ways to gain unauthorized access to the files of WordPress:
  1. One of the ways we've noticed on our Educaship WordPress is through hackers in the form of bots that come into the chat room.
  2. The other way is when hackers know that there is an admin and there is a certain directory structure and they try to come in as an admin and infiltrate some program of their own. So the use of standard addresses and paths makes it easier for hackers. They also target plugins as the most vulnerable point.
As hackers gain experience in finding new ways to exploit vulnerabilities, so WordPress developers and experts are getting better at creating sites that are harder to hack. Not wanting the security of our sites to be circumvented and hackers to gain access to data we follow a list of must-have requirements, we:
  • restrict access to the wp-config, ht-access files in the database so that they cannot be edited;
  • are constantly updating plugins because the biggest security hole in WordPress is plugins and themes;
  • have as few themes as possible, 2 at most;
  • only install themes and plugins from reliable sources;
  • change the prefix in the database;
  • do not use the standard login - admin;
  • do not use the standard user;
  • disable user registration directly on our site.
But we still had problems:
  1. The first problem was with bots, but that was before we switched the registration to Opplet. And we have banned unregistered users from posting comments now.
Other things that are used for security are described at SOP.

Malware protection

Previously, Opplet developers struggled with the viruses, so an effective anti-virus strategy must be found -- what was the solution? The cause of the viruses was not found. There is an assumption that the viruses were not on Educaship WordPress but on the CNM Campus Farm. The problem with viruses was solved after switching to a new system.

Standing operating procedures

Standing operating procedure

Monitoring process

Monitoring is done in Nagios Snapshots are made by hand, not on Educaship WordPress. Read more: Educaship Nagios.

Backup

Usually the main backup is done on the farm, not on Educaship WordPress. So you can read more about backup on CNM Campus Farm.
To backup a WordPress site for free, you will first need to install the UpdraftPlus plugin. To do so, open your WordPress dashboard, and select Plugins > Add Plugins from the menu bar:
Plug.png
  • Then type UpdraftPlus into the Search Bar. Select the UpdraftPlus WordPress Backup Plugin and click Install Now > Activate.
  • To set up UpdraftPlus, select Settings > UpdraftPlus Backups from your WordPress menu.
  • This will open the UpdraftPlus Backup/Restore page, where you can customize the UpdraftPlus settings to suit your backup needs. Let’s take a look at what you can do…

Backup manually

  • In the main dashboard, UpdraftPlus lets you manually backup your WordPress website at any time. To do so, simply click on the Backup Now button.
  • You can either download the manual backup to your local server or have UpdraftPlus automatically upload it to a remote storage location.

Configure scheduled backups

To save yourself the trouble of remembering to manually backup, UpdraftPlus lets you create your own automatic backup schedule. To set up regularly scheduled WordPress backups, select the Settings tab on the UpdraftPlus Backup/Restore page.
Backup.png
Here you can choose how often to backup your database and files. Options include:
  • Every 4, 8 or 12 hours;
  • Daily;
  • Weekly, fortnightly, or monthly.
Your selection will depend on how often you update your site.

Snapshot

We take snapshots of the entire database it's made by hand. Separately, Educaship WordPress snapshots are not taken. More about snapshots: Educaship MariaDB, Educaship Nagios.

Versions and patch

Updates.png
Each minor update fixes bugs, crashes or security vulnerabilities found in the previous version. While most updates contain security improvements, many updates are performance-oriented, which may be more subtle.
It's not hard to update the version of WordPress, you should:
  • open your WordPress dashboard;
  • click the Updates on the left sidebar. Here you see will the current version and the option to update it.
Before updating, please back up your database and files. For help with updates, visit the Updating WordPress documentation page.
After updating the version you should check the plugins as they may not work correctly after the update.

Plugins

Plugins.png
  • You should check each plugins after the updated version of CNM WordPress;
  • You can set up auto-updates;

Active Directory Integration for Intranet Sites

After installing or updating the plugin, you need to check whether the registration passes or not.

System recovery

If restoring a site with a pre-existing UpdraftPlus installation, go to Settings->UpdraftPlus Backups and click the ‘Restore’ button. This will open the ‘Existing Backups’ tab. There you will see a record of your backup. In the Existing Backups tab click the ‘Restore’ button for the backup set that you want to restore (under the ‘Actions’ column). A pop-up will appear with a list of options to restore:
Restore.png

Hands-on assignments

Hands-on assignments that CNM learners can use to get accustomed to the software while using its hands-on training systems and applications.

Presentations

CNM WordPress was presented at a series of events called CNMCyber Guided Tours:

User group

User group at CNM Social; the group may organize software-related events and produce newsletters.
Educaship WordPress (hereinafter, the App) is the CNM app that is configured to power CNM Page, PageHandsOn, or PageNext service of CNMCyber. The App is based on commercial off-the-shelf (COTS) content management software (CMS), WordPress. The App is a part of Opplet.

Architecture

The App is an instance of WordPress that is run on the CNM Farms.

Technical requirements

To run WordPress is recommended your host supports:
  1. PHP version 7.4 or greater;
  2. MySQL version 5.7 or greater OR MariaDB version 10.3 or greater;
  3. Nginx or Apache with mod_rewrite module;
  4. HTTPS support.
Hosting is more secure when WordPress is run using your account’s username instead of the server’s default shared username. Ask your host what steps they take to ensure the security of your account.

Instances

See also

Related lectures

Related lectios

Lectios that provide CNM learners with knowledge about the deployed software.