Business Development

Process driven.

Results driven.

Roots (Trellis) Security

Last updated By
    \

  1. Use letsencrypt (or another non-blacklisted SSL cert)
  2. \

  3. Enable 2-factor authentication on all payment gateways
  4. \

  5. Keep regular DB backups
  6. \

  7. Monitor your website (updown.io)
  8. \

  9. Keep WordPress up to date
  10. \

  11. Keep Trellis up to date
  12. \

  13. Keep WooCommerce (and extensions) up to date
  14. \

  15. Keep all plugins up to date
  16. \

\
 \
\
Setting Up Ansible Vault\
\
 \

    \

  1. Create .vault_pass file in Trellis and insert highly secure password
  2. \

  3. Set chmod permissions to 600, run:\’a0chmod 600 .vault_pass
  4. \

  5. Make certain\’a0.vault_pass is ignored in .git-ignored
  6. \

  7. Add password file path to ansible.cfg (like so)
  8. \

  9. Set new strong passwords in all/dev/staging/production vault.yml:\
      \

    1. group_vars/all/vault.yml
    2. \

    3. group_vars/[env]/vault.yml\
        \

      1. vault_mysql_root_password: [env]pw
      2. \

      3. vault_users: – password: example_password
      4. \

      5. db_password: example_dbpassword
      6. \

      \

    4. \

    \

  10. \

  11. Run to encrypt all environments:\’a0ansible-vault encrypt group_vars/all/vault.yml group_vars/development/vault.yml group_vars/staging/vault.yml group_vars/production/vault.yml
  12. \

  13. *After you have provisioned and deployed, double check to make sure salts were generated, run:\’a0ansible-vault view\'a0group_vars/[env]/vault.yml
  14. \

Leave a Reply

Your email address will not be published. Required fields are marked *