Ekubeni okokuqala kwaziswa kwiminyaka engaphezu kwamashumi amabini edlulileyo, i-WordPress ikhulile (kwaye ikhulile) ngoku ngoku kuthiwa ikhutshwe njenge – δημοφιλές σύστημα διαχείρισης συστημάτων στον κόσμο. Namhlanje, ngaphezu kwekota iiwebhusayithi ezikhoyo ziqhutywa kwi-WordPress.


Kodwa ukususela ngexesha elidlulileyo, σε eyaziwayo kakhulu kukuba, abantu baninzi bafuna ukunyusa kwiindlela ezingenanto. Jonga nje kwi-Microsoft Windows kunye inani elikhulu le-malware, ii-virus nezinye izinto yenzelwe ukujolisa nje kule nkqubo eyodwa yokusebenza.

Iingxelo ze-10 WordPress ezininzi ezixhatshazwayo (umthombo). Uphando kwi-2017 ichonge iinguqu ze-74 ezahlukileyo ze-WordPress kwiwebhusayithi ye-Alexa Κορυφή 1 yezigidi; I-11 yale miqulu ayivumelekanga – umzekelo 6.6.6 (umthombo).

Kutheni i-blog yakho ye-WordPress ibaluleke kakhulu?

Ukuba ucinga ukuba kutheni emhlabeni unomdaka ungathanda ukulawula iblogi yakho ye-WordPress, kukho izizathu ezininzi ezibandakanya;

  • Ukusebenzisa ukuthumela ngasese i-imeyli yogaxekile
  • Bamba idatha yakho njengoluhlu lweposi okanye ulwazi lwekhadi lesikweletu
  • Ukongeza indawo yakho kwi-botnet ukuba bangayisebenzisa kamva

Ngethamsanqa, i-WordPress yinqanaba elinikeza ininzi ithuba lokuzikhusela. Xa ndikuncede ukusetha nokuphatha iiwebhusayithi eziliqela kunye namabhulogi ngokwam, ndingathanda ukwabelana nawe ezinye zezinto ezisisiseko ongayenza ukuze uncede ukukhusela isayithi lakho le-WordPress.

Ναζί izicwangciso ze-10 zokhuseleko ongazenzayo.

Khusela iphepha lakho lokungena le-WordPress

Ukukhusela iphepha lakho lokungena alikwazi ukufezwa yiphina inye in ethile, kodwa ngokuqinisekileyo kukho amanyathelo kwaye iifowuni zokhuseleko unokuthatha ukuze wenze naluphi na ukuhlaselwa okuncinci ukuphumelela.

Iphepha lakho lokungena lewebhusayithi ngokuqinisekileyo lelinye lamaphepha asengozini kakhulu kwiwebhusayithi yakho, ngoko ke masiqalise ukwenza iphepha لاکھo lokungena le-WordPress libe likhuselekile kancinane.

1. Khetha igama lomsebenzisi elilungileyo

Sebenzisa amagama abasebenzisi angaqhelekanga. Ngaphambili ngeWordPress, bekufuneka uqale usebenzise igama lomsebenzisi elisisiseko, kodwa oko akusekho njalo. Okwangoku, uninzi lwabameli abatsha bewebhu basebenzisa igama lomsebenzisi elingagqibekanga kwaye kufuneka bathintshe igama labo lomsebenzisi. Ungasebenzisa Ulawulo lweRamamer lwandisiwe ukutshintsha igama lomsebenzisi lomlawuli.

Ukunyanzeliswa kwamaphepha okungena kungenye yeendlela eziqhelekileyo zokuhlaselwa kwewebhu iwebhusayithi yakho inokuthi ijongane nayo. Ukuba unokwazi ukuqagela igama eligithisiweyo okanye igama lomsebenzisi, iwebhusayithi yakho ngokuqinisekileyo ayizukuba kukujolisa kuphela kodwa ekugqibeleni ibe lixhoba. Ukusuka kumava, uninzi lweendawo zokuzama ukukhangela izame ukungena kunye nokhetho oluphambili lwamagama abasebenzisi. Ezi zibini zokuqala zihlala ‘zilawulwa’ okanye ‘ngumlawuli’, ngelixa eyesithathu ihlala isekwe kwigama lakho lesizinda.

Ngokomzekelo, ukuba isayithi lakho liyi-crazymonkey33.com, umnqwenga angazama ukungena ngemvume nge «crazymonkey33».

