WordPress: 10 txoj kev coj ua zoo hauv qhov kev nyab xeeb rau cov vev xaib

WordPress: 10 txoj haujlwm zoo tshaj plaws hauv kev ruaj ntseg

WordPress: 10 txoj haujlwm zoo tshaj plaws hauv kev ruaj ntseg

WordPress (WP) yog lub npe hu ua cov nyiam CMS tshaj plaws, ntawm ntau ntau yam, tau tsim qauv nrog kev hais txog kev nkag mus cuag tau, kev ua tau zoo, thiab kev siv yooj yim, nyob hauv kev tsim kho txuas ntxiv (tam sim no version 5.2), muaj cov zej zog loj ntawm cov neeg siv ntau hom lus thiab muaj lub peev xwm loj dhau los ntawm kev siv tus kheej lossis tus thib peb cov ntsiab lus thiab ntxiv-ntxiv.

Kuj tseem ceeb heev, tab sis rau qhov ntawd, ib yam li hauv txhua cov ntawv thov lossis cov txheej txheem, txoj kev coj ua zoo yuav tsum ua raws kom ua tiav qhov kev ruaj ntseg mus ntev. Thiab hauv cov ntawv tshaj tawm no peb xav muab qee cov lus qhia yooj yim hauv qhov no.

kev taw qhia

WP yog cov CMS uas nrov tshaj plaws rau lub vev xaib, nws tseem feem ntau ua lub phiaj xwm cuam tshuam ntawm lub computer tawm tsam, yog li sib nrug los ntawm nws cov hloov kho tas li, yuav tsum muaj kev saib xyuas ntau, hloov kho, thiab cov txheej txheem kev nyab xeeb rau yog li zam qhov tsis muaj zog vim muaj kev tiv thaiv qhov tsis zoo nyob hauv cov kev sib ntxiv, cov lus tsis muaj zog, cov software ua tsis tiav, thiab ntau lwm yam, uas yog, ua tiav zoo heev txo koj qhov tsis zoo ntawm ib qho npaj lossis nres tsis tuaj.

Ntxiv rau, WP zoo li lwm yam Kev Tswj Xyuas Cov Lus Qhia (CMS) tso cai rau koj los tsim lub vev xaib sai thiab zoo thiab tom qab ntawd muab tso rau online. Nws lub peev xwm ntau rau kev ua haujlwm thiab kev loj hlob, ntawm cov qauv, cov ntsiab lus sib txuas, ua rau nws yooj yim dua puas tau ua tiav txoj haujlwm no tab sis tsis tas yuav muaj kev kawm ntev xyoo uas feem ntau xav tau rau qhov no.

Txawm li cas los, sab sib xeem tsis muaj dab tsi qab ntxiag uas tuaj yeem tshwm sim los ntawm qhov no, nws yuav yog tias qee tus thawj coj ntawm cov cuab yeej tau hais, feem ntau kev hla dhau, qhov kev ntsuas tsim nyog los xyuas kom lub vev xaib tsim los tswj hwm yog nyob nyab xeebCov. Vim li no, nws tseem ceeb kom nco ntsoov qee yam kev ntsuas dav dav thiab kev coj ua (kev coj ua zoo), hais txog WP lossis lwm qhov CMS thiab lub vev xaib kom nws nyob nyab xeeb.

Cov kev coj ua zoo

1.- Ua kom koj qhov kev ruaj ntseg dav dav

WP muaj tseeb yooj yim tshaj 30% ntawm lub hauv paus ntawm cov vev xaib nquag ntseeg hauv Is Taws Nem niaj hnub no, uas ua rau nws yog lub hom phiaj nyiam rau cov neeg siv thiab / lossis cov neeg tawm tsam (hackers / crackers) nrog kev xav zoo lossis tsis zoo. Yog li ntawd, tus neeg tau paub thiab twb tau ua tiav qhov muaj txiaj ntsig ntawm qhov chaw zoo nrog WP yuav raug sim rau lwm qhov chaw zoo sib xws nrog WP.

