Ungayivikela Kanjani i-WordPress kuzinyathelo ezilula eziyi-10

Ungayivikela Kanjani Iwebhusayithi Yakho Ye-WordPress

Uyazi ukuthi ngaphezu kwama-90,000 hacks azanywa umzuzu ngamunye kumasayithi we-WordPress emhlabeni jikelele? Yebo, uma ungumnikazi wewebhusayithi enikwe amandla yi-WordPress, leyo stat kufanele ikukhathaze. Akukhathalekile ukuthi uqhuba ibhizinisi elincane. Abaduni abangabandlululi ngokuya ngosayizi noma ukubaluleka kwamawebhusayithi. Bafuna kuphela noma yikuphi ukuba sengozini okungasetshenziswa ukuze kuzuze bona.

Ungahle uzibuze - kungani izigebengu zibhekisa amasayithi e-WordPress kwasekuqaleni? Bazuzani ngokuzitika ngezinto ezimbi kangaka? 

Ake sibheke.

Kungani amaHacker Target WordPress Sites?

Kungaba ku-WordPress noma kunoma iyiphi enye ipulatifomu; ayikho iwebhusayithi ephephile kubaduni. Ukuba kakhulu ipulatifomu ethandwayo ye-CMS, Amasayithi e-WordPress ayizintandokazi zabaduni. Nakhu abakwenzayo:

  • Thola okusha ukuphepha engcupheni, okulula ukuthola kumasayithi amancane. Lapho isigebenga sifunde nganoma ibuphi ubuthakathaka noma ukuba sengozini, singasebenzisa ulwazi lwazo ukukhomba amawebhusayithi amakhulu futhi sidale umonakalo omkhulu.
  • Qondisa kabusha ithrafikhi yakho engenayo kumawebhusayithi angacelwanga. Lesi yisizathu esivamile sokukhomba amasayithi anomgwaqo omkhulu, ngenxa yalokho iwebhusayithi yangempela engalahlekelwa yibo bonke abasebenzisi bayo iye kwenye iwebhusayithi esolisayo.
  • Yenza imali noma khiqiza izimali kusuka ekuthengiseni imikhiqizo engekho emthethweni kumasayithi angempela noma ngokuhlukahluka kwe-malware njenge -hlengware noma imayini ye-crypto.
  • Thola ukufinyelela kwezengqondo noma idatha eyimfihlo njengedatha yamakhasimende, idatha yebhizinisi yangasese, noma amarekhodi ezezimali enkampani. Abaduni bangaqhubeka bathengise le datha eyebiwe ngemali noma bayisebenzisele noma iyiphi inzuzo yokuncintisana engafanele.

Manje njengoba sesazi ukuthi abaduni bangazuza kanjani ngokugqekeza okuphumelelayo noma ukuyekethisa, ake siqhubeke nokuxoxa ngezindlela eziyishumi ezivivinyiwe ukuvikela isiza seWordPress.

Izindlela Ezi-10 Eziqinisekisiwe Zokuvikela Isiza Sakho

Ngenhlanhla ye-WordPress, kunezindlela ezahlukahlukene ongazisebenzisa ukukhulisa ukuphepha kwewebhusayithi. Ingxenye ehamba phambili ngalezi zindlela ukuthi eziningi zazo aziyinkimbinkimbi futhi zingenziwa yinoma yimuphi umsebenzisi we-novice WordPress. Ngakho-ke, ake siqale. 

Isinyathelo 1: Buyekeza i-Core WordPress yakho nama-plugins nezihloko

Izinhlobo ze-WordPress eziphelelwe yisikhathi, kanye nama-plugins amadala nezindikimba kungezinye zezizathu ezivamile zokuthi amasayithi e-WordPress agqekeziwe. Abaduni bavame ukuxhaphaza izimbungulu ezihlobene nokuphepha kuma-WordPress wangaphambilini nezinguqulo ze-plugin / theme ezisasebenza kumasayithi amaningi we-WordPress.

Okuqapha kakhulu kulokhu kusongelwa ukuvuselela njalo inguqulo yakho yeCore WordPress kanye nokuvuselelwa kunguqulo yakamuva yama-plugins / izingqikithi ezifakiwe. Ukwenza lokhu, nika amandla ukusebenza kwe- "Auto Update" ku-akhawunti yakho ye-WordPress admin noma ubambe wonke ama-plugins / izingqikithi ezifakiwe njengamanje.

