Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
WordPress SecurityKnowledge is Power
Who Am I       Hi, my name is Tony       Perez | @perezbox       Marine Corps – War Vet       Sucuri Security       Object...
What are we going to talk                  about?       Web Security       Look at some statistics…       Provide an under...
Thinking about Web                    Security                 Web Security     Access                    Containment   Kn...
The Stats
Web Numbers       > 700 Million websites – As of May 2012– Netcraft       300 Million – Number of websites in 2011 – Pingd...
WordPress Numbers          73 Million + – Number of WP powered sites          16% - Of all Websites run WordPress         ...
Web Malware Numbers       403 Million – Unique variants of malware 2011          140% Growth – 2010 – 2011 in unique varia...
Gah… NO MORE NUMBERS       The web is growing at an unprecedented pace.       WordPress growth – astronomical and gaining ...
Web Security
Thinking about Web                    Security                 Web Security      Access                    Containment    ...
Web-based Malware      Malware – Short for malicious software. This software is      designed to disrupt operation of an i...
Types of Malware       Obfuscated JavaScript            Stupid, Pointless, Annoyi                                        n...
Attack Vectors       User Issues          Out-of-Date Software          Social Engineering          Compromised Credential...
Most Common Distributions       Social Engineering          Trick you into installing malware          Compromising creden...
Threat Landscape                                        End User                                                      Loca...
The Attacker                Types                           Culture                                        Has code of eth...
But I only write about lazy                   lizards!!!!• Opportunistic Attacks• Road of least resistance• Political Agen...
Is WordPress insecure?       Out of the box, core is well built and secure       It‟s no longer the days of 1.5       Secu...
Recent      Vulnerabilities and Infections         Vulnerabilities                    Campaigns       PHP-CGI Vulnerabilit...
Top reasons why we see these              infections       Poor credential Management       Poor System Administration    ...
So what can you do?      Glad you asked
Reduce Threat Risk       Update       Credentials       Communicate Securely       Themes / Plugins       Harden Your Inst...
Update, Update, Update       Leading cause of       infections       If your theme is so       coupled with core it can‟t ...
Credentials (user / password)                Basics                                   Take-Aways       Avoid using „Admin‟...
Data Dictionary / Defacement@sucuri_security @perezbox #wcoc   26   6/2/2012
Communicate Securely       Communication mechanisms          File Transfer Protocol (FTP)          Secret File Transfer Pr...
Safe Themes / Plugins       WordPress Repository is a good place to start          19.6k+ - Available Plugins          1.5...
Plugins To Avoid       WPStats.org SPAM – Fake Advanced Search Plugin          SEO poisoning – Bad          http://blog.su...
Whatwebsites aredangerous?@sucuri_security @perezbox #wcoc   30   6/2/2012
Hardening Getting er done!
HTACCESS is your Friend       Configuration file for web servers using Apache       Features:          Error Documents    ...
Protect HTACCESS       Permission          <= 640                                   #PROTECT HTACCESS                     ...
Protect WP-Config       .htaccess       Permissions          <= 640                                   #PROTECT WP-CONFIG  ...
Authentication Keys          wp-config.php          Encrypts information stored in user‟s cookies          https://api.wor...
Database Prefix       Default is “wp_”       wp-config.php@sucuri_security @perezbox #wcoc   36   6/2/2012
Admin User       Created by “default” < = 3.0       In higher version you can define your own administrator       Create n...
Disable Directory Listing       Nobody show know the color of your skivvies       Default in most hosts, not always     # ...
Disable Plugin / Theme Editor       wp-config.php file       Remove the ability modify your files via your wp-admin       ...
Permissions    Directories       755    Files                          Directories:       644                         find...
Protect WP-Admin       If you have a dynamic IP this might be problematic       Consider HTTPS (Heavy / Complicated) or Ba...
Harden WP-Includes       Create .htaccess in wp-includes directory                #PROTECT WP-INCLUDES                <Fil...
Harden WP-Content       Create .htaccess in wp-content directory       Most vulnerable, contains Uploads directory, often ...
Limit Upload       Most shells < 1 mb       Good idea anyway -               //limit file upload to 10mb               Lim...
Protect Against          Bots       Malnets are a growing       problem, proactively       protect against them using     ...
5G WordPress Add-On       Don‟t want to add all that other stuff? No problem, try this       condensed version for WordPre...
Secure Login Page       There are a number of plugins you can use for       this, or, you can turn to your .htaccess again...