Ayikho imbono efanelekileyo.

2. Qiniseka ukuba usebenzisa iphasiwedi eqinileyo

Ngoku ungacinga ukuba abantu baya kukwazi ukusebenzisa iiphasiwedi ezinamandla, ezinzima ukukhusela i-akhawunti yabo, kodwa kukho abaninzi abanokucinga ukuba «iphasiwedi» enkulu.

Idatha yeSplash uluhlu lwee- amaphasiwedi asetyenziswa rhoqo ngo-2018. Iphasiwedi ngokwezikhundla ngokwendlela yokusebenzisa.

  1. 123456
  2. inombolo yokuvula
  3. 123456789
  4. 12345678
  5. 12345
  6. 111111
  7. 1234567
  8. ilanga
  9. qwerty
  10. ndiyakuthanda

Ukuba usebenzisa enye yeephasiwedi kunye newebhusayithi yakho yamkela nayiphi na i-traffic, i-website yakho iya kufutshwa ngokukhawuleza kamva okanye kamva.

Iphasiwedi eqinileyo iya kubandakanya umxube εμείς:

  • Abalinganiswa abaphezulu nabangaphantsi
  • Yiba yi-alphanumeric (AZ kunye no-az)
  • Faka inqaku elikhethekileyo (!, @, #, $, Njl)
  • Ubuncinane ubuncinane be8

Okungaphaya kwegama lakho lephasiwedi, likhuseleke ngakumbi. Zama eli jenerethi yegama le-password xa unenkathazo ephakamileyo. https://passwordsgenerator.net/

3. Sebenzisa i-reCaptcha

I-Wall bots ukusuka kwi-blog yakho yeWP.

I-RecCaptcha yenzelwe ukuyeka izixhobo zokusebenza ngokusebenza kwisayithi. Προβατίνα, kunikezelwa ubunzima bokusetyenziswa kwezixhobo namhlanje, ezi zinokugqithiswa ngokulula, kodwa ubuncinci kukho olo lukhuseleko olongezelelweyo.

Nazi inani leeplagiza zeReCaptcha ongayisebenzisa kunye nokufakela kwakho okuya kusebenza kakhulu ehokisini.

4. Sebenzisa isiQinisekiso sezinto ezimbini (2FA)

I-2FA yindlela yokuqinisekiswa efuna ukuqinisekiswa kokungena kwakho. Umzekelo, xa ungene ngemvume ngegama lakho lomsebenzisi kunye nephasiwedi, inkqubo ingathumela i-SMS kwifowuni yakho yeselula okanye i-imeyili ngekhowudi ofuna ukuyifaka ukuqinisekisa ubungqina bakho.

Le ndlela yokuqinisekiswa inikezela ukukhuselwa kakuhle kwaye isetyenziselwa iibhanki ezininzi kunye namaziko emali namhlanje. Kwakhona, le mfuno inokudibana lula kunye I-plugin ye-2FA.

Bona indlela miniOrange (i-plugin ye-2FA) isebenza nge-WordPress yokungena kwividiyo elandelayo.

Τ

5. Qamba igama kwakhona nge-URL yokungena

Uninzi lwabaduni luya kuzama ukungena ngephepha lokungena legama elingenagama, elihlala liyinto efana

isampula.com/wp-admin.

Ukongeza olunye ugcino lokukhusela, utshintshe i-URL yekhasi lokungena ngokukhawuleza kwaye ungenakusebenza ngaphandle kwesixhobo esinjenge I-WPS Fihla ukungena.

6. Umda inani leenzame zokungena

Le yindlela enye elula ngokulula ukuyeka ukuhlaselwa ngamandla kwiphepha لاکھo lokungena kwiindawo zazo. Uhlaselo olunamandla olushushu lusebenza ngokuzama ukufumana igama lakho lomsebenzisi kunye nephasiwedi ngokufanelekileyo ngokuzama ukudibanisa ezininzi ngokuphindaphindiweyo.

Ukuba i-IP ethile eyenza ukuhlaselwa kulandelwa, ngoko unokubamba ukukhwabanisa ngokuphindaphindiweyo ukuzama ukuzama ukugcina indawo yakho ikhuselekile. Yingakho ukuhlaselwa kwe-DDOS yelizwe jikelele kwenzeka ngee-adresi ezininzi ze-IP kunye nemvelaphi eyahlukileyo yokuhlaselwa, ukuphonsa iinkonzo zokubamba kunye nekhuseleko lwewebhu kwi-guard.

