前段时间我的wordpress博客被西亚一哥们给黑了,修改了我的404页面的模板,必须要说的是,其他的东西没有怎么给我动,我还是感觉很庆幸。
通过这次被黑事件,我也被迫学习了一些wordpress安全知识,让我也从中受益匪浅,还得知了一个很好用的插件WSD security,也推荐给大家。
关于WSD security:
A secure website, free from malware, where your customers can feel safe is vital to your online success. Unfortunately, the number of web hacking attacks has risen dramatically. Website security is an absolute must. If you do not protect your website, hackers can gain access to your website, modify your web content, install malware and have your site banned from Google. They could modify scripts and gain access to your customer data and their credit card details…
WebsiteDefender is an online service that monitors your website for hacker activity, audits the security of your web site and gives you easy to understand solutions to keep your website safe. With WebsiteDefender you can:
- Detect Malware present on your website
- Audit your web site for security issues
- Avoid getting blacklisted by Google
- Keep your web site content & data safe
- Get alerted to suspicious hacker activity
All via an easy-to-understand web based dashboard which gives step by step solutions! Sign up for your FREE account here.
- 检测出现在您的网站上恶意软件
- 审核你的网站的安全问题
- 避免让谷歌将你的站点列入黑名单
- 保证你网站内容和数据的安全
- 通知你可疑的黑客活动
开始上图:
此插件的安全原则主要是如下内容:
- 升级WordPress到最新版本
- 隐藏WordPress版本
- 更改WordPress用户名
- 更改WordPress用户密码
- 防止WordPress目录显示
- 保护wp-admin文件夹
- 针对搜索引擎的保护
- WordPress数据库安全,数据表最好不要使用默认的wp_开头
看了下这个插件。貌似一年没有更新了。。
Better WP Security
找到了这个。貌似下载的人蛮多。又是5星的
不是wordpress的路过
安全问题都需要注意! 😀