OPNsense Forum

English Forums => General Discussion => Topic started by: FullyBorked on March 28, 2022, 07:47:08 pm

Title: Information on enhancing security of wordpress server
Post by: FullyBorked on March 28, 2022, 07:47:08 pm

I'm in the processes of spooling up a Wordpress server.  The server is properly segmented in a DMZ.  In the past I would simple NAT port 80 and 443 to my server and follow best practice for securing that server.  This is how I've done things for years.  I think this is an acceptable methodology still.  However, I'd like to see what other things I might do to mitigate threats.  I already have IPS setup.  I thought about using a reverse proxy, and even setting up a WAF, but the instructions in the OPNsense guide only seem to be an overview not a guide.  With my lack of experience with setting up a WAF and/or reverse proxy I'm struggling to fully grasp what I need to do or if this is even the best path to take. 

Looking for some information on guides or just general ideology to better secure this implementation from external threats.  Maybe following KISS methodology and just using NAT is still the best way.