Keeping identity secure from hacks
 

Hi,

I have one domain for which I plan a wordpress based porn site, mostly probably with embedded content and some ads maybe.

The thing is that it is probably going to annoy some nasty people, religious extremists of that type that were responsible for the attack on Charlie Hebdo in Paris. So its satire or rather porn satire at the expense of such extremists. No illegal stuff, but satire. It is possible that I'm way to cautious with this, but I want to be sure as I believe that this project has the potential to get quite some attention in the internet if done right.

So naturally I want to keep my identity private to not end up slaughtered by some lunatics that don't like satire and jokes. To achieve this I'm asking here for hints and tips regarding this issue.

So far I have an anonymous hosting account somewhere offshore and the domain is of course under private registration. The site will also feature common security plugins etc.

If my site gets hacked, it should not be possible to find out my identity or what do you think?

I appreciate every thought, idea and hint regarding this topic.

Thanks!

Sounds pretty intense whatever you are planning.

You have to understand that there is no such thing as 100% security on the internet. For example, depending on the provider it can be possible to get behind the private registration by using social engineering; pretending to be police, government etc.

Also, your site could get hacked without you noticing it, you'd login and get infected by a trojan. The guy can then watch everything you do on your computer and see how you log in to Facebook or do other real life stuff.

Or they install a script in your admin panel that will track your IP and then engage in social engineering with your ISP to find out your real data. "Police" requiring the data behind the IP etc.

Or they could use social engineering on you, making you click on a link that will track your IP or infect you and then the scenarios above happen.

There are hundreds of scenarios like this that my paranoid mind can create :P

It's all very unlikely but not impossible.

Thanks for the reply.

Yeah, it could be intense. I think funny and entertaining for most though, but not for certain people. Though it might be possible that after all it is not that bad, but I will probably see.

I've thought about the same things. There is no 100% security, but still many ways to gain a relatively high level of security. Of course it requires not only the website to be as secured as possible, but also my computer (which should be the case) and of course one has to be vigilante all the time.

Do you (or someone) else know some concrete cases or common threats especially regarding hacks on the site (which I personally think should be quite good to counter with certain plugins)?

Here is something to think before launching the site, what server software you are going to use and then secure the server. Those Wordpress plugins will not prevent direct attacks to the server.

This sounds crazy, but I'd even use another computer that is only used for logging in and working on your site. Preferably a Linux distribution, as those are harder to infect than Windows. I'd then use a anonymous VPN to access the site, to hide the real IP.

I also agree with Venum that the security of your server is extremely important. You can't rely on your hoster to set up everything correctly for you; even with managed hosting, the staff will do what's absolutely necessary but nothing more.

Something else that hasn't been talked about is the danger of DDoS attacks, so you might have your site finished and secured but no one will be able to access it.

Thanks for the hint, I've gotta re-check that one.

Yeah I thought about that, too. Probably better.


Webhoster claims to have an advanced ddos protection, but well...


Thanks for the hints guys!