Uhla lwemibhalo ye-athikili
- 1 I-WP Secure Login Plugin Iyanconywa
- 1.1 Ukuphepha kwe-akhawunti yomsebenzisi
- 1.2 Ukuphepha kokungena komsebenzisi
- 1.3 Ukuphepha kokubhaliswa komsebenzisi
- 1.4 ukuphepha kwesizindalwazi
- 1.5 ukuphepha kwesistimu yefayela
- 1.6 Ikhophi yasenqolobaneni yefayela le-HTACCESS ne-WP-CONFIG.PHP futhi ulibuyisele
- 1.7 Umsebenzi we-Blacklist
- 1.8 Umsebenzi we-firewall
- 1.9 Ukuvimbela ukungena ngemvume kwe-Brute force
- 1.10 WHOIS ukubheka
- 1.11 isithwebuli sokuphepha
- 1.12 Beka amazwana kugaxekile uphephile
- 1.13 Ukuvikela ikhophi yombhalo osekupheleni
- 1.14 Izibuyekezo ezivamile kanye nokwengezwa kwezici ezintsha zokuphepha
- 1.15 Isebenza nama-plugin aziwa kakhulu e-WORDPRESS
- 1.16 Izici ezengeziwe
- 2 Imibuzo ebuzwa njalo
- 3 Isevisi ayitholakali okwamanje
WordPressUkulungiselelwa kwe-plug-in yokuvikela ukuphepha kwewebhusayithi:
Konke Ku-One WP Security & Firewall
senzaUkukhuthazwa Kwewebhu, kwenze ngewebhusayithiSEOUkumaketha, kuyenzeka ukuthi ukuvikelwa kwewebhusayithi kubaluleke kakhulu.
ezinyeimidiya entshaAbantu abafuna ukwenza umsebenzi omuhle ekuvikelekeni kwewebhusayithi ye-WordPress, bakhononda ngalawa ma-plugin okuphepha we-WP we-2:
- 1) I-Wordfence
- 2) I-iThemes Security
Ngisho nemisebenzi eyisisekelo kakhulu yokuthekelisa kanye nezilungiselelo zokungenisa kumele zikhokhelwe enguqulweni yobungcweti ngaphambi kokuba zisetshenziswe, hehe!
I-WP Secure Login Plugin Iyanconywa
U-Chen WeiliangSesha ngokucophelela ku-WP esemthethweni, futhi uthole lokhu maduzeI-plugin ye-WP:
- 3) Konke Ku-One WP Security & Firewall
Umehluko omkhulu kusukela kokubili kokuqala ukuthi abasebenzisi bamahhala bangasebenzisa izilungiselelo ezigcwele zokuvikela iwebhusayithi.
Okubaluleke kakhulu, ungasebenzisa umsebenzi wokungenisa nokuthekelisa izilungiselelo mahhala ▼
Ukusetha umsebenzi wokungenisa nokuthekelisa we-All In One WP Security & Firewall plugin, sicela uchofoze inketho Yokuphepha ye-WP "Izilungiselelo" ▼
Ngezansi uhlu lwezokuphepha ze-WordPress nezici zokuvikela ezinikezwe i-plugin:
Ukuphepha kwe-akhawunti yomsebenzisi
- Thola ukuthi ingabe ikhona i-akhawunti yomsebenzisi enegama lomsebenzisi elithi "admin" elizenzakalelayo futhi uguqule kalula igama lomsebenzisi libe ivelu olithandayo.
- I-plugin izophinde ibone uma unama-akhawunti womsebenzisi we-WordPress anegama elifanayo lokungena nokubonisa.Ukucabangela lapho igama lesibonisi lifana khona nokungena kuwumkhuba omubi wokuvikela, njengoba usuvele ukwazi ukungena ngemvume.
- Ithuluzi Lamandla Ephasiwedi elikuvumela ukuthi udale amaphasiwedi aqine kakhulu.
