Regular Security Actions
Regular security maintenance is crucial for system safety and efficiency. This includes updating dependencies, removing unused packages, and keeping documentation current.
Implementation
Section titled “Implementation”Regular Maintenance
Section titled “Regular Maintenance”- Bi-weekly dependency checks (consider using Dependabot or Renovate).
- Some handy commands to check for vulnerabilities and outdated packages yourself:
npm audit
orpnpm audit
to check for vulnerabilitiesnpm outdated
orpnpm outdated
to check for outdated packagesnpx npm-check-updates --interactive
orpnpm up --recursive --interactive --latest
to check for outdated packages and update them interactively
- If you see vulnerability flagged during package installation, you should fix it.
- Use Dependabot for security updates
- Document findings and keep a shared maintenance log, when applicable.
Security Tools
Section titled “Security Tools”Wordfence
Section titled “Wordfence”- Install Wordfence plugin
- Enable real-time monitoring
- Set up email alerts to be sent on your project’s email alias
Uptime Monitoring
Section titled “Uptime Monitoring”- Use an uptime monitoring tool for business critical services
- Axioned has a hosted uptime monitoring service called Uptime Kuma
- Some hosting platforms (like WP Engine) have uptime monitoring built in as well
Read more on self-audit for more details on how to audit your own security.