Είσοδος LockDown kwaye Λύση Ασφάλεια Λύση Zombini zinikezela ngezisombululo ezinkulu zokukhusela iphepha lakho lokungena kwiwebhusayithi. Balandela iidilesi ze-IP kwaye banciphisa inani lokuzama ukungena ukukhusela iwebhusayithi yakho.

Harden Indawo ukhuseleko Wall

Sithethe ngeendlela ezahlukeneyo zokukhusela iphepha لاکھo lokungena kwi-WordPress – lawo manyathelo akhankanywe apha ngasentla ziziseko ongayenza. Kuya kufuneka wazi ukuba ezinye ii-web host ziyakuyalela ezinye zezi ndlela zokhuseleko kubasebenzisi bazo. Kukho inani lezinye izinto zokhuseleko onokuzisebenzisa kwiisayithi zakho.

7. Khusela i-κατάλογος yakho ye-wp-admin

Yongeza uluhlu olongezelelweyo lwenqophiso kwirejista yakho yempi.

Ulawulo lwe-wp-admin yintliziyo ye-WordPress yokufakela. Njengekhuselo olongezelelweyo, igama lephasiwedi likhusele le khowudi.

Ukwenza njalo, uzakufuneka ungene ngemvume kwipaneli yokulawula i-akhawunti yakho. Ingaba usebenzisa cPanel ή Plesk, ukhetho o lukhangelayo «Iphasiwedi-khusela izalathisi»

Ngenye indlela, unokukhusela i-password kwisikhangeli ngokuthi uthinte iifayile zakho .htaccess kunye .htpasswds. Iinkcukacha zenyathelo-nyathelo kunye nesikhokelo sekhowudi ziyafumaneka simahla kwa IDynamic Drive.

Qaphela ukuba iphasiwedi-ukukhusela isikhombisi sakho se-wp yaphula uluntu i-AJAX ye-WordPress -Uya kudinga ukuvumela iimvume zokulawula iAjax nge .htaccess ukuphepha naziphi na iimpazamo zesiza.

8. Sebenzisa i-SSL ukubethela idatha

Uxhumano lweHTTP εναντίον HTTPS (Umthombo: Sucuri)

Ngaphandle kwesiza ngokwaso, uya kufuna ukugcina uxhulumaniso phakathi kwakho kunye nomncedisi kwaye yilapho i-SSL ingena khona ukubethela ukuxhumana kwakho. Ngokuqhagamshelana nge-encrypted, abahlaseli abayi kukwazi ukunciphisa idatha (njengephasiwedi yakho) xa uxhulumana nomncedisi wakho.

Ngaphandle kwalokhu, kusemgangathweni ukuphumeza i-SSL ngoku ekubeni iinjongo zokukhangela ziyaqhubeka ziphosa amasayithi abawajonga ngokuthi «aphephile».

Kubablogi bodwa kunye namashishini amancinci, i-SSL yasimahla, ekwabelwana ngayo – onokuyifumana rhoqo kumboneleli wakho wokubamba, Masibhale, okanye Cloudflare -Ihlala ingaphezulu kokulunga ngokwaneleyo Kumashishini aqhuba intlawulo yabathengi-kungcono kakhulu kuwe ukuthenga isitifiketi se SSL ukusuka kumphathi wakho wewebhu okanye igunya lesitifiketi (CA ).

Funda kabanzi nge-SSL ngokubanzi Umkhokelo we-AZ kwi-SSL.

9. Δίκτυο διανομής Sebenzisa iNetwork (CDN)

Ngelixa oku akunakuyigcina indawo yakho ekutshixeni kunceda ekulweni nasekuhlaselweni kakubi. Abanye abaphethi banenjongo yokuhlisa iiwebhusayithi, bazenze bangakwazi ukufikelela kuluntu. I-CDN iya kunceda ukutsala ngokuvuthelwa kwe- Ukuhanjiswa okuchaseneyo kweNkonzo uhlaselo kwindawo yakho.