WordPress: 1st Kev Ua Zoo

Yog li yog tias koj tswj hwm thiab / lossis siv ib lossis ntau lub vev xaib nrog WP paub tseeb tias koj yuav ua tib zoo saib xyuas, txhij txhua thiab paub txog lawv kev ruaj ntseg online. Nco ntsoov tias feem ntau ntawm kev tiv thaiv kev nyab xeeb tshawb xyuas thiab tshaj tawm hauv cov vev xaib nrog WP muaj tsawg lossis tsis muaj dab tsi ua rau tus tub ntxhais ntawm daim ntawv thov nws tus kheej, tab sis ua ntau yam rau txhua yam ntsig txog nws kev siv, kev teeb tsa thiab kev saib xyuas dav dav, nqa tawm tsis raug los ntawm tus tsim lossis cov thawj coj. '

WordPress: Thib 2 Zoo Tshaj

2.- Paub koj cov kev tsis zoo ntawm koj

WordPress muaj txog 4.000 paub txog kev nyab xeeb ntawm kev ruaj ntseg, muab faib raws li hauv qab no: WP Core (37%), Plugins (52%) thiab Cov Ntsiab Lus (11%), raws li daim ntawv tshaj tawm tsis ntev los no ntawm WPScans lub vev xaib, uas tam sim no hu ua WPSec (txij li 01-05-2019). Tshawb nrhiav qhov kev nyab xeeb muaj teeb meem tiv thaiv koj lub vev xaib thiab nrhiav kev daws teeb meem los daws cov teeb meem no. Zam kev khiav tsis raug teeb meem ntawm WP Core, lossis nws cov plugins thiab cov ntsiab lus.

Tsom rau cov ncauj lus ruaj ntseg hauv qab no ntawm koj lub WP lossis lub vev xaib, uas yog Qhov sib txawv ntawm Tawm tsam los ntawm:

  • Lub zog quab yuam: Rov cog kev ruaj ntseg ntawm koj tus ID nkag mus.
  • Cov ntaub ntawv nrog: Ua kom muaj kev ruaj ntseg ntawm koj cov ntaub ntawv wp-config.php configuration.
  • SQL txhaj tshuaj: Ua kom muaj kev ruaj ntseg ntawm koj MySQL cov ntaub ntawv txuam nrog WP.
  • Hla Chaw Scripting: Ua kom muaj kev ruaj ntseg ntawm kev siv WP plugins.
  • Cov kab mob Malware: Rov ua kom muaj kev ruaj ntseg dav dav ntawm koj lub vev xaib kom tiv thaiv tsis tau kev tso cai, nkag mus ntawm cov malware thiab tom ntej no sau cov ntaub ntawv tsis pub lwm tus paub los ntawm cov lej phem. Qhov Malware lossis nquag tawm tsam feem ntau yog yam: Backdoor, Spam SEO, HackTool, Tus xa ntawv, Kev saib tsis taus thiab Phishing. Saib xyuas tiv thaiv koj lub xaib tiv thaiv txhua hom malware lossis kev tawm tsam.

Nco ntsoov tias ib zaug twg lub vev xaib tau txais kev pom zoo, nws txoj qeb duas SEO yuav raug kev txom nyem. Vim tias cov neeg tshawb xyuas tshawb nrhiav tau sai li lub vev xaib nyuaj siab kom cov browser yuav muab cov qhua ceeb toom ceeb toom lossis thaiv tag nrho cov peev xwm hauv cov chaw ntawd.

WordPress: Thib 3 Zoo Tshaj Tawm

3.- Paub cov txheej txheem ntawm koj tus kws muab khoom

Yog tias koj lub vev xaib siv sab nraud hosting, uas yog, ntiav lwm tus ntawm koj cov phiaj xwm, tsis txhob skimp ntawm cov nqi kom ntseeg tau tias qhov kev pabcuam zoo los ntawm koj lub koom haum hosting. Tshwj xeeb tshaj yog tias nws tuav nws lub xaib nyob rau hauv "sib koom hosting" txheej txheem.

