WordPress Security

•Télécharger en tant que PPTX, PDF•

0 j'aime•295 vues

This document discusses WordPress security and how to prevent and recover from hacking attempts. It explains common reasons sites get hacked like for fun, profit or search engine optimization. It provides tips to check if a site has been hacked by looking for browser warnings, suspicious files or code. If hacked, it recommends recovering from backup, using a security service, changing passwords and keys, updating software and disabling file editors. It also stresses the importance of regular backups that include the database and files and are stored offsite.

Services

WordPress
Security
AKSHAT CHOUDHARY
FOUNDER, BLOGVAULT

Why will some
one hack a Site?
FUN AND PROFIT

money
SEO
Affiliate Scam
Redirect to a different site
Political defacement
Use host for hacks

Inspect Files
htaccess
Javascript Files
Unknown PHP files
Existing PHP files

Recover from
Backup
MOST RELIABLE METHOD

Talk to an expert
DIFFICULT JOB. DON'T TAKE LIGHTLY.

Change
Authentication
keys
REMOVES EXISTING SESSIONS.

Change Database
Prefix
PREVENT SQL INJECTION ATTACKS

Disable File Editor
DEFINE('DISALLOW_FILE_EDIT', TRUE);

Prevent File
Execution
ADDHANDLER CGI-SCRIPT .PHP .PL .PY .JSP .ASP
.HTM .SHTML .SH .CGI

Keys
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
define('AUTH_SALT', 'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT', 'put your unique phrase here');
define('NONCE_SALT', 'put your unique phrase here');

Security by
Obscurity
REMOVE ADMIN USER / HIDE WORDPRESS VERSION / ...

What makes a good backup solution?
Complete - Database + Files
Offsite - Local backup is as good as none
Regular Backup
History of backup
Test the Restore
Secure Backup

blogVAULT
Thank you
http://blogvault.net
We are Hiring!

Contenu connexe

Tendances

WordPress End-User SecurityDre Armeda

SavannahAndrea Rennick

WordPress and MultisiteAndrea Rennick

WordpressPriya Kumar

Curso crucigrama fotosintesisSegundo Basico

Blog World 2010 - How to Keep Your Blog from Being HackedBrian Layman

Let’s write a pluginBrian Layman

Neo word press meetup ehermits - how to keep your blog from being hacked 2012Brian Layman

WordPress Tips and Tricks (DFW Meetup)Stephanie Leary

Domain mappingAndrea Rennick

Multisite meetup talk-2017-0710reedgustow

SoCal WordPress Meetup - iWeb to WordPress aka WP99Noel Saw

WordPress Security Basics - Melbourne WordPress User MeetupChris Burgess

Wcmtl top-10-multisiteAndrea Rennick

WordPress Security is like a HHAM SandwichRed8 Interactive

WordPress Security - Kulpreet Singhguest4fe370

Securing Your Joomla websiteMike Carson

WordPress developer 101Cindy Cullen

Wordpress plugin directoryJohn Smith

Jager planetaire nevelspaskar

Tendances (20)

WordPress End-User Security

Savannah

WordPress and Multisite

Wordpress

Curso crucigrama fotosintesis

Blog World 2010 - How to Keep Your Blog from Being Hacked

Let’s write a plugin

Neo word press meetup ehermits - how to keep your blog from being hacked 2012

WordPress Tips and Tricks (DFW Meetup)

Domain mapping

Multisite meetup talk-2017-0710

SoCal WordPress Meetup - iWeb to WordPress aka WP99

WordPress Security Basics - Melbourne WordPress User Meetup

Wcmtl top-10-multisite

WordPress Security is like a HHAM Sandwich

WordPress Security - Kulpreet Singh

Securing Your Joomla website

WordPress developer 101

Wordpress plugin directory

Jager planetaire nevels

En vedette

Villarreal u2 demoJAVillarreal22

Photo albumAhmed Mohd

Primero de Derechoariana_gq96

Historia universalgloryhist

Garcinia cambogia: nuovo estratto miracoloso per perdere peso velocemente. Tu...handsomeelation20

What to ASK before hire a real estate agentReal Estate Site

ما هو الباك لينك و أفضل الطرق للحصول عليهWesam Helmy

Dynamo North East skills update January 2015 final BPDynamo North East

Pharma Social Media Moving FowardsHavas Lynx Group

Big data ecosystemInternational Quality and Productivity Center (IQPC India)

從非洲看見台灣！Yau-ren Chang

Гетеборг. Презентация книги Dikter Genom Tiderna. power pointМГУ - Moscow State University

Epc 2jygwen

eng research reportjygwen

Science o net part 1Asah Chaithep

Garcinia Cambogia: il nuovo estratto miracolose per perdere peso velocemente....handsomeelation20

En vedette (16)

Villarreal u2 demo

Photo album

Primero de Derecho

Historia universal

Garcinia cambogia: nuovo estratto miracoloso per perdere peso velocemente. Tu...

What to ASK before hire a real estate agent

ما هو الباك لينك و أفضل الطرق للحصول عليه

Dynamo North East skills update January 2015 final BP

Pharma Social Media Moving Fowards

Big data ecosystem

從非洲看見台灣！

Гетеборг. Презентация книги Dikter Genom Tiderna. power point

Epc 2

eng research report

Science o net part 1

Garcinia Cambogia: il nuovo estratto miracolose per perdere peso velocemente....

Similaire à WordPress Security

WordPress securityakshat

WordCamp Mid-Atlantic WordPress SecurityBrad Williams

Wordpress Security & Hardening StepsPlasterdog Web Design

WordPress Security - WordCamp NYC 2009Brad Williams

WordPress Security - WordCamp Boston 2010Brad Williams

WordPress SecurityBrad Williams

PodCamp Ohio 2009Brian Lockrey

Secure All The Things!Dougal Campbell

WordPress Security Presentation from South Florida WordPress MeetupJohn Carcutt

Securing Your WordPress Website - WordCamp GC 2011Vlad Lasky

Securing Your WordPress Website by Vlad Laskywordcampgc

Now That's What I Call WordPress Security 2010Brad Williams

Higher Order WordPress SecurityDougal Campbell

Top Ten WordPress Security Tips for 2012Brad Williams

Website securityAkhilesh Kant

Security Risks In WordPress And Ways To Avoid Them | thoughtfulmindsThoughtful Minds Web Services Pvt. Ltd,

WordPress Security Christina Hawkins

How to Increase Security on your Wordpress WebsiteMeganGood12

Wordpress for Newbies 2010-03-27Shannon Smith

Securing Word Press BlogChetan Gole

Similaire à WordPress Security (20)

WordPress security

WordCamp Mid-Atlantic WordPress Security

Wordpress Security & Hardening Steps

WordPress Security - WordCamp NYC 2009

WordPress Security - WordCamp Boston 2010

WordPress Security

PodCamp Ohio 2009

Secure All The Things!

WordPress Security Presentation from South Florida WordPress Meetup

Securing Your WordPress Website - WordCamp GC 2011

Securing Your WordPress Website by Vlad Lasky

Now That's What I Call WordPress Security 2010

Higher Order WordPress Security

Top Ten WordPress Security Tips for 2012

Website security

Security Risks In WordPress And Ways To Avoid Them | thoughtfulminds

WordPress Security

How to Increase Security on your Wordpress Website

Wordpress for Newbies 2010-03-27

Securing Word Press Blog

Dernier

ULHASNAGAR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICEayushi9330

Russian 8728932633 Call Girls Ludhiana No Advance cash Onlyrobindsuza9167

BHOPAL CALL GIRL 9262871154 HIGH PROFILE BHOPAL ESCORT SERVICENiteshKumar82226

❤️Amritsar Call Girl☎️9815674956☎️ Call Girl service in Amritsar☎️ Amritsar C...Sheetaleventcompany

Vip Call Girls Hyderabad Just Call 7091864438 Top Class Call Girl Service Ava...Monika Rani

Goa Escorts Service 9540619990 Call Girls in GoaGoa escorts Service 😋 Goa escort agency

VIDEO CALL SERVICE CALL GIRL LIVE SERVICE REAL GIRL LIVE VIDEO CALL SERVICE C...rajbaburaj201

Mysore❤CALL GIRL 9647466585 ❤CALL GIRLS IN Mysore ESCORT SERVICEshivam142808

👉 Amritsar Call Girls 👉📞 8725944379 👉📞 Just📲 Call Ruhi Call Girl Near Me Amri...Sheetaleventcompany

Udaipur Call Girls ☎ 9602870969✅ Just Genuine Call Girl in Udaipur Escort Ser...Apsara Of India

Motihari ❤CALL GIRL 7870993772 ❤CALL GIRLS ESCORT SERVICE In motihari ❤ Low ...Monika Rani

Call Now ☎8264348440|| Call Girls in Mehrauli Escort Service Delhi N.C.R..pdfsoniya singh

Call Girls In Karachi-->>03274048030<<--Meet Call Girls In Karachi for Unforg...Sana Rajpoot

💊💊 OBAT PENGGUGUR KANDUNGAN JAMBI 08776558899 ATAU CARA GUGURKAN JANIN KLINIK...Cara Menggugurkan Kandungan 087776558899

Udaipur Call Girls ☎ 9602870969✅ Best Genuine Call Girl in Udaipur Escort Ser...Apsara Of India

Call Girls Guwahati Just Call WhatsApp 7870993772 Top Class Call Girl Service...Monika Rani

Unnao 💋 Call Girl 97487*63073 Call Girls in unnao Escort service book nowapshanarani255

Call Girls Pune Call WhatsApp 7870993772 Top Class Call Girl Service Availab...Monika Rani

💚Call Girls Chandigarh 💯Riya 📲🔝8868886958🔝Call Girls In Chandigarh No💰Advance...Sheetaleventcompany

Call Girls in Lahore-->>03224951619<<--Cheap & Independent Lahore Call GirlsLaiba Pari

Dernier (20)

ULHASNAGAR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICE

Russian 8728932633 Call Girls Ludhiana No Advance cash Only

BHOPAL CALL GIRL 9262871154 HIGH PROFILE BHOPAL ESCORT SERVICE

❤️Amritsar Call Girl☎️9815674956☎️ Call Girl service in Amritsar☎️ Amritsar C...