Ngaphandle kwaloo nto, inceda kwakhona ukukhawulezisa isayithi yakho encinci ngokukhupha umxholo othile. Ukuphanda olu khetho, jonga kwi-CloudFlare njengomzekelo. I-CloudFlare inikezela ngeenkonzo ze-CDN kumanqanaba amanqanaba ahlukeneyo, ngoko unokukwazi ukusebenzisa izixhobo ezisisiseko mahhala. https://www.cloudflare.com

10. Qinisekisa ukuba YONKE isoftware yakho ihlaziyiwe

Kungakhathaliseki ukuba isofthiwe esilungileyo okanye esabizi kangakanani, kuya kuba soloko kubakho ubuthathaka obutsha obufumaneka kuzo ezingabashiya zivulekele ukuzisebenzisa. I-WordPress ayikho nto kwaye iqela lihlala likhulula iinguqulelo ezintsha kunye nokulungiswa.

Χάκερς phantse bafune ukusizakala ngobuthakathaka kunye nokuxhaphazwa okuyaziwayo okushiywe kungafihliwe kumane kucele inkathazo. Oku kuhamba ngokuphindwe kabini kwiiplagi ezivame ukudala ngamakhampani amancinci anezixhobo ezincinci.

Πρόσθετα πρόσθετα Ukuba usebenzisa ii, qinisekisa ukuba uhlaziyo lukhutshwa rhoqo, okanye uqwalasele ukufumana iiplagi.

Xa uthethile oku, andikucebisi ukuba usebenzise I-WordPress ngokuzenzekelayo kunye nezibuyekezo zePlagin, ngakumbi xa usebenzisa indawo ephilayo. Ezinye izibuyekezo zingabangela iingxaki, ingaba ngaphakathi okanye ngokubambisana nezinye iiplagi kunye nezicwangciso.

Ngokufanelekileyo, yenza indawo yokuvavanya ebeka izibuko kwindawo yakho ephilayo kwaye uvavanye ukuhlaziywa apho. Xa uqinisekile ukuba yonke in isebenza kakuhle ngoko ungasebenzisa ukuhlaziywa kwisayithi ephilayo.

Iipaneli zokulawula ezifana nePlesk ikunika ukhetho lokudala ikhamera yesiza kule njongo.

11. Backup, backup kunye backup!

Kungakhathaliseki ukuba yimaphi amanyathelo okukhusela okanye ukuba uqaphele kangakanani, izingozi zenzeka. Zisindise kwi-heartbreak ephazamisayo kunye neeyure eziyi-iiyure zomsebenzi ngokuqinisekisa nje ukuba unesistim zokuncedisa ezaneleyo.

Ngokuqhelekileyo umncedisi wakho wewebhu uza kuza kunye nezinye izinto ezisisiseko zokugcina, kodwa ukuba ungeyonto efana nam, qho qinisekisa ukuba wenza iifayile zakho ezizimeleyo. Ukuxhaswa akulula nje nje ukukopisha ezinye iifayile, kodwa qwalasela ingcaciso kwi-βάση δεδομένων yakho.

Khangela isisombululo sokukhusela esilungileyo kwaye savunywa. Nokuba utyalo-mali oluncinci lufanelekile ukuba ulondoloze ngezinyembezi kwimeko yengxamiseko. Into efana BackupBuddy Unokukunceda ukugcina yonke στο equka isiseko sakho kwiziko elilodwa.

12. Indawo yakho yewebhu ibamba!

Nangona ngokuqhelekileyo, iinkampani zokubamba iwebhu zinikezela indawo yokusingatha indawo yethu, iixesha zitshintshile. Ababoneleli be-Web hosting, ekuqapheliseni isidingo esiphuthumayo sokwandisa ukhuseleko, baye baqhubela phambili, baninzi banika iinkonzo ezongezelelweyo zenkxaso-mali ukuze bazalise i-web hosting yabo.

Thatha umzekelo HostGator, elinye lamagama asekelwe ngakumbi kumdlalo. Ngaphandle kwezixhobo ezisemgangathweni ze-Cloudflare, i-HostGator (ngentengo ye- $ 10 + / mo) iphinda ifike ngoKhuselo lwe-Spam yamahhala, ukuKhutshwa kweMalware ngokuzenzekelayo, i-Backups.

Umphathi we-WordPress ophetheyo, Kinsta, yakha izixhobo zomlilo kunye nokubeka esweni iiseva zazo ze-malware kunye nokuhlaselwa kwe-DDoS ngenkqubo eyakhelwe isiko.