Txij li thaum kev ua tsis tau zoo 'sib koom hosting' tuaj yeem ua rau koj lub xaib muaj kev kub ntxhov ntau thaum ib qho ntawm ntau lub vev xaib khaws cia nyob hauv tib lub server. Ntawd yog, yog tias lub vev xaib raug nyiag ntawm lub server nrog "sib koom hosting", cov neeg tawm tsam tseem tuaj yeem tau nkag mus rau lwm lub vev xaib thiab lawv cov ntaub ntawv.

WordPress: Thib 4 Zoo Tshaj Tawm

4.- Paub eweb kev specifications los ntawm koj tus muab kev pabcuam

Thaum nws los txog rau kev ntsuam xyuas lub koom haum saib xyuas, nws cov txheej txheem tsis yog txhua yam. Cov tswv yim web specifications siv los ntawm koj lub tuam txhab hosting kom ua tiav kev nyab xeeb zoo ntawm cov vev xaib hosted kuj tseem ceeb. Nco ntsoov tias nws ua raws li cov lus qhia tiv thaiv kev nyab xeeb zoo tshaj plaws rau hosting koj lub vev xaib:

  • Yooj yim installation ntawm SSL daim ntawv pov
  • Kev tswj hwm ntawm lub web server software versions.
  • Phab ntsa tiv thaiv
  • Ntaub ntawv ntawm kev nkag mus rau lub vev xaib
  • Cov kev ntsuam xyuas kev nyab xeeb txhua lub sijhawm
  • Rov ua haujlwm nrhiav haujlwm tsis zoo
  • Txhawb nqa SFTP (tsis yog FTP), TLS 1.2 thiab 1.3, thiab rau PHP 5.6, qhov tsawg kawg, txawm hais tias 7.0 onwards raug pom zoo.

Txhua yam no yog qhov tsim nyog, tsawg kawg, txhawm rau txhawm rau muaj kev ruaj ntseg ntawm koj lub vev xaib nrog lossis tsis muaj WP ua CMS siv.

WordPress - Cov Ntsiab Lus thiab Plugins: Plugins

5.- Ua zoo dev tom ntawm cov ntsiab lus thiab siv tau

Cov plugins thiab cov ntsiab lus tau muab teeb meem ntau heev ntawm kev ruaj ntseg qib. Tsom mus siv tsuas yog raug cai WP lossis Zej Zog muaj ntawv lees paub thiab plugins, los ntawm cov chaw muag khoom lag luam zoo, lossis ncaj qha los ntawm cov neeg tsim khoom lag luam zoo. Txij li ntau ntawm lawv (tsis muaj ntawv pov thawj) tuaj yeem muaj cov lej siab phem.

Nws tsis muaj teeb meem npaum li cas koj tiv thaiv koj lub vev xaib los ntawm WP yog tias koj txhim kho cov malware. Ua koj cov kev tshawb fawb ua ntej rub tawm thiab txhim kho cov ntsiab lus thiab plugins, lossis lawv cov tsim tawm lossis tsim lub vev xaib, thiab muaj koj cov chaw tshwj tseg nrog dawb lossis luv nqi.

WordPress: Thib 5 Zoo Tshaj Tawm

6.- Sim hloov kho koj CMS nquag hloov kho

Kev hloov kho tshiab rau koj lub vev xaib tseem ceeb heev rau koj qhov kev nyab xeeb. Txawm yog WP koj CMS lossis tsis yog, cov khoos phis tawm dhau los ntawm koj tus Qauv, Lub Ntsiab, lossis plugins tuaj yeem coj koj mus rau qhov chaw nkaum muaj qhov tsis paub txog ntawm koj lub vev xaib. Hais txog WP, uas yog qhov chaw qhib, muaj ib pab neeg tshwj xeeb tau saib xyuas txog qhov teeb meem no hauv Core ntawm daim ntawv thov.

