Your SlideShare is downloading. ×
  • Like
2014 WordCamp Columbus - Dealing with a lockout
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

2014 WordCamp Columbus - Dealing with a lockout

  • 117 views
Published

2014 WordCamp Columbus - Dealing with a lockout

2014 WordCamp Columbus - Dealing with a lockout

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
117
On SlideShare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
3
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Good Afternoon!!!!
  • 2. My name is John Parkinson I live in Eastern Ohio IT Manager for engineering firm
  • 3. 25 computers All levels of users Networking Repair Upgrade Training Programming (a little) Jack of all trades Master of none!
  • 4. Twitter - @jwparkinson jwparky@gmail.com wpknut.com
  • 5. Please leave feedback!!! @jwparkinson #wccbus
  • 6. Or use hashtag #tallguywith grayhairandglassesandapotbelly
  • 7. WordPress user for 5 years I am a ‘user’ not an expert! Personal, work and a club websites. Also, helped setup 2 other websites for Belmont County 911 center and Belmont County Emergency Management Agency (EMA).
  • 8. WordCamps in Ohio
  • 9. How many WordPress beginners?
  • 10. Dealing With Lockout
  • 11. What is a Lockout? A Lockout happens when a user tries to access a website with an incorrect username or password. After multiple unsuccessful attempts, a user is Locked Out.
  • 12. Brute Force Attack In a brute-force attack, the attacker, or BOT, tries to enter a system by trying out a series of username/password combinations to gain access.
  • 13. Unlike hacks that focus on vulnerabilities in software, a Brute Force Attack aims at being the simplest kind of method to gain access to a site: it tries usernames and passwords, over and over again, until it gets in. Often deemed 'inelegant', they can be very successful when people use passwords like '123456' and usernames like 'admin.' They are, in short, an attack on the weakest link in any website's security: You! Or in this case……ME!!!!
  • 14. Reverse brute-force attack In a reverse brute-force attack, a single (usually common) password is tested against multiple usernames or encrypted files. The process may be repeated for a select few passwords. In such a strategy, the attacker is generally not targeting a specific user. Reverse brute-force attacks can be mitigated by establishing a password policy that disallows common passwords.
  • 15. Not to be confused with a Denial of Service – DoS - attack A method of attack which involves saturating the target machine with external communications requests, so much so that it cannot respond to legitimate traffic, or responds so slowly as to be rendered essentially unavailable. Such attacks usually lead to a server overload.
  • 16. In general terms, DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.
  • 17. http://list25.com/25-biggest-cyber-attacks-in-history/1/
  • 18. WordPress.org has 2,300 Security Plugins in the Repository
  • 19. Security Plugins will limit the number of login attempts and notify the website owner of a lockout.
  • 20. All of the Security Plugins in the world won’t do you any good if…….
  • 21. Look Familiar?
  • 22. Login to the Dashboard – User – Your Profile And here It is!
  • 23. The Fix Logon to your website host.
  • 24. Go to File Manager
  • 25. Go to wp-content/plugins folder Rename Folder This disables security plugin
  • 26. Open new tab then Login to website and add new user with administrator privleges. Log out and then login using new username & password. Delete old username
  • 27. Go back to File Manager and change the name of the security plugin back to original.
  • 28. Correct Practice Have root access to your cPanel. Two users with admin privileges on your WordPress website. A user for adding content only.
  • 29. Use good password practices No Dictionary Words, Proper Nouns, or Foreign Words No Personal Information A strong, effective password requires a necessary degree of complexity. • uppercase letters such as A, B, C; • lowercase letters such as a, b,c; • numerals such as 1, 2, 3; • special characters such as $, ?, &; and • alt characters such as µ, £, Æ.
  • 30. Password Generators https://www.grc.com/passwords.htm https://identitysafe.norton.com/password- generator http://www.whatsmyip.org/random-password- generator/
  • 31. Questions or comments
  • 32. WordPress TV
  • 33. 2,300 videos from WordCamps all over the world!
  • 34. Typical WordCamp • Let’s say 3 to 4 Tracks • And 3 sessions each in the morning and afternoon • Videos are initially edited by WordCamp volunteers • 24 presentation videos to be sent (uploaded) to WordPress TV
  • 35. WordPress TV Moderators • Speaker name • WordCamp location • Check for sound and video quality • Speakers slides • Presentation description • Schedule for publication (usually 3 or 4 a day)
  • 36. The End
  • 37. Make sure to thank the organizers, sponsors and volunteers
  • 38. Slides can be found at: http://www.slideshare.net/slideshow/embed_c ode/34150560 Or type ‘jwparky’ in search box and then ‘user’
  • 39. Thanks for suffering sitting through my presentation. Please leave feedback!! Enjoy the rest of the sessions!