- Misa ikhasi lomsebenzisi.Ngakho abasebenzisi/ama-bots abakwazi ukuthola ulwazi lomsebenzisi ngama-permalinks ababhali.
Ukuphepha kokungena komsebenzisi
- Sebenzisa isici sokuvala ukungena ukuze uvimbele "ukuhlasela kokungena ngenkani ngenkani".Abasebenzisi abanamakheli e-IP athile noma ububanzi bazokhiyelwa ngaphandle kwesistimu isikhathi esinqunyiwe kusengaphambili ngokusekelwe kuzilungiselelo zokucushwa, futhi ungakhetha ukwaziswa nge-imeyili yabantu abavalelwe ngaphandle ngenxa yemizamo yokungena ngemvume eyeqile.
- Njengomlawuli, ungabuka uhlu lwabo bonke abasebenzisi abakhiyiwe oluboniswe kuthebula elifundeka kalula nelizulazulayo, noma uvule amakheli e-IP angawodwana noma amaningi ngokuchofoza inkinobho.
- Phoqa ukuphuma kwabo bonke abasebenzisi ngemuva kwesikhathi esilungisekayo
- Qapha/buka imizamo yokungena ehlulekile, ebonisa ikheli le-IP lomsebenzisi, igama lomsebenzisi/igama lomsebenzisi kanye nosuku/isikhathi sokuhluleka kokuzama ukungena ngemvume
- Gada/buka umsebenzi we-akhawunti wawo wonke ama-akhawunti abasebenzisi ohlelweni ngokulandelela igama lomsebenzisi, ikheli le-IP, idethi yokungena/isikhathi kanye nosuku/isikhathi sokuphuma.
- Ikhono lokukhiya ngokuzenzakalelayo ububanzi bekheli le-IP elizama ukungena ngamagama abasebenzisi angavumelekile.
- Ikhono lokubuka uhlu lwabo bonke abasebenzisi abangene kuwebhusayithi yakho njengamanje.
- Ikuvumela ukuthi ucacise ikheli le-IP elilodwa noma amaningi ohlwini oluthile olugunyaziwe.Amakheli e-IP agunyaziwe azokwazi ukufinyelela ikhasi lakho lokungena le-WP.
- intandoIkhodi yokuqinisekisaKwengezwe kwifomu lokungena le-WordPress.
- Faka i-captcha kufomu lakho lephasiwedi lokungena le-WP elikhohliwe.
Ukuphepha kokubhaliswa komsebenzisi
- Nika amandla ukugunyazwa okwenziwa ngesandla kwama-akhawunti omsebenzisi we-WordPress.Uma iwebhusayithi yakho ivumela abasebenzisi ukuthi bazenzele ama-akhawunti abo ngokubhaliswa kwe-WordPress, unganciphisa ukubhaliswa kogaxekile noma okungelona iqiniso ngokugunyaza ukubhaliswa ngakunye.
- Ikhono lokwengeza i-captcha ekhasini lokubhalisa lomsebenzisi we-WordPress ukuvimbela ukubhaliswa komsebenzisi ogaxekile.
- Ikhono lokwengeza i-WordPress kumafomu okubhalisa abasebenzisi be-WordPress ukunciphisa imizamo yokubhalisa ye-bot.
ukuphepha kwesizindalwazi
- Ngokuchofoza inkinobho, ungasetha isiqalo esizenzakalelayo se-WP sibe yinani olithandayo.
- Hlela izipele ezizenzakalelayo nezaziso ze-imeyili, noma izipele zedathabhesi esheshayo ngokuchofoza okukodwa nje.
ukuphepha kwesistimu yefayela
- Khomba amafayela noma amafolda anezilungiselelo zemvume engavikelekile futhi usethe izimvume kumanani okuphepha anconyiwe ngokuchofoza inkinobho.
- Vikela ikhodi yakho ye-PHP ngokukhubaza ukuhlelwa kwefayela endaweni yokuphatha ye-WordPress.