Txhua qhov tsis muaj peev xwm tiv thaiv tau pom hauv WP raug kho thiab rhuav tshem tam sim ntawd txhawm rau daws txhua qhov teeb meem kev ruaj ntseg tshiab pom hauv WP. Vim tias qhov hloov tshiab ntawd WP thiab tag nrho nws cov ntsiab lus thiab plugins mus rau qhov tseeb version yog qhov tseem ceeb ntawm kev ua tiav kev ruaj ntseg zoo.

WordPress: Thib 6 Zoo Tshaj Tawm

7.- Kuv nrhiav tau tus password tsis tsim nyog

Qhov ua tau zoo lossis ua tau ntawm peb tus lej ntawm cov vev xaib yog qhov tseem ceeb heev. Kev nkag mus rau hauv peb cov vev xaib yog lub hom phiaj tseem ceeb rau kev siv cov kev pheej hmoo, vim nws muab qhov yooj yim nkag mus rau koj lub vev xaib cov nplooj ntawv.

Brute force tawm tsam yog txoj kev nquag siv los ntxias koj tus ID nkag mus, tshawb pom tus username thiab password sib txuas ua ke kom tau txais kev nkag mus rau lub vev xaib. Hauv kis tshwj xeeb ntawm WP, los ntawm lub neej ntawd nws tsis txwv tus naj npawb ntawm qhov ua yuam kev tsis nkag siab uas ib tug neeg tuaj yeem ua, yog li, qhov kev pom zoo tshaj plaws yog kev siv cov password nyuaj rau kev nkag mus ntawm koj tus thawj tswj hwm WP.

Thaum xaiv tus password, coj mus rau hauv tus lej 3 yam no tseem ceeb raws li qauv CLU (Complex, Long, Unique):

  • TSIS TXAUS SIAB: Lo lus zais yuav tsum yog nyob rau hauv ntau li ntau tau thiab tsawg kawg yog cuam tshuam nrog Tus Saib Xyuas Lub Vev Xaib lossis Lub Vev Xaib.
  • LONG: Cov password yuav tsum yog 12 lossis ntau dua cov tsiaj ntawv hauv qhov ntev. Thiab ntxiv kev tiv thaiv nrog kev txwv lossis kev txwv ntawm tus xov tooj ntawm cov kev twb kev txuas tsis tau ua tiav.
  • XWB: Tsis txhob rov qab siv lub password. Txhua tus password yuav tsum tau tshwj xeeb nyob rau hauv sijhawm. Txoj kev cai yooj yim no txwv qhov cuam tshuam ntawm ib qho zais lo lus zais.

Lus pom zoo: Siv tus thawj tswj (password) zoo li “LastPass” (online) thiab “KeePass 2” (offline) los tsim thiab khaws tag nrho koj cov lus txuas nkag rau hauv ib hom ntawv uas tsis muab zais.

WordPress: 7 Thib Zoo Zoo

8.- Yuav tsum npaj koj li phiaj xwm kev tiv thaiv thaum muaj xwm txheej phem

Yog tias koj siv WP nco ntsoov tias nws tsis muaj qhov rov qab teeb tsa qhov system. Xws li ib qho ua ntej, yog li koj ib txwm muaj hnub thaub qab ntawm koj lub vev xaib. Backups yog qhov tseem ceeb thiab ib qho kev ruaj ntseg dav dav los siv.

Tsis txhob hnov ​​qab tias koj yuav tsum tsis tsuas thim rov qab koj lub vev xaib uas siv thiab databasestab sis txhua yam lub chaw ntawm cov neeg rau zaub mov tseem ceeb los ntawm kev ua haujlwm tsis tu ncua nrog tsab ntawv los yog lub tshuab kaw lus duab, los pab txhawb kev tsim nyog thiab rov txhim kho lub sijhawm luv luv.