Isinyathelo 2: Sebenzisa i-Firewall Protection 

Abaduni bavame ukusebenzisa ama-bots azenzakalelayo noma izicelo ze-IP ukuthola ukufinyelela kumasayithi we-WordPress. Uma bephumelela ngale ndlela, abaduni bangalimaza kakhulu kunoma iyiphi isayithi. Izicishamlilo zewebhusayithi zakhiwe ukukhomba izicelo ze-IP kusuka kumakheli e-IP asolisayo futhi zivimbe izicelo ezinjalo nangaphambi kokuba zifinyelele kuseva yewebhu.

firewall
I-Firewall. Umqondo wokuphepha kolwazi. Umqondo wezobuchwepheshe uhlukaniswe kokumhlophe

 Ungaqalisa ukuvikelwa kwe-firewall kuwebhusayithi yakho ngokukhetha:

  • Izindonga zomlilo ezakhelwe ngaphakathi - kusuka enkampanini yakho yokubamba iwebhu
  • Izicishamlilo ezisuselwa emafini - isingathwe kuzingxenyekazi zangaphandle zamafu
  • Izicishamlilo ezisuselwa ku-plugin - lokho kungafakwa kusayithi lakho le-WordPress

Isinyathelo 3: Skena bese ukhipha noma iyiphi i-Malware

Abaduni baqhubeka nokuza ngokuhlukahluka okusha kwe-malware ukuyekethisa isiza. Ngenkathi enye i-malware ingadala umonakalo omkhulu ngokushesha futhi ikhubaze iwebhusayithi yakho ngokuphelele, ezinye ziyinkimbinkimbi kakhulu futhi kunzima ukuzibona ngisho nezinsuku noma amasonto. 

Isivikelo esihle kakhulu kwi-malware ukuskena njalo iwebhusayithi yakho ephelele ukuthola noma yikuphi ukutheleleka. Ama-plugins okuphepha aphezulu we-WordPress njenge-MalCare ne-WordFence kuhle ukutholwa kusenesikhathi nokuhlanzwa kwe-malware. Lawa ma-plugins ezokuphepha kulula ukuwafaka futhi awasebenzise ngisho nakubasebenzisi okungewona obuchwepheshe.

I-malware

Isinyathelo 4: Sebenzisa i-Web Host Ephephile futhi Ethembekile 

Ngaphezu kwezinguqulo ze-WordPress eziphelelwe yisikhathi nama-plugins / izingqikithi, ukusethwa kokubamba iwebhu kunezwi elibalulekile ekuvikelekeni kwewebhusayithi yakho. Isibonelo, abaduni bavame ukukhomba amawebhusayithi kungxenyekazi eyabiwe yokubamba eyabelana ngeseva efanayo phakathi kwamawebhusayithi amaningi. Yize ukusingathwa okwabiwe kungabizi kakhulu, kubaduni bangathelela kalula iwebhusayithi eyodwa ebanjelwe bese besabalalisa ukutheleleka kuwo wonke amanye amawebhusayithi.

Ukuze ube sohlangothini oluphephile, khetha uhlelo lokubamba iwebhu olunezici zokuphepha ezihlanganisiwe. Gwema ukusingathwa okwabiwe futhi, esikhundleni salokho, hamba ngokusingathwa kwe-WordPress okususelwe ku-VPS noma okuphethwe.

Isinyathelo 5: Thatha Isipele Esiphelele Sesayithi lakho le-WordPress

Izipele zewebhusayithi zingasindisa impilo uma okuthile kuhamba newebhusayithi yakho. Izipele ze-WordPress zigcina ikhophi lewebhusayithi yakho namafayela wedatha endaweni ephephile. Uma kwenzeka kube nokugenca okuphumelelayo, ungabuyisa kalula amafayela wesipele kuwebhusayithi yakho futhi wenze ukusebenza kwawo kube okujwayelekile.

Izipele ze-WordPress zingenziwa ngezindlela ezahlukahlukene, kepha inqubo enhle kakhulu yabasebenzisi okungezona ezobuchwepheshe ngama-plugins wesipele afana nawo BlogVault noma i-BackupBuddy. Kulula ukufaka nokusebenzisa, lawa ma-plugins okwenza isipele angenza imisebenzi ehlobene nokwenza isipele ukuze uhlale ugxile kwimisebenzi yakho yansuku zonke.

Isinyathelo 6: Vikela ikhasi lakho lokungena ngemvume le-WordPress

Phakathi kwamakhasi ajwayelekile wewebhusayithi aqondiswe kubaduni, ikhasi lakho lokungena ngemvume le-WordPress linganikeza ukufinyelela okulula kuma-akhawunti akho ayimfihlo kakhulu. Besebenzisa ukuhlaselwa ngamandla, abaduni bathumela ama-bots azenzakalelayo azama kaningi ukuthola ukufinyelela ku-akhawunti yakho ye-WordPress "admin" ngekhasi lokungena ngemvume.

Kunezindlela eziningana zokuvikela ikhasi lakho lokungena ngemvume. Isibonelo, ungafihla noma ushintshe i-URL yekhasi lakho lokungena lokuzenzakalelayo, okuyi-www.mysite.com/wp-admin. 

Ama-plugins wekhasi lokungena ngemvume adumile njenge- "Theme My Login" akuvumela ukuthi ufihle (noma ushintshe) ikhasi lakho lokungena ngemvume kalula.

Isinyathelo 7: Khipha noma yimaphi ama-plugins angasebenzi noma angasebenzi

Njengoba kushiwo ngaphambili, ama-plugins / izingqikithi zinganikeza isango elilula labaduni ukudala umonakalo ngewebhusayithi yakho ye-WordPress. Lokhu kuyiqiniso ngokufanayo kunoma yimaphi ama-plugins nezindikimba ezingasetshenziswanga noma ezingasebenzi. Uma ufake inombolo enkulu yalezi zinto kusayithi lakho futhi ungasazisebenzisi, kungakuhle ukuthi uzisuse noma uzibuyisele ngama-plugins / izingqikithi ezisebenzayo.

Ukwenza kanjani lokhu? Ngena ngemvume ku-akhawunti yakho ye-WordPress njenge admin umsebenzisi futhi ubuke uhlu lwama-plugins / izingqikithi ezifakiwe njengamanje. Susa wonke ama-plugins / izingqikithi ezingasasebenzi.

Isinyathelo 8: Sebenzisa amaphasiwedi aqinile

Akufanele yini lokhu kube sobala? Noma kunjalo, sisenawo amaphasiwedi abuthakathaka afana nalawa iphasiwedi futhi 123456 isetshenziswa. Abaduni ngokuvamile basebenzisa amaphasiwedi abuthakathaka ukuze benze ukuhlasela kwamandla okuphumelela.

iphasiwedi eqinile

Kubo bonke abasebenzisi bakho be-WordPress, sebenzisa eminye imihlahlandlela.Sebenzisa amaphasiwedi wezinhlamvu okungenani eziyi-8, ngokuhlanganiswa kosonhlamvukazi abakhulu nabancane, i-alphanumerics nezinhlamvu ezikhethekile. Isilinganiso sokuphepha esingeziwe kufanele kube ukushintsha amaphasiwedi wakho we-WordPress okungenani kanye ezinyangeni ezintathu.

Isinyathelo 9: Thola isitifiketi se-SSL sewebhusayithi yakho

Imfushane ngeSocket Layer Secure, isitifiketi se-SSL siyisidingo ngokuphelele kuyo yonke iwebhusayithi, kufaka phakathi amasayithi weWordPress. Kungani kubhekwa njengokuvikelekile? Yonke iwebhusayithi eqinisekiswe nge-SSL ibethela imininingwane edluliswayo phakathi kwesiphakeli sewebhu nesiphequluli somsebenzisi. Lokhu kwenza kube nzima kubaduni ukuthi babambe futhi bantshontshe le datha eyimfihlo. Yini enye? Lawa mawebhusayithi nawo athandwa yiGoogle futhi athola i- izinga eliphezulu le-Google.

i-https evikelekile ssl
Ikheli le-Inthanethi livikelekile ukubonisa esikrinini se-LCD.

Ungathola isitifiketi se-SSL kumhlinzeki wakho wokusingathwa kwewebhu osingatha isiza sakho. Kokunye, ungafaka amathuluzi afana nokuthi Masibethele kuwebhusayithi yakho ukuthola isitifiketi se-SSL.

Isinyathelo 10: Sebenzisa ukuqina kwewebhusayithi yeWordPress 

Isinyathelo sokugcina ukusebenzisa izindlela zokuqina zewebhusayithi ezinqunywe yi-WordPress. Ukuqina kweWebhusayithi yeWordPress iqukethe izinyathelo eziningana ezibandakanya:

  • Ukukhubaza isici sokuhlela ifayela ukuvimbela ukungena kwekhodi enonya kumafayela akho abalulekile we-WordPress
  • Ukukhubaza ukwenziwa kwefayela le-PHP okuvimbela abaduni ekusebenziseni amafayela we-PHP aqukethe noma iyiphi ikhodi enonya
  • Ukufihla inguqulo ye-WordPress evimbela abaduni ekutholeni inguqulo yakho ye-WordPress nokufuna noma yikuphi ukuba sengozini
  • Ukufihla amafayela we-wp-config.php nama-.htaccess asetshenziswa kakhulu ngabaduni ukulimaza isiza sakho se-WordPress

Ekuphetheni

Akukho sayithi ye-WordPress, enkulu noma encane, ephephe ngokuphelele kubaduni kanye ne-malware. Kodwa-ke, ungasithuthukisa impela isikolo sakho sokuphepha ngokulandela ngayinye yalezi zinyathelo eziyishumi ezichazwe kule ndatshana. Lezi zinyathelo kulula ukuzenza futhi azidingi ulwazi oluthuthukile lobuchwepheshe.

Ukwenza izinto zibe lula, ama-plugins amaningi okuphepha ahlanganisa eziningi zalezi zici, njengokuvikela i-firewall, ukuskena okuhleliwe, ukususwa kwe-malware, kanye nokuqina kwewebhusayithi kumkhiqizo wabo. Sincoma kakhulu ukwenza ukuphepha kwewebhusayithi kube yingxenye ebalulekile yakho uhlu lokuhlola lokugcinwa kwewebhusayithi

Sazise ukuthi ucabangani ngalolu hlu. Ngabe siphuthelwe yinoma iyiphi indlela ebalulekile yokuphepha okufanele siyenze ngokuphelele? Sazise emazwaneni akho.

UCABANGANI?

Le sayithi isebenzisa i-Akismet ukunciphisa ugaxekile. Funda ukuthi idatha yakho yokuphawula isetshenziswa kanjani.