SlideShare una empresa de Scribd logo
1 de 14
Descargar para leer sin conexión
Wordpress
Sikkerhed
"Mit site bliver da ikke hacket..?"
Hvorfor sikkerhed i WP?
● Hvorfor overhovedet tænke på sikkerhed i
Wordpress?
● Hvem skulle ville hacke mit lille site?
● Hvad er risikoerne?
Fordi..
● Undgå at sitet bliver inficeret med virus.
● Undgå tab af data.
● Beskyttelse mod, at sitet går ned.
● Beskyttelse mod hacking.
○ Hvad er hacking?
Et typeeksempel
● Et lille script (software) bliver uploadet til dit
site af en bot.
● Webhotellets anti-virus finder
scriptet og lukker kontoen.
● Du får en mail om at:
○ Mail er lukket
○ FTP er lukket
○ Hjemmesiden er utilgængelig
○ Du har ansvar for at rette op på det
Typiske antagelser (1)
● Der sidder en 16-årig hacker i Ukraine, der
kalder sig 'M!sF0RstÅ1', og udvælger mit
site til at blive hacket.
● Forkert: Hacking bliver ofte
lavet med software, der
automatiseret tester tusindvis
af sites efter sikkerhedshuller.
Typiske antagelser (2)
● Risikoen for at mit site bliver angrebet, er
minimal.
● Forkert: Sandsynligheden er,
at hvis dit site kan findes på
Google, bliver det angrebet
dagligt.
○ Installér software til at overvåge
angreb og se, hvor mange forsøg,
der er.
Typiske antagelser (3)
● Mit site er så lille, at det er uinteressant for
hackere.
● Forkert: Størrelsen på sitet har ikke
betydning. Det er volumen
(antallet af sites), der tæller.
○ Hver dag, bliver 30 000 sites
hacket eller inficeret med virus.
Typiske antagelser (4)
● Websites er sikre og har ikke brug for
yderligere beskyttelse.
● Forkert: Websites har i gennemsnit
79 alvorlige sikkerhedshuller.
Statistik fra 2011 - WhiteHat Security
Test dit eget site, f.eks. på
http://sucuri.net/
Hvad kan jeg gøre?
● Beskyt brugerne på dit site.
○ Sikre passwords
○ Fjern 'admin' brugernavnet
○ Installér software (plugins), der stopper angreb
● Beskyt mod tab af data.
○ Backup. Nemt og gratis.
● Hold øje med forandringer.
○ Mislykkede login-forsøg.
○ Ændringer i filer.
● Hold alt software opdateret.
○ Gammelt software = højere risiko
● Anti-virus på din computer
Jeg tør ikke opdatere... :(
● Går sitet i stykker, hvis du opdaterer?
○ Sandsynligvis ikke.
● Hvordan undgår jeg, at sitet
går i stykker?
○ Tag altid en backup, før hver
opdatering.
○ Brug temaer fra Wordpress.org,
eller en professionel udvikler.
○ Brug plugins, der bliver opdateret
og vedligeholdt.
○ Vær ikke bange for at opdatere.
● Installér plugins/software til sikkerhed
○ Cloudflare (gratis version, flere abonnementer)
○ Better WP Security (gratis) eller Wordfence (gratis)
○ Sucuri.net (anti-virus, årligt gebyr)
● Installér backup
○ BackWPUp (gratis) - backup til email eller Dropbox
○ BackupBuddy (licens)
Praktiske eksempler
● Hvor sikkert er mit password?
○ http://howsecureismypassword.net/ - test selv
● Generer sikre passwords
○ https://www.xkpasswd.net/
● Saml passwords et sted
○ Brug LastPass - http://lastpass.com/
Fungerer med Windows, Mac, Linux, iPhone, Android, m.v.
Praktiske eksempler
● Scan dit site
○ http://sucuri.net/
○ http://www.stopthehacker.com/ - kræver registrering
Praktiske eksempler
Google+ gruppe Wordpress Open Space
Calle Hunefalk
● Telefon: +45 3131 1208
● Skype: iohannis
● Twitter: @iohannis
● Facebook: https://www.facebook.com/CalleHunefalkcom
● Kontakt: http://callehunefalk.com/about/contact-us/
Spørgsmål

Más contenido relacionado

Destacado

How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity -  Best PracticesTime Management & Productivity -  Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Applitools
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at WorkGetSmarter
 
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...DevGAMM Conference
 
Barbie - Brand Strategy Presentation
Barbie - Brand Strategy PresentationBarbie - Brand Strategy Presentation
Barbie - Brand Strategy PresentationErica Santiago
 
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them wellGood Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them wellSaba Software
 
Introduction to C Programming Language
Introduction to C Programming LanguageIntroduction to C Programming Language
Introduction to C Programming LanguageSimplilearn
 

