{"id":566,"date":"2017-04-08T23:13:28","date_gmt":"2017-04-08T21:13:28","guid":{"rendered":"http:\/\/www.antynet.pl\/?p=566"},"modified":"2018-11-10T19:07:28","modified_gmt":"2018-11-10T18:07:28","slug":"wordpress-bezpieczenstwo","status":"publish","type":"post","link":"https:\/\/www.antynet.pl\/index.php\/2017\/04\/08\/wordpress-bezpieczenstwo\/","title":{"rendered":"WordPress – bezpiecze\u0144stwo"},"content":{"rendered":"

Fajny \u00a0CMS, ale … jak ka\u017cdy CMS bardzo podatny na w\u0142amania, sam core jest rewelacyjny moim zdaniem, ale wtyczki …. nie znasz dnia i godziny gdy komu\u015b si\u0119 uda w\u0142ama\u0107. Zwykle nawet tego nie zauwa\u017cysz, zaczniesz linkowa\u0107 do lewej viagry czy but\u00f3w nike. Lub oto inny: mo\u017cesz mie\u0107 takie sugestie. Odwied\u017a best online casino CC-TV<\/a> z Nederland, kt\u00f3rych ratings s\u0105 najbardziej dok\u0142adne i u\u017cyteczne. Wi\u0119c przeczytaj moje notatki. Warto przyjrze\u0107 mu si\u0119 lepiej.<\/p>\n

Wszelkie znane mi w\u0142amania do \u00a0Wordpress ( pomijaj\u0105c w\u0142amania systemowe, ftp … itp ) opieraj\u0105 si\u0119 na manipulacjach katalogu wp-admin.<\/p>\n

Wszystkie wpisy dajemy do .htaccess lub konfiguracji apache2.<\/p>\n

Najpro\u015bciej jest ograniczy\u0107 dost\u0119p do wp-admin poprzez kontrol\u0119 IP:<\/p>\n

<Directory \"\/home\/domena\/wp-admin\">\r\norder allow,deny\r\nallow from x\r\n<\/Directory>\r\n<\/pre>\n
Problem pojawia si\u0119 gdy \u0142\u0105czymy si\u0119 z panelem admina z r\u00f3\u017cnych IP… ka\u017cde IP dodawa\u0107? no mo\u017cna …. ale niewygodne.<\/p>\n
Zroby inaczej \ud83d\ude09 \u00a0Pro\u015bciej … i tak samo bezpiecznie \ud83d\ude42<\/p>\n
<Files wp-login.php>\r\n AuthName \"Admins Only\"\r\n AuthUserFile \/etc\/apache2\/password\r\n AuthGroupFile \/dev\/null\r\n AuthType basic\r\n require valid-user\r\n<\/Files>\r\n\r\n<Location \/wp-admin\/>\r\n AuthName \"Admins Only\"\r\n AuthUserFile \/etc\/apache2\/password\r\n AuthGroupFile \/dev\/null\r\n AuthType basic\r\n require valid-user\r\n<\/Location>\r\n<\/pre>\n
I wszelkie metody ataku wp-admin maja na drug\u0105 zmian\u0119 \ud83d\ude09<\/p>\n","protected":false},"excerpt":{"rendered":"
Fajny \u00a0CMS, ale … jak ka\u017cdy CMS bardzo podatny na w\u0142amania, sam core jest rewelacyjny moim zdaniem, ale wtyczki …. nie znasz dnia i godziny gdy komu\u015b si\u0119 uda w\u0142ama\u0107. Zwykle nawet tego nie zauwa\u017cysz, zaczniesz linkowa\u0107 do lewej viagry czy but\u00f3w nike. Lub oto inny: mo\u017cesz mie\u0107 takie sugestie. Odwied\u017a best online casino CC-TV […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[1,4,3],"tags":[],"class_list":["post-566","post","type-post","status-publish","format-standard","hentry","category-bez-kategorii","category-sciaga-admina","category-uslugi"],"_links":{"self":[{"href":"https:\/\/www.antynet.pl\/index.php\/wp-json\/wp\/v2\/posts\/566","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.antynet.pl\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.antynet.pl\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.antynet.pl\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.antynet.pl\/index.php\/wp-json\/wp\/v2\/comments?post=566"}],"version-history":[{"count":2,"href":"https:\/\/www.antynet.pl\/index.php\/wp-json\/wp\/v2\/posts\/566\/revisions"}],"predecessor-version":[{"id":609,"href":"https:\/\/www.antynet.pl\/index.php\/wp-json\/wp\/v2\/posts\/566\/revisions\/609"}],"wp:attachment":[{"href":"https:\/\/www.antynet.pl\/index.php\/wp-json\/wp\/v2\/media?parent=566"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.antynet.pl\/index.php\/wp-json\/wp\/v2\/categories?post=566"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.antynet.pl\/index.php\/wp-json\/wp\/v2\/tags?post=566"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}