- Buka kalula futhi uqaphe wonke ama-syslog osokhaya ekhasini elilodwa lemenyu, futhi uhlale unolwazi nganoma yiziphi izinkinga noma izinkinga ezenzeka kuseva yakho ukuze kuxazululwe izinkinga ngokushesha.
- Vimbela abasebenzisi ekufinyeleleni amafayela esayithi lakho le-WordPress elithi readme.html, license.txt kanye ne-wp-config-sample.php.
Ikhophi yasenqolobaneni yefayela le-HTACCESS ne-WP-CONFIG.PHP futhi ulibuyisele
- Yenza isipele kalula amafayela akho asekuqaleni .htaccess kanye ne-wp-config.php uma kwenzeka udinga ukuwasebenzisa ukuze ubuyisele ukusebenza okuphukile.
- Lungisa okuqukethwe kwefayela elisebenzayo .htaccess noma i-wp-config.php kusuka kuphaneli yokulawula yomqondisi ngokuchofoza okumbalwa nje
Umsebenzi we-Blacklist
- Vimbela abasebenzisi ekucaciseni ububanzi be-IP ngokucacisa amakheli e-IP noma ukusebenzisa amakhadi asendle.
- Vimbela umsebenzisi ngokucacisa umenzeli womsebenzisi.
Umsebenzi we-firewall
Uma ungenisa izilungiselelo zisuka kwamanye amawebhusayithi, bese ubheka "Vumela I-404 IP Detection and Lockout": Sicela uqinisekise ukuthi usetha i-URL ethi "404 Lockout Redirect URL" kunketho ye-"Firewall", kungenjalo izoqondiswa kabusha kwamanye amawebhusayithi ▼
Le plugin ikuvumela ukuthi wengeze kalula ukuvikelwa kwe-firewall kuwebhusayithi yakho ngokusebenzisa amafayela we-htaccess.Iseva yakho yewebhu isebenzisa ifayela le-htaccess ngaphambi kokuthi noma iyiphi enye ikhodi kuwebhusayithi yakho isebenze.
Ngakho-ke, le mithetho ye-firewall izovimba imibhalo enonya ekubeni nethuba lokufinyelela ikhodi ye-WordPress kuwebhusayithi yakho.
- Indawo yokulawula ukufinyelela.
- Yenza kusebenze ngokushesha uhla lwezilungiselelo zohlelo lokuvikela kusukela kokuyisisekelo, okumaphakathi nokuthuthukile.
- Nika amandla umthetho odumile we-"5G Blacklist".
- Ukuthunyelwa kwamazwana ommeleli akuvunyelwe.
- Vimba ukufinyelela kumafayela okungena okulungisa iphutha.
- Khubaza ukulandelela nokulandelela.
- Izinhlamvu zombuzo ezinonya noma ezinonya ziyenqatshwa.
- Vimbela umbhalo we-cross-site scripting (XSS) ngokwenza kusebenze isihlungi seyunithi yezinhlamvu ezithuthukisiwe.
Noma ama-bot ayingozi angenawo amakhukhi akhethekile kuziphequluli zawo.Wena (umphathi wewebhusayithi) uzokwazi ukusetha leli khukhi elikhethekile futhi ukwazi ukungena ngemvume kuwebhusayithi yakho. - Isici sokuvikela ubungozi be-WordPress PingBack.Lesi sici sohlelo lokuvikela sivumela abasebenzisi ukuthi bavimbe ukufinyelela kufayela le-xmlrpc.php ukuze banqande ubungozi obuthile esicini se-pingback.Lokhu futhi kusiza ekuvimbeleni ama-bots ukuthi angafinyeleli njalo ifayela le-xmlrpc.php nokumosha izinsiza zeseva yakho.
- Ikhono lokuvimba ama-Googlebots mbumbulu ekukhaseni isayithi lakho.
- Iyakwazi ukuvimbela i-hotlinking yesithombe.Sebenzisa lokhu ukuze uvimbele abanye ekuxhumaniseni izithombe zakho.
- Ikhono lokungena yonke imicimbi engu-404 kuwebhusