Security and reliability are first-class priorities for this lab.
Current controls
- WordPress login/admin path stabilized behind HTTPS
- XML-RPC disabled
- Public user enumeration reduced
- Sensitive file access blocked in Nginx
- Hardened response headers and cache policy
- Service-level separation through containers
Operational rhythm
- Update and reboot windows on homelabs
- Container health checks and monitoring
- Progressive content + UI improvements each sprint
The goal is practical hardening: strong defaults without breaking workflow.