110 likes | 242 Vues
The PPT tells”How Attackers Gain Access to Your WordPress Sites”. Most WordPress site owners do not know that their eCommerce store faces the potential risk of online threats. <br>To know more about WordPress Customization Services, browse : http://www.suntecoss.com/wordpress-development-services.html
E N D
How Attackers Gain Access to Your WordPress Sites http://www.suntecoss.com/
Most Site Owners Don’t Know • Of the 1,032 survey respondents who answered: • 61.5% didn't know how the attacker compromised their website. • Large majority of respondents cleaned their sites themselves. • It is impossible to be confident that you have cleaned your site completely or not.
Plug-ins Are Your Biggest Risk • Plug-ins play a big part in making WordPress as popular as it is today. • There are 43,719 plug-ins available for download in the official WordPress plug-in directory. • Plug-in vulnerabilities represented 55.9% of the known entry points.
Keep them updated • Reputable plug-in authors fix vulnerabilities very quickly when discovered. • Check for updates at least weekly. • Opt for professional website maintenance & support services
Don’t use abandoned plug-ins • To ensure that code is free of vulnerabilities. • Avoid plug-ins that have not been updated in over 6 months. • Conduct an audit at least quarterly to make sure none of your plug-ins have been abandoned.
Download plug-ins from reputable sites only • If you are going to download plug-ins from somewhere other than the official WordPress, make sure the website is reputable. • Use these tips to determine whether a site is a reputable or not: • Eye Test • TOS and Privacy Policy • Company Information • Contact Info • Domain Search • Name Search • Vulnerability Search
Brute Force Attacks Are Still a Big Problem • It is a password guessing attack • Attacker needs to identify a valid username on your website and then guess the password • Despite the availability of methods and technology that are 100% effective, this type of attack is still a huge problem, representing 16.1% of known entry points.
Some tips for avoiding a hack via brute force attack: • Don’t use obvious usernames • Use cellphone sign-in • Secure your login screen • Understand file and folder permissions
Other Steps to Secure your Site: • Keeping WordPress core up-to-date. • The WordPress team responds quickly when an issue is reported so should you. • Make sure that you have a strong password policy for your CPanel account. • Remove any applications on your server, like phpmyadmin, that aren’t absolutely necessary. • Secure your workstation by keeping your operating system and applications up-to-date. • Store passwords securely. • Do not store passwords in plaintext in a document online. • Delete any old data you don’t need from your website.
Contact Us • For more information on WordPress development services get in touch with us at info@suntecoss.com and our experts will get back to you shortly. • Visit: http://www.suntecoss.com/wordpress-development-services.html Floor 3, Vardhman Times Plaza Plot 13, DDA Community Centre Road 44, Pitampura New Delhi - 110 034, India http://www.suntecoss.com/