Protect against XSS       Deny bad query Strings – in short, don‟t become a victim       to cross-site scripting   # QUERY...
SPAM Comments       SPAM in your comments can get you blacklisted just as       fast as injections on your pages       Dis...
Cross-Site Contamination       Most of the things provided so far help you from external       attacks.       Internal att...
Security Plugins   Sucuri Clients – Sucuri Security – Free to Clients      Web Application Firewall      Integrity Monitor...
Still have a malware       problem?
Two Approaches          Do it Yourself                Hire a Professional       Forums are you friend            Will cost...
Support Forums       WordPress.org          Hacked: http://wordpress.org/tags/hacked          Malware: http://wordpress.or...
Things to Know when             Engaging Professionals       Know who your host is and how to contact them in the       ev...
Tips & Tricks       After all this you might still become infected, and if you do       here are a few tips to keep you go...
Online Resources
FREE          Real Time Virus Scanners       Sucuri SiteCheck: http://sitecheck.sucuri.net       Unmask Parasites: http://...
Blacklisting Authorities       Google          Chrome, FireFox          Search Engine Results Page (SERP)          http://...
Useful Plugins       Know what you‟re using:          Theme-Check              Authors: Pross, Otto42              http://...
Online Reading       http://blog.sucuri.net/2012/04/lockdown-wordpress-a-       security-webinar-with-dre-armeda.html     ...
Online Tools       http://www.botsvsbrowsers.com/SimulateUserAgent.asp       http://www.tareeinternet.com/scripts/base.htm...
Tony Perez       Company: Sucuri Security       Company site: http://sucuri.net       Company blog: http://blog.sucuri.net...
Upcoming SlideShare
Loading in …5
×

Word camp orange county 2012 enduser security

30,026 views

Published on

Published in: Technology
  • Be the first to comment

Word camp orange county 2012 enduser security

  1. 1. WordPress SecurityKnowledge is Power
  2. 2. Who Am I Hi, my name is Tony Perez | @perezbox Marine Corps – War Vet Sucuri Security Objectivity and rationalism Gun carrying, Harley riding, Martial Artist . Web-malware is my life@sucuri_security @perezbox #wcoc 2 6/2/2012
  3. 3. What are we going to talk about? Web Security Look at some statistics… Provide an understanding of web malware Understand the threat scape a bit… Look at some of the recent trends… Give some hardening tips Get into the recommendations…@sucuri_security @perezbox #wcoc 3 6/2/2012
  4. 4. Thinking about Web Security Web Security Access Containment Knowledge@sucuri_security @perezbox #wcoc 4 6/2/2012
  5. 5. The Stats
  6. 6. Web Numbers > 700 Million websites – As of May 2012– Netcraft 300 Million – Number of websites in 2011 – Pingdom 10.82 Billion – Number of indexed pages – WorldWebSize 2.1 Billion – Number of internet users worldwide Pingdom Projected that: 1 Billion – 2013 2 Billion - 2015@sucuri_security @perezbox #wcoc 6 6/2/2012
  7. 7. WordPress Numbers 73 Million + – Number of WP powered sites 16% - Of all Websites run WordPress 22 – Out of every 100 new domains in the U.S. 54% - CMS marketshare 62% - Market share of top 1,000,000 Sites 53% - Market share of top 100,000 sites 55% - Market share of top 10,000 sites Projection 300 – 500 Million - 2015@sucuri_security @perezbox #wcoc 7 6/2/2012
  8. 8. Web Malware Numbers 403 Million – Unique variants of malware 2011 140% Growth – 2010 – 2011 in unique variants 55,294 – Malicious web domains in 2011 130% Growth – 2010 – 2011 in malicious domains 81% - Increase malicious web-based attacks between 2010 / 2011 42 Billion – Global SPAM per day 2011 (Source: Symantec Internet Security Threat Report, Vol 17)@sucuri_security @perezbox #wcoc 8 6/2/2012
  9. 9. Gah… NO MORE NUMBERS The web is growing at an unprecedented pace. WordPress growth – astronomical and gaining Web-based malware is not far behind To have a virtual presence you must consider the security of your website@sucuri_security @perezbox #wcoc 9 6/2/2012
  10. 10. Web Security
  11. 11. Thinking about Web Security Web Security Access Containment Knowledge Minimize Control Authentication Reduce Threat Have a Plan Be prepared Impact@sucuri_security @perezbox #wcoc 11 6/2/2012
  12. 12. Web-based Malware Malware – Short for malicious software. This software is designed to disrupt operation of an information system (i.e., local machine, server, mobile device, etc…) In 2011, malnets (malware networks) emerged as the next evolution in the threat landscape. These infrastructures last beyond any one attack. - BlueCoat 2012 Web Security Report@sucuri_security @perezbox #wcoc 12 6/2/2012
  13. 13. Types of Malware Obfuscated JavaScript Stupid, Pointless, Annoyi ng Messages (SPAM) Hidden & Malicious iFrames Defacement Embedded Trojans Anomalies Phishing Attempts IP Cloaking Malicious Redirects Drive by Downloads Backdoors (e.g., C99, R57, Webshe lls)@sucuri_security @perezbox #wcoc 13 6/2/2012
  14. 14. Attack Vectors User Issues Out-of-Date Software Social Engineering Compromised Credentials Software Issues SQL Injection Cross-Site Scripting (XSS) Cross-Site Request Forgery (XSRF) Remote Execution@sucuri_security @perezbox #wcoc 14 6/2/2012
  15. 15. Most Common Distributions Social Engineering Trick you into installing malware Compromising credentials Websites, Email, Twitter Drive-by-Downloads Install malware after exploiting a vulnerability – big issue for us in the WP community iFrame (52.6%) and JS injections (26.5%) Malicious redirects Redirect user to another site often distributing malware@sucuri_security @perezbox #wcoc 15 6/2/2012
  16. 16. Threat Landscape End User Local Application Environment Web Server Administration Network Threat Environmental Landscape@sucuri_security @perezbox #wcoc 16 6/2/2012
  17. 17. The Attacker Types Culture Has code of ethics, heroes and White-Hat villains and competing gangs Ethical / Grey Hat Knowledge is power Most Believe information and Script Kiddie computer access should be freely shared Hacktivist Major motivation among hackers is status Cracker / Black Hat Financial gain is a strong motivation with crackers – Robin Hood mindset – ok to steal@sucuri_security @perezbox #wcoc 17 6/2/2012
  18. 18. But I only write about lazy lizards!!!!• Opportunistic Attacks• Road of least resistance• Political Agenda / Further Cause• Mass Exposure• In short – it doesn‟t matter what you write about, you have a virtual presence@sucuri_security @perezbox #wcoc 18 6/2/2012
  19. 19. Is WordPress insecure? Out of the box, core is well built and secure It‟s no longer the days of 1.5 Security team is in place to quickly address and patch issues Extensibility – both its strength and weakness With popularity comes a target… think Windows for local environments Easy target because of its exposure, attackers focusing on the platform Road of least resistance@sucuri_security @perezbox #wcoc 19 6/2/2012
  20. 20. Recent Vulnerabilities and Infections Vulnerabilities Campaigns PHP-CGI Vulnerability - Recovery-hdd.eu Malware Campaign Patched Nikjju Mass Injection WooThemes Campaign Vulnerability – Patched GetMama Conditional Malware Campaign TimThumb Vulnerability – Patched .RR.NU Malware Campagin Sweepstake Malware Campaign@sucuri_security @perezbox #wcoc 20 6/2/2012
  21. 21. Top reasons why we see these infections Poor credential Management Poor System Administration Soup Kitchen Servers Out of Date Software Lack of Web knowledge Use of self-proclaimed “experts” Cutting Corners@sucuri_security @perezbox #wcoc 21 6/2/2012
  22. 22. So what can you do? Glad you asked
  23. 23. Reduce Threat Risk Update Credentials Communicate Securely Themes / Plugins Harden Your Install Don‟t forget your local environment Knowledge - Resources@sucuri_security @perezbox #wcoc 23 6/2/2012
  24. 24. Update, Update, Update Leading cause of infections If your theme is so coupled with core it can‟t be updated, consider purchasing a new one PHP, Core, Themes, Plu gins, JavaScript…@sucuri_security @perezbox #wcoc 24 6/2/2012
  25. 25. Credentials (user / password) Basics Take-Aways Avoid using „Admin‟ & Complex Unique password „Administrator‟ Upper / Lower Symbols Numbers Use Strong Passwords Longer than 18 characters Online Generator: http://www.onlinepasswordgen Passphrases erator.com/password.php Use one time – Password manager Use Password Manager LastPass – Free – Online / In short: Mobile Access No Dates No Names https://lastpass.com/ No Pets 1Password No Places https://agilebits.com/onepass A = @, E = 3, S= $, O = 0 word They know this@sucuri_security @perezbox #wcoc 25 6/2/2012
  26. 26. Data Dictionary / Defacement@sucuri_security @perezbox #wcoc 26 6/2/2012
  27. 27. Communicate Securely Communication mechanisms File Transfer Protocol (FTP) Secret File Transfer Protocol (SFTP) Secure Shell (SSH) Tools Filezilla Coda NCFTP SFTP / SSH - Best Approach Google: How to create SFTP account on [Host Name] Google: How to enable SSH on [Host Name]@sucuri_security @perezbox #wcoc 27 6/2/2012
  28. 28. Safe Themes / Plugins WordPress Repository is a good place to start 19.6k+ - Available Plugins 1.5k+ - Available Themes Look for good descriptions of the theme or plugin Look to see versions and updates Active change log is always good Theme-check & Plugin-check are good tools to check potential issues Free Theme? http://wpmu.org/why-you-should-never-search-for-free- wordpress-themes-in-google-or-anywhere-else/@sucuri_security @perezbox #wcoc 28 6/2/2012
  29. 29. Plugins To Avoid WPStats.org SPAM – Fake Advanced Search Plugin SEO poisoning – Bad http://blog.sucuri.net/2012/05/wpstats-org-spam-and-a-fake-advanced-search- plugin.html Dean FCKEditor with PWWANGS Code for WordPress (version 1.0.0) Upload / Server control - Very Bad http://blog.sucuri.net/2012/03/wordpress-third-party-vulnerability-deans-fckeditor-with- pwwangs-code-for-wordpress-version-1-0-0.html Absolute Privacy Plugin Known vulnerability http://blog.sucuri.net/2012/02/vulnerability-in-the-absolute-privacy-plugin.html ToolsPack Plugin Dangerous backdoor – full access - Very Bad http://blog.sucuri.net/2012/02/new-wordpress-toolspack-plugin.html@sucuri_security @perezbox #wcoc 29 6/2/2012
  30. 30. Whatwebsites aredangerous?@sucuri_security @perezbox #wcoc 30 6/2/2012
  31. 31. Hardening Getting er done!
  32. 32. HTACCESS is your Friend Configuration file for web servers using Apache Features: Error Documents Redirects Password Protection Deny visitors by IP Hot link prevention Access prevention More? Apply these changes at your own peril – run risk of blowing up site@sucuri_security @perezbox #wcoc 32 6/2/2012
  33. 33. Protect HTACCESS Permission <= 640 #PROTECT HTACCESS <Files HTACCESS> Order Allow, Deny Deny from all </Files>@sucuri_security @perezbox #wcoc 33 6/2/2012
  34. 34. Protect WP-Config .htaccess Permissions <= 640 #PROTECT WP-CONFIG <Files wp-config.php> Order Allow, Deny Deny from all </Files>@sucuri_security @perezbox #wcoc 34 6/2/2012
  35. 35. Authentication Keys wp-config.php Encrypts information stored in user‟s cookies https://api.wordpress.org/secret-key/1.1/salt/ Resource: http://codex.wordpress.org/Editing_wp-config.php@sucuri_security @perezbox #wcoc 35 6/2/2012
  36. 36. Database Prefix Default is “wp_” wp-config.php@sucuri_security @perezbox #wcoc 36 6/2/2012
  37. 37. Admin User Created by “default” < = 3.0 In higher version you can define your own administrator Create new user, apply “administrator” role Be mindful of any posts created by “admin” user Delete “admin” user@sucuri_security @perezbox #wcoc 37 6/2/2012
  38. 38. Disable Directory Listing Nobody show know the color of your skivvies Default in most hosts, not always # PREVENT DIRECTORY LISTINGS Options -Indexes@sucuri_security @perezbox #wcoc 38 6/2/2012
  39. 39. Disable Plugin / Theme Editor wp-config.php file Remove the ability modify your files via your wp-admin panel – force to use SFTP / SSH and your local IDE # Disable Plugin / Theme Editor Define(„DISALLOW_FILE_EDIT‟,true);@sucuri_security @perezbox #wcoc 39 6/2/2012
  40. 40. Permissions Directories 755 Files Directories: 644 find [path to install] -type d -exec chmod 755 {} ; Important Files .htaccess = 644 Files: Find [path to install] -type f -exec chmod 644 {} ; wp-config.php = 600 php.ini = 600 php.cgi = 711 php5.cgi = 100 Reading: http://codex.wordpress.org/Changing_File_Permissions@sucuri_security @perezbox #wcoc 40 6/2/2012
  41. 41. Protect WP-Admin If you have a dynamic IP this might be problematic Consider HTTPS (Heavy / Complicated) or Basic Authentication (Effective / Simple) # SECURE Access to WP-ADMIN <FilesMatch ".*"> Order Deny,Allow Deny from all Allow from [IP Address] </FilesMatch>@sucuri_security @perezbox #wcoc 41 6/2/2012
  42. 42. Harden WP-Includes Create .htaccess in wp-includes directory #PROTECT WP-INCLUDES <FilesMatch “.php”> Order Allow, Deny Deny from all Deny</Files>@sucuri_security @perezbox #wcoc 42 6/2/2012
  43. 43. Harden WP-Content Create .htaccess in wp-content directory Most vulnerable, contains Uploads directory, often the attack vector It can be moved, but if you‟re an end-user don‟t touch – hire a pro – lots of dependencies #PROTECT WP-CONTENT <FilesMatch “.php”> Order Allow, Deny Deny from all Deny</Files>@sucuri_security @perezbox #wcoc 43 6/2/2012
  44. 44. Limit Upload Most shells < 1 mb Good idea anyway - //limit file upload to 10mb LimitRequestBody 10240000@sucuri_security @perezbox #wcoc 44 6/2/2012
  45. 45. Protect Against Bots Malnets are a growing problem, proactively protect against them using a Web Application Firewall Perishable Press – 5G Blacklist 2012 http://perishablepress.com /5g-blacklist-2012/@sucuri_security @perezbox #wcoc 45 6/2/2012
  46. 46. 5G WordPress Add-On Don‟t want to add all that other stuff? No problem, try this condensed version for WordPress Doesn‟t require the 5G Blacklist and helps protect against bad URL request – i.e., helps take the load off your server from these very annoying requests Source: http://perishablepress.com/wordpress-5g-blacklist/ Careful – wp-signup required for MultiSite@sucuri_security @perezbox #wcoc 46 6/2/2012
  47. 47. Secure Login Page There are a number of plugins you can use for this, or, you can turn to your .htaccess again Might be an issue if its not static.. <Files wp-login.php> Order Deny,Allow Deny from All Allow from [Your IP] </Files>@sucuri_security @perezbox #wcoc 47 6/2/2012
  48. 48. Protect against XSS Deny bad query Strings – in short, don‟t become a victim to cross-site scripting # QUERY STRING EXPLOITS <IfModule mod_rewrite.c> RewriteCond %{QUERY_STRING} ../ [NC,OR] RewriteCond %{QUERY_STRING} boot.ini [NC,OR] RewriteCond %{QUERY_STRING} tag= [NC,OR] RewriteCond %{QUERY_STRING} ftp: [NC,OR] RewriteCond %{QUERY_STRING} http: [NC,OR] RewriteCond %{QUERY_STRING} https: [NC,OR] RewriteCond %{QUERY_STRING} mosConfig [NC,OR] RewriteCond %{QUERY_STRING} ^.*([|]|(|)|<|>||"|;|?|*).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(%22|%27|%3C|%3E|%5C|%7B|%7C).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127.0).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(globals|encode|config|localhost|loopback).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare|drop).* [NC] RewriteRule ^(.*)$ - [F,L] </IfModule>@sucuri_security @perezbox #wcoc 48 6/2/2012
  49. 49. SPAM Comments SPAM in your comments can get you blacklisted just as fast as injections on your pages Disable comments on pages if you don‟t want them Setting to close comments after a certain amount of time. Settings > Discussion > Other Comment Settings Automatically close comments on articles older than XX days Use AKISMET@sucuri_security @perezbox #wcoc 49 6/2/2012
  50. 50. Cross-Site Contamination Most of the things provided so far help you from external attacks. Internal attacks are as prevalent Growing problem – “Soup Kitchen” servers Development, Staging, Testing, Productions – 1 environment http://blog.sucuri.net/2012/03/a-little-tale-about-website- cross-contamination.html http://blog.sucuri.net/2012/03/website-cross- contamination-blackhat-seo-spam-malware.html@sucuri_security @perezbox #wcoc 50 6/2/2012
  51. 51. Security Plugins Sucuri Clients – Sucuri Security – Free to Clients Web Application Firewall Integrity Monitoring Auditing Hardening More: http://sucuri.net/services/preventive Not a client? No problem, other good options include – Login Lock http://wordpress.org/extend/plugins/login-lock/ WordPress File Monitor http://wordpress.org/extend/plugins/wordpress-file-monitor/ WordPress Firewall 2 http://wordpress.org/extend/plugins/wordpress-firewall-2/ BulletProof Security http://wordpress.org/extend/plugins/bulletproof-security/@sucuri_security @perezbox #wcoc 51 6/2/2012
  52. 52. Still have a malware problem?
  53. 53. Two Approaches Do it Yourself Hire a Professional Forums are you friend Will cost money Requires time and Alleviates the stress patience Gets you up and running Leverage free tools in hours, if not days Know when you‟re in over your head Can take time – hours, days, weeks, mo nths@sucuri_security @perezbox #wcoc 53 6/2/2012
  54. 54. Support Forums WordPress.org Hacked: http://wordpress.org/tags/hacked Malware: http://wordpress.org/tags/malware BadwareBusters.org https://badwarebusters.org/@sucuri_security @perezbox #wcoc 54 6/2/2012
  55. 55. Things to Know when Engaging Professionals Know who your host is and how to contact them in the event of an emergency Know how to access your server – FTP, SFTP, SSH, FTPS Have a backup accessible Tips: http://blog.sucuri.net/2012/04/ask-sucuri-what-should-i- know-when-engaging-a-web-malware-company.html@sucuri_security @perezbox #wcoc 55 6/2/2012
  56. 56. Tips & Tricks After all this you might still become infected, and if you do here are a few tips to keep you going: 1. Immediately Change all credentials – wp- admin, database, cpanel 2. Log into your database and check all the users 3. Replace WP manually – avoid the default updater 4. Defacements – look at your index files (watch out for “.html” and “index2.php”) 5. Use live scanner: http://sitecheck.sucuri.net 6. Use terminal to GREP and FIND issues reported 7. Restore site from clean backup 8. Purge your cache 9. Disable plugins, validate each plugin 10. Engage a professional@sucuri_security @perezbox #wcoc 56 6/2/2012
  57. 57. Online Resources
  58. 58. FREE Real Time Virus Scanners Sucuri SiteCheck: http://sitecheck.sucuri.net Unmask Parasites: http://unmaskparasites.com/@sucuri_security @perezbox #wcoc 58 6/2/2012
  59. 59. Blacklisting Authorities Google Chrome, FireFox Search Engine Results Page (SERP) http://www.google.com/webmaster/tools http://www.google.com/safebrowsing/diagnostic?site=[your site] Bing Internet Explorer http://www.bing.com/toolbox/webmaster/ Norton Facebook http://safeweb.norton.com/ AVG Opera http://www.avgthreatlabs.com/sitereports/@sucuri_security @perezbox #wcoc 59 6/2/2012
  60. 60. Useful Plugins Know what you‟re using: Theme-Check Authors: Pross, Otto42 http://wordpress.org/extend/plugins/theme-check/ Plugin-Check Author: Pross http://wordpress.org/extend/plugins/plugin-check/ Protect Against Comment SPAM Akismet Authors: Matt, Ryan, Andy, mdawaffe http://wordpress.org/extend/plugins/akismet/ Still offers free service Backups are your friend: Author: iThemes http://pluginbuddy.com/purchase/backupbuddy/@sucuri_security @perezbox #wcoc 60 6/2/2012
  61. 61. Online Reading http://blog.sucuri.net/2012/04/lockdown-wordpress-a- security-webinar-with-dre-armeda.html http://blog.sucuri.net/2012/04/ask-sucuri-how-to-stop-the- hacker-and-ensure-your-site-is-locked.html http://blog.sucuri.net/2012/04/ask-sucuri-what-should-i- know-when-engaging-a-web-malware-company.html http://codex.wordpress.org/Hardening_WordPress http://codex.wordpress.org/FAQ_My_site_was_hacked http://wpsecure.net/@sucuri_security @perezbox #wcoc 61 6/2/2012
  62. 62. Online Tools http://www.botsvsbrowsers.com/SimulateUserAgent.asp http://www.tareeinternet.com/scripts/base.html http://www.tareeinternet.com/scripts/decrypt.php@sucuri_security @perezbox #wcoc 62 6/2/2012
  63. 63. Tony Perez Company: Sucuri Security Company site: http://sucuri.net Company blog: http://blog.sucuri.net Personal blog: http://perezbox.com Twitter: http://twitter.com/perezbox Linkedin: http://linkedin.com/in/perezbox Email: tony@sucuri.net@sucuri_security @perezbox #wcoc 63 6/2/2012

×