Breaking WordPress

Post on 13-Sep-2014

738 views 0 download

Preview:

Click to see full reader

Tags:

Report this document
SHARE

description

A Brief overview of WordPress and common security issues. Talks about hosting, commen WordPress infection types and features resources to help keep WordPress secure.

Transcript of Breaking WordPress

Breaking WordPress

#WHOISDAVIDYARDE

•AKA Batman

•Co-founder @ Sevenality

•Twitter: @dsmy

The Web is HUGE!!!There are over 1.8 Billion active websites on the

web.

• 43% of the top 1 million websites are hosted in USA itself.

• 48% of the top 100 blogs/websites run on WordPress.

• 672 Exabytes - 672,000,000,000 Gigabytes (GB) of accessible data.

Today’s Challenges

•Administration

•Credentials

•End-users aka wildcards

•Education

•Core

•Themes*

•Plugins*

•End-users*

Today’s Problem*

Implications of a Hacked Site

•SEO rankings wrecked

•Loss of customer trust

•Visitors exposed to malware

•Hours of time wasted assessing & repairing damage

•Loss of sales/money

Types of Attacks

OpportunisticOpportunistic TargetedTargeted

•Web Trolls•Ability for mass exposure•Timthumb

•Big Enterprises•Wordpress.com•Woothemes•Usually worth the time and

energy invested to compromise•Done for bigger returns

Top 5 WordPress Infections•Backdoors

•Difficult to detect via http

•Good time to start crying

•Pharma Attacks

•Owners usually detect

•Now shamefully selling viagra or some other drug

• Injections

•Think fake Anti-virus downloads

•Defacements

•You’re now supporting a rebel army

•Malicious Redirects

Know Your Environment

•What kind of security does your host use?

•What will they do if your site gets hacked?

•Will they fix it?

•Will they shut it down?

If server management isn’t your thing, use a managed solution.

• WP Engine - http://wpengine.com/

• Flywheel - http://getflywheel.com/

• MediaTemple - http://mediatemple.net/

• GoDaddy - http://www.godaddy.com/

Managed WP Hosting Providers

http://wpengine.com/
http://wpengine.com/
http://getflywheel.com/
http://mediatemple.net/
http://www.godaddy.com/

HELP!! Everything is broken and I’ve been blacklisted!!!

•Don’t panic.

•Detect

•Remove

•Protect

•Submit

Recommended Resources• WP Security Checklist - http://wpsecuritychecklist.com

• Clef - https://getclef.com

• iThemes Security(Better WP Security) - http://ithemes.com/security

• WP Security Lock - http://wpsecuritylock.com

• VaultPress - https://vaultpress.com

• ManageWP - https://managewp.com

http://wpsecuritychecklist.com/
https://getclef.com/
http://ithemes.com/security/
http://wpsecuritylock.com/
https://vaultpress.com/
https://managewp.com/

“An ounce of prevention is worth a pound of cure.”- Benjamin Franklin

Thank You

•David Yarde

•Co-founder @ Sevenality

•Twitter: @dsmy

•Email: david@sevenality.com

Top related

Intellectual Property Rights in the EU – File, Protect, or ...ibnewsmag.com/wordpress/.../05/IBNewsmag-Apr-2014.pdf · latest international BREAKING NEWS – current news items
 Documents
BREAKING NEWS!!!! BREAKING NEWS!!!! BREAKING NEWS!!!!
 Documents
WordPress Website Basics - Domains, Hosting & Why WordPress
 Design
WordPress – Un site utilisant WordPress
 Documents
Empirical Breaking Strengths of Single Prusiks of …itrsonline.org/wordpress/wp-content/uploads/2015/02/004...Empirical Breaking Strengths of Single Prusiks of Four Diameters on 11
 Documents
How Breaking is "Breaking News"?
 News & Politics
WordPress Plugin Development - | Commercial Excavating › ... › 02 › wordpress-plugin-develop… · Chapter 1 teaches the advantages of WordPress development, and what WordPress
 Documents
I TH ADI LANDFILL MINING PROJECT IN DENTON ... - WordPress… · ments. Breaking down organic material in the grinder and shredder will accelerate decomposition and speed up methane
 Documents
Breaking Bad News Regional Guidelines · PDF filebreaking bad news breaking bad new breaking bad newsbreaking bad news breaking bad news bad news breaking bad new ccoonntteennttss
 Documents
GuruBesar.my - My WordPress BlogGuruBesar.my - My WordPress Blog
 Documents
Vancouver WordPress Meetup - WordPress 101
 Technology
Breaking the Bank - APNIC• Compromised PHP, WordPress, & Joomla servers! • Multiple concurrent attack vectors! ... • Less chance that administrators will notice performance issue
 Documents
WordPress Website Development by Wordpress Experts
 Design
Xampp wordpress install wordpress locally on windows
 Documents
CDC Models: Breaking up or breaking down?
 Documents
SEO & WordPress - goodness.fr©sentation... · SEO et WordPress What is SEO ? WordPress, un bon outil SEO ? Comment optimiser Exemple d'optimisation avec WordPress et WordPress SEO
 Documents
Wordpress eCommerce with Woocommerce - Meetupfiles.meetup.com/1564158/Wordpress Meetup eCommerce Presentat… · WordPress eCommerce with WooCommerce 2 WordPress Westchester Meetup
 Documents
WordPress Custom Fields: Control your content presentation by breaking out of the_content box
 Technology
Breaking news without breaking the infrastructure
 Technology
Breaking Ground by Breaking Bread: A Conciliatory ...
 Documents

Copyright © 2022 FDOCUMENTS