Ukuba le nto yinto engakaze iyenze kuwe, ndiyakhuthaza ukuba ukhangele ukuba yeyiphi impawu zokukhusela ummkeli wakho onika kwaye uyilinganise kunye nezinto ezikhoyo ngoku.

Uluhlu olubanzi unokujonga Ukuqulunqwa kwe-WHSR yeyona ndawo ingcono yewebhusayithi apha.

Ngoku kuthweni?

Ngaphambi kokuba ubalekele zasendle uze uqale ukukhangela i-intanethi ngokukrakra ukukhangela izigidi kunye nesisombululo esisodwa sokukhusela – uthathe umoya okhulu. Njengoko kunye nantoni na enye, umntu uza kukuncedisa ukwethuka kwaye ufune isisombululo.

Nangona uphumelela izicwangciso ezininzi zokukhusela njengoko unokuzifumana, ngaba wena qiniseka ukhuselekile?

Nanku apho σε efana nayo LweNanja Security kungena, okukunceda uhlole indawo yakho ngenxa yobuthathaka.

I-demo ekhawulezayo: Indlela ye-Security Ninja isebenza ngayo.

Kukho izizathu ezimbalwa eziphosakeleyo zokusebenzisa in efana ne-Security Ninja kodwa ndivumele ukuba ithuluzi endikucebisa ukuba lisetyenziswe kwizigaba ezininzi ekuhambeni kwakho ukugcina indawo yakho.

Okokuqala, yigijime kwiwebhusayithi yakho «njengokuba» – ngaphambi kokwenza nayiphi iinguqulelo. Vumela i-plugin ipake kwaye iqhube isayithi lakho ngaphambi kokuba ikunike iziphumo.

Emva koko kusekelwe kwezo ziphumo, sebenzela ukufumana indawo yakho. Ukhuseleko lwe-Ninja lwenza ngaphezulu kweemvavanyo ze-50 ukuhlola ubungqina bakho. Nangona emva kokuba wenze utshintsho lwakho, ligijime kwakhona (kunye naliphi ixesha kukho utshintsho lwesayithi okanye i-plugin ενημερώσεις) ukuvavanya indawo yakho.

Ukuba le nto ithetha njengomsebenzi omncinci kakhulu kuwe, i-Security Ninja iphinda ifikelele iimodyuli ezongeziweyo (pro version, indawo enye ye-29) enokukunceda ukulungisa iingxaki ezifumanekayo.

Ezinye izinto eziphambili kule modyuli ziquka:

  • Ukukhangela iifayile eziphambili zeWP ukufumana iifayile ezinengxaki
  • Buyisela iifayile eziguqulwe ngokukodwa
  • Hlaziya i-WP yokuhlaziya ngokuzenzekelayo
  • Ukunqanda i-IP ye-IPM emibi eyi-juta eqokelelwa kwizigidi zeendawo ezihlaselwe
  • Bhala uluhlu lwemihla-mveliso, akukho mfuneko yokwenza nayiphi na isondlo okanye umsebenzi wesikhokelo
  • Khusela ifowuni yokungena kwi-brute-force επίθεση

Τελικός Iingcinga

Nangona zonke ezi zinto zingabonakala zigqithiseleyo kumsebenzisi oqhelekileyo we-WordPress, ndiqinisekisa ukuba yonke σε (kunye nokunye) iyimfuneko. Ukungaziboni iinkcukacha ze-hack emhlabeni wonke kwaye ungenzi ixesha elithile, ndivumele ukwabelana nawe ngolwazi oluthile kwiziko ezininzi ezifihlakeleyo ndinceda ukulawula.

Ekuqaleni kwaqala njengendawo elula ye-βιογραφία, ndadala www.timothyshim.com. Kucacile ukuba, yinto nje endinokumisela kwaye ininzi yexesha ihamba yodwa, nje ngeyona nkcazelo. Ngexesha elide leenyanga, kwesi siza ayenzi nto kwaye ayiqokeleli idatha, ubhekane nokuhlaselwa kwe-30 – inhlanganisela yamandla enqabileyo kunye neyinkimbinkimbi.

Konke okufunekayo kukuba enye iphumelele kwaye ndiza kuba nayo ngempela Usuku olubi.

Jeffrey Wilson Administrator
Sorry! The Author has not filled his profile.
follow me