our marketing droids would like a blog on our domain. I checked out several, and while MovableType seems to have the least vulnerabilities, Wordpress has won the race.
I am very sceptical of installing a software tool which is exploited this often on our main servers. However the powers that be want the url of the blog to be www.domain.com/blog/ instead of blog.domain.com (which would of course allow me to run the blog on a cheap VPS somewhere).
I can always install Wordpress, run through the hardening and hope for the best. Or does anyone have an idea how I can run the blog in a subdirectory while keeping it separate, without impacting the functionality? I was playing around with proxying in a htaccess etc. without results. We are running LAMP and have a BIG IP load balancer in front, if that helps...
I am scared of attackers reaching our database through Wordpress (despite me using typical precautions like different usernames).
Any ideas?
Depends on the environment, and this assumes you run Linux and Apache, probably some LAMP solution if it is common of what I hear about.
Your explanation makes it sound like you know what you are doing, but have you considered a chroot/jail/whatever you want to call it in your OS of choice jargon? Of course, properly feeding everything into the chroot environment is a different animal, and that is where rubber meets the road for you. Since you are talking production environment, it could be a problem for performance and stability I suppose (then again, I see lots of docs insisting lower-level production services like BIND DNS run in chroot, so I doubt it is that bad; I mean in the sense of running another chroot-ed Apache instance alongside your other one). You might want to start here for an explanation of chroot for Apache. I assume if you can do that and MySQL, you are set.
However, all this seems like overkill. You said htaccess, so it definitely sounds like Apache to me. You have load balancers. In my mind, it sounds much easier to "have your cake and eat it too." I mean, just re-write the urls with your conf files of Apache (which takes only a little skill and testing) or get the load balancer to do it (I don't have one, but some co-workers have an F5 and they say it can do this thing at a low level, which is fun). Either way, take your pick, the first paragraph directly addresses your question. Happy hunting.
Provided you stay on top of updates and don't install any weird plugins WordPress is relatively secure. It is also relatively isolated .. the worst someone who hacks WP will do is deface the blog.
Three thoughts ...
1- Put your foot down about the WordPress requiring a separate sub-domain. Despite WP being relatively secure, keeping it isolated will keep your life simple down the road.
2- Implement nginx in front of the load balancer, and have it proxy the
\blogrequests toblog.. This is a good long term topology.3- Can the load balancer be configured to proxy/rewrite? If you specify the load balancer you might get some help there.