WordPress: Thib 8 Zoo Tshaj Tawm

9.- Ua kom koj qhov kev ruaj ntseg zoo siv 2FA

Ntxiv dag zog rau koj tus WP admin nkag mus lossis koj lub vev xaib siv ob yam txiaj ntsig pov thawj (2FA) mechanism, uas yog ib qho ntawm txoj hauv kev zoo tshaj plaws rau kev nyab xeeb koj lub vev xaib hnub no. Kev txheeb xyuas ob qho tseem ceeb ntxiv ib txheej ntxiv ntawm kev tiv thaiv rau koj lub vev xaib nkag mus, los ntawm kev xav tau tias kev siv koj tus password yuav tsum tau siv sijhawm ntxiv tus lej los ntawm lwm lub cuab yeej, xws li koj lub xov tooj smartphone, kom nkag mus tau zoo. Cov.

Hais txog ntawm WP uas tsis muaj cov haujlwm no los ntawm lub neej ntawd embed qhov ib yam los ntawm kev siv lub pluginxws li iThemes Security los sib ntxiv.

WordPress: 9 Thiv Zoo

10.- Siv yam ntxiv uas yuav tsum tau muaj cov khoom thaiv kom zoo

CMS feem ntau zoo li WP ua rau siv cov plugins kom nce qhov kev ruaj ntseg muaj peev xwm ntawm lawv tus kheej. Hauv qhov tshwj xeeb ntawm WP, kev siv ntawm lub tshuab hluav taws xob tiv thaiv hu ua iThemes Security tau pom zoo. ntxiv ib qho kev tiv thaiv ntxiv rau koj lub vev xaib. Cov ntaub ntawv no thaiv cov WP, kho qhov uas paub qhov, nres cov lus tsis siv neeg, thiab ntxiv dag zog rau tus neeg siv khoom ntiag tug.

Nws muaj tus qauv pub dawb (iThemes Security) thiab tus nqi them (iThemes Security Pro) uas pom tseeb muaj ntau dua kev ruaj ntseg zoo li 2FA, teem caij malware scans, npe neeg siv, thiab lwm yam.

xaus

Txawm hais tias nws dhau WP lossis lwm CMS, koj tuaj yeem zam qhov teeb meem kev nyab xeeb hauv lub vev xaib tsuas yog ua raws cov kev ruaj ntseg no zoo tshaj plaws lossis kev coj ua zoo. Koj lub vev xaib tsim nyog thiab yuav tsum muaj cov kev tiv thaiv kev nyab xeeb tsim nyog hauv qhov chaw los mus lav los yog tsawg dua nws cov kev tsis nkag siab hauv cov sijhawm no muaj kev ntxhov siab los ntawm cov haujlwm ntawm hackers thiab crackers.

Thaum kawg thiab ntxiv qhov ntxiv, peb pom zoo kom koj nyeem lwm kab lus no ntawm peb cov blog ntawm cov ncauj lus los ntxiv dag zog rau kev ruaj ntseg ntawm koj lub vev xaib, hu ua: Linux Kev Tso Cai rau Cov Thawj Coj ntawm Cov Txheej Txheem thiab Cov Tsim Kho.


Cov ntsiab lus ntawm tsab xov xwm ua raws li peb cov ntsiab cai ntawm kev tswj hwm kev ncaj nceesCov. Tshaj tawm ib qho yuam kev nyem no.

Yog thawj tus tuaj tawm tswv yim

Tso koj saib

Koj email chaw nyob yuav tsis tsum luam tawm. Yuav tsum tau teb cov cim nrog *

*

*

  1. Lub luag haujlwm rau cov ntaub ntawv: Miguel Ángel Gatón
  2. Lub hom phiaj ntawm cov ntaub ntawv: Tswj SPAM, kev tswj xyuas tawm tswv yim.
  3. Sau raws cai: Koj kev tso cai
  4. Kev sib txuas lus ntawm cov ntaub ntawv: Cov ntaub ntawv yuav tsis raug xa mus rau lwm tus neeg thib peb tsuas yog los ntawm kev txiav txim siab raug cai.
  5. Cov ntaub ntawv khaws cia: Cov Ntaub Ntawv khaws tseg los ntawm Occentus Networks (EU)
  6. Txoj Cai: Txhua lub sijhawm koj tuaj yeem txwv, rov qab thiab tshem tawm koj cov ntaub ntawv.