Click me
Transcribed

WordPress Security

O WordPress Security pagely Secure WordPress Hosting 58,701,915 WordPress sites in the wild. Due to popularity WordPress presents a large target. E Two primary types of malware attacks aimed at WordPress. Not an Actual Hacker Injections Back Doors Your website code is injected with advertisements or links to another site. Typically adult or pharmacy sites. This code is usually hidden from normal display and only seen by Search Engines resulting in SEO Poison for your site. Drive-by-Downloads like fake virus scanning tool adverts & Iframes are also prevalent in this type of attack. The successful attack places a shell script or back door on your server allowing them to access your site and run commands without needing to login. Typically used to spread an infection to other sites on the server, gain remote control of the system, send mass SPAM email, or cause other mayhem. How do they get in? Three common attack vectors. Environment Administration Vulnerabilities Outdated versions of: PHP, WordPress, themes or plugins may be vulnerable to certain types of attacks. Cross Site Scripting (XSS) MYSQL Injection (SQLI) Cross Site Request Forgery (CSRF) The attacker has no need to The system/server your website resides on may be configured incorrectly and is not following best practices for limiting access, client separation, or blocking nefarious requests. 'hack' in as they have guessed or obtained your login and password. Attackers may login via FTP to place files, or login to your WordPress account to alter your setup as desired. Hackers love Free WiFi The overwhelmingly vast majority of all attacks are automated. It's hard not to but don't take it personal. Impersonal XSS attack increase Q2 2012 Q3 2012 Automated XSS (Cross Site Scripting) attacks jumped 69% in 3 months. 50 50% of all scanned URL's service have malware by Sucuri's SiteCheck or general security issues. 3,844,879 Attacks blocked by the page.ly firewall's over a 15 day period. 88% HTTP Signature Violation 2% Unknown Request Method 8% Custom Rule Violations 2% XSS, CSRF, SQLI, Other Our WordPress Specific Rule Set * So you got hacked, Now what? Alert your host. They should take care of this for you, if they don't find a new host. Replace all Core WordPress files. STAY CALM Start at all index.php files and move inward inspecting each theme/plugin file for code that looks out of place. Hire a malware remediation service to help. Restore from your backup. Nothing is 100% hack-proof, but you can make it more difficult. Prevention Detection Who you host with matters. If your site and time is worth more than $5 to Services exist to scan for damage and even clean up the mess. Sucuri, VaultPress and others were created you consider spending more than that to host it. Not every site needs an enterprise grade security appliance in front of it but every site owner should want that level of protection. specifically for this reason. Run your own servers? Look at applications like Maldetect and Savscan to sweep your file system for known malware signatures. Take the time to learn the basics. There is plethora of public information available to help lock down your site against common exploits. Least privileged users, system configuration, ModSecurity. All are worth noting. password123 is not a legitimate password Firewalls are your best friend. One of the most effective ways of preventing an attack from pwning your site is stopping the attack from ever reaching your site. If your host does not run a legitimate firewall look at services like CloudFlare or Incapsula. Try a pass-phrase, research has shown a 3 word phrase to be easy to remember and very hard to crack. Ex: the blue bird. Use a password manager application like 1 password or LastPass. Worth Every Penny The easiest & fastest way to recover from getting hacked is to restore from a clean backup. You should be backing up your files and database every night BACKUP ALL THE THINGS and keeping copies off site. That may not always be feasible but for all that is right in the world if you value your work you should back it up. Thank the Core Team Is WordPress Secure? Absolutely. Then why do WordPress sites gets hacked? Proportion of sites + Legacy Hosts + Vulnerable 3rd party code Press that Update Button Plugins & themes are contributed by the public, some are not coded to best pracțices and many are efførts of beginningtnovice developers. The Zone of Despair Number of sites running WordPress is huge in proportion to sites running similar applications. Therefore it gives the false appearance of greater vulnerability. Legacy hosting companies are slow to adapt to the increasing severity of attacks leaving their customers and systems vulnerable regardless of what application powers the website. Shop Around WordPress itself has not had a major security issue in many years. Pagely is Secure WordPress Hosting Some data provided by page.ly SUCUTI Think of it like The Ritz Carlton meets Malware detection, alerting, and cleanup Fort Knox. We secure and Manage for all manner of websites. WordPress for thousands of customers and big brands you know and trust. Resources Designed & Published by Page.ly https://page.ly December 2012 http://sucuri.net cc SOME RIGHTS RESERVED http://firehost.com http://wordpress.com/stats http://glyphicons.com O WordPress Security pagely Secure WordPress Hosting 58,701,915 WordPress sites in the wild. Due to popularity WordPress presents a large target. E Two primary types of malware attacks aimed at WordPress. Not an Actual Hacker Injections Back Doors Your website code is injected with advertisements or links to another site. Typically adult or pharmacy sites. This code is usually hidden from normal display and only seen by Search Engines resulting in SEO Poison for your site. Drive-by-Downloads like fake virus scanning tool adverts & Iframes are also prevalent in this type of attack. The successful attack places a shell script or back door on your server allowing them to access your site and run commands without needing to login. Typically used to spread an infection to other sites on the server, gain remote control of the system, send mass SPAM email, or cause other mayhem. How do they get in? Three common attack vectors. Environment Administration Vulnerabilities Outdated versions of: PHP, WordPress, themes or plugins may be vulnerable to certain types of attacks. Cross Site Scripting (XSS) MYSQL Injection (SQLI) Cross Site Request Forgery (CSRF) The attacker has no need to The system/server your website resides on may be configured incorrectly and is not following best practices for limiting access, client separation, or blocking nefarious requests. 'hack' in as they have guessed or obtained your login and password. Attackers may login via FTP to place files, or login to your WordPress account to alter your setup as desired. Hackers love Free WiFi The overwhelmingly vast majority of all attacks are automated. It's hard not to but don't take it personal. Impersonal XSS attack increase Q2 2012 Q3 2012 Automated XSS (Cross Site Scripting) attacks jumped 69% in 3 months. 50 50% of all scanned URL's service have malware by Sucuri's SiteCheck or general security issues. 3,844,879 Attacks blocked by the page.ly firewall's over a 15 day period. 88% HTTP Signature Violation 2% Unknown Request Method 8% Custom Rule Violations 2% XSS, CSRF, SQLI, Other Our WordPress Specific Rule Set * So you got hacked, Now what? Alert your host. They should take care of this for you, if they don't find a new host. Replace all Core WordPress files. STAY CALM Start at all index.php files and move inward inspecting each theme/plugin file for code that looks out of place. Hire a malware remediation service to help. Restore from your backup. Nothing is 100% hack-proof, but you can make it more difficult. Prevention Detection Who you host with matters. If your site and time is worth more than $5 to Services exist to scan for damage and even clean up the mess. Sucuri, VaultPress and others were created you consider spending more than that to host it. Not every site needs an enterprise grade security appliance in front of it but every site owner should want that level of protection. specifically for this reason. Run your own servers? Look at applications like Maldetect and Savscan to sweep your file system for known malware signatures. Take the time to learn the basics. There is plethora of public information available to help lock down your site against common exploits. Least privileged users, system configuration, ModSecurity. All are worth noting. password123 is not a legitimate password Firewalls are your best friend. One of the most effective ways of preventing an attack from pwning your site is stopping the attack from ever reaching your site. If your host does not run a legitimate firewall look at services like CloudFlare or Incapsula. Try a pass-phrase, research has shown a 3 word phrase to be easy to remember and very hard to crack. Ex: the blue bird. Use a password manager application like 1 password or LastPass. Worth Every Penny The easiest & fastest way to recover from getting hacked is to restore from a clean backup. You should be backing up your files and database every night BACKUP ALL THE THINGS and keeping copies off site. That may not always be feasible but for all that is right in the world if you value your work you should back it up. Thank the Core Team Is WordPress Secure? Absolutely. Then why do WordPress sites gets hacked? Proportion of sites + Legacy Hosts + Vulnerable 3rd party code Press that Update Button Plugins & themes are contributed by the public, some are not coded to best pracțices and many are efførts of beginningtnovice developers. The Zone of Despair Number of sites running WordPress is huge in proportion to sites running similar applications. Therefore it gives the false appearance of greater vulnerability. Legacy hosting companies are slow to adapt to the increasing severity of attacks leaving their customers and systems vulnerable regardless of what application powers the website. Shop Around WordPress itself has not had a major security issue in many years. Pagely is Secure WordPress Hosting Some data provided by page.ly SUCUTI Think of it like The Ritz Carlton meets Malware detection, alerting, and cleanup Fort Knox. We secure and Manage for all manner of websites. WordPress for thousands of customers and big brands you know and trust. Resources Designed & Published by Page.ly https://page.ly December 2012 http://sucuri.net cc SOME RIGHTS RESERVED http://firehost.com http://wordpress.com/stats http://glyphicons.com

WordPress Security

shared by strebel on Dec 10
507 views
3 shares
0 comments
Common malware attacks aimed at WordPress and the attack vectors used to exploit WordPress.

Category

Computers
Did you work on this visual? Claim credit!

Get a Quote

Embed Code

For hosted site:

Click the code to copy

For wordpress.com:

Click the code to copy
Customize size