Vip Call Girls Hyderabad Just Call 7091864438 Top Class Call Girl Service Ava...

Goa Escorts Service 9540619990 Call Girls in Goa

VIDEO CALL SERVICE CALL GIRL LIVE SERVICE REAL GIRL LIVE VIDEO CALL SERVICE C...

Mysore❤CALL GIRL 9647466585 ❤CALL GIRLS IN Mysore ESCORT SERVICE

👉 Amritsar Call Girls 👉📞 8725944379 👉📞 Just📲 Call Ruhi Call Girl Near Me Amri...

Udaipur Call Girls ☎ 9602870969✅ Just Genuine Call Girl in Udaipur Escort Ser...

Motihari ❤CALL GIRL 7870993772 ❤CALL GIRLS ESCORT SERVICE In motihari ❤ Low ...

Call Now ☎8264348440|| Call Girls in Mehrauli Escort Service Delhi N.C.R..pdf

Call Girls In Karachi-->>03274048030<<--Meet Call Girls In Karachi for Unforg...

💊💊 OBAT PENGGUGUR KANDUNGAN JAMBI 08776558899 ATAU CARA GUGURKAN JANIN KLINIK...

Udaipur Call Girls ☎ 9602870969✅ Best Genuine Call Girl in Udaipur Escort Ser...

Call Girls Guwahati Just Call WhatsApp 7870993772 Top Class Call Girl Service...

Unnao 💋 Call Girl 97487*63073 Call Girls in unnao Escort service book now

Call Girls Pune Call WhatsApp 7870993772 Top Class Call Girl Service Availab...

💚Call Girls Chandigarh 💯Riya 📲🔝8868886958🔝Call Girls In Chandigarh No💰Advance...

Call Girls in Lahore-->>03224951619<<--Cheap & Independent Lahore Call Girls

WordPress Security

1. blogVAULT http://blogvault.net

2. WordPress Security AKSHAT CHOUDHARY FOUNDER, BLOGVAULT

3. Why? SITES GET HACKED!

4. Why will some one hack a Site? FUN AND PROFIT

5. they can

6. money SEO Affiliate Scam Redirect to a different site Political defacement Use host for hacks

7. How? VULNERABILITIES!

8. Where? WORDPRESS CORE PLUGINS THEMES

9. How do I know if I have been hacked?

10. Browser warning

11. Warning

12. Sucuri SiteCheck - Free Tool

13. Inspect Files htaccess Javascript Files Unknown PHP files Existing PHP files

14. What to do when my site gets hacked?

15. Recover from Backup MOST RELIABLE METHOD

16. Use Sucuri NOT FOOLPROOF, COSTS MONEY

17. Talk to an expert DIFFICULT JOB. DON'T TAKE LIGHTLY.

18. Change Password

19. Change Authentication keys REMOVES EXISTING SESSIONS.

20. Prevention is better than Cure

21. Update Wordpress / Plugins / Themes

22. Change Database Prefix PREVENT SQL INJECTION ATTACKS

23. Disable File Editor DEFINE('DISALLOW_FILE_EDIT', TRUE);

24. Make Folders / Files Readonly

25. Prevent File Execution ADDHANDLER CGI-SCRIPT .PHP .PL .PY .JSP .ASP .HTM .SHTML .SH .CGI

26. Use SSL / Google Authenticator

27. Keys define('AUTH_KEY', 'put your unique phrase here'); define('SECURE_AUTH_KEY', 'put your unique phrase here'); define('LOGGED_IN_KEY', 'put your unique phrase here'); define('NONCE_KEY', 'put your unique phrase here'); define('AUTH_SALT', 'put your unique phrase here'); define('SECURE_AUTH_SALT', 'put your unique phrase here'); define('LOGGED_IN_SALT', 'put your unique phrase here'); define('NONCE_SALT', 'put your unique phrase here');

28. Security by Obscurity REMOVE ADMIN USER / HIDE WORDPRESS VERSION / ...

29. Automatic Backups E.G. USE BLOGVAULT

30. What makes a good backup solution? Complete - Database + Files Offsite - Local backup is as good as none Regular Backup History of backup Test the Restore Secure Backup

31. blogVAULT Thank you http://blogvault.net We are Hiring!

WordPress Security

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

En vedette

En vedette (16)

Similaire à WordPress Security

Similaire à WordPress Security (20)

Dernier

Dernier (20)

WordPress Security