Destacado (20)

How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity -  Best PracticesTime Management & Productivity -  Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
 
ChatGPT webinar slides
ChatGPT webinar slidesChatGPT webinar slides
ChatGPT webinar slides
 
More than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike RoutesMore than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike Routes
 
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
 
Barbie - Brand Strategy Presentation
Barbie - Brand Strategy PresentationBarbie - Brand Strategy Presentation
Barbie - Brand Strategy Presentation
 
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them wellGood Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
 
Introduction to C Programming Language
Introduction to C Programming LanguageIntroduction to C Programming Language
Introduction to C Programming Language
 

Wordpress sikkerhed

  • 2. Hvorfor sikkerhed i WP? ● Hvorfor overhovedet tænke på sikkerhed i Wordpress? ● Hvem skulle ville hacke mit lille site? ● Hvad er risikoerne?
  • 3. Fordi.. ● Undgå at sitet bliver inficeret med virus. ● Undgå tab af data. ● Beskyttelse mod, at sitet går ned. ● Beskyttelse mod hacking. ○ Hvad er hacking?
  • 4. Et typeeksempel ● Et lille script (software) bliver uploadet til dit site af en bot. ● Webhotellets anti-virus finder scriptet og lukker kontoen. ● Du får en mail om at: ○ Mail er lukket ○ FTP er lukket ○ Hjemmesiden er utilgængelig ○ Du har ansvar for at rette op på det
  • 5. Typiske antagelser (1) ● Der sidder en 16-årig hacker i Ukraine, der kalder sig 'M!sF0RstÅ1', og udvælger mit site til at blive hacket. ● Forkert: Hacking bliver ofte lavet med software, der automatiseret tester tusindvis af sites efter sikkerhedshuller.
  • 6. Typiske antagelser (2) ● Risikoen for at mit site bliver angrebet, er minimal. ● Forkert: Sandsynligheden er, at hvis dit site kan findes på Google, bliver det angrebet dagligt. ○ Installér software til at overvåge angreb og se, hvor mange forsøg, der er.
  • 7. Typiske antagelser (3) ● Mit site er så lille, at det er uinteressant for hackere. ● Forkert: Størrelsen på sitet har ikke betydning. Det er volumen (antallet af sites), der tæller. ○ Hver dag, bliver 30 000 sites hacket eller inficeret med virus.
  • 8. Typiske antagelser (4) ● Websites er sikre og har ikke brug for yderligere beskyttelse. ● Forkert: Websites har i gennemsnit 79 alvorlige sikkerhedshuller. Statistik fra 2011 - WhiteHat Security Test dit eget site, f.eks. på http://sucuri.net/
  • 9. Hvad kan jeg gøre? ● Beskyt brugerne på dit site. ○ Sikre passwords ○ Fjern 'admin' brugernavnet ○ Installér software (plugins), der stopper angreb ● Beskyt mod tab af data. ○ Backup. Nemt og gratis. ● Hold øje med forandringer. ○ Mislykkede login-forsøg. ○ Ændringer i filer. ● Hold alt software opdateret. ○ Gammelt software = højere risiko ● Anti-virus på din computer
  • 10. Jeg tør ikke opdatere... :( ● Går sitet i stykker, hvis du opdaterer? ○ Sandsynligvis ikke. ● Hvordan undgår jeg, at sitet går i stykker? ○ Tag altid en backup, før hver opdatering. ○ Brug temaer fra Wordpress.org, eller en professionel udvikler. ○ Brug plugins, der bliver opdateret og vedligeholdt. ○ Vær ikke bange for at opdatere.
  • 11. ● Installér plugins/software til sikkerhed ○ Cloudflare (gratis version, flere abonnementer) ○ Better WP Security (gratis) eller Wordfence (gratis) ○ Sucuri.net (anti-virus, årligt gebyr) ● Installér backup ○ BackWPUp (gratis) - backup til email eller Dropbox ○ BackupBuddy (licens) Praktiske eksempler
  • 12. ● Hvor sikkert er mit password? ○ http://howsecureismypassword.net/ - test selv ● Generer sikre passwords ○ https://www.xkpasswd.net/ ● Saml passwords et sted ○ Brug LastPass - http://lastpass.com/ Fungerer med Windows, Mac, Linux, iPhone, Android, m.v. Praktiske eksempler
  • 13. ● Scan dit site ○ http://sucuri.net/ ○ http://www.stopthehacker.com/ - kræver registrering Praktiske eksempler
  • 14. Google+ gruppe Wordpress Open Space Calle Hunefalk ● Telefon: +45 3131 1208 ● Skype: iohannis ● Twitter: @iohannis ● Facebook: https://www.facebook.com/CalleHunefalkcom ● Kontakt: http://callehunefalk.com/about/contact-us/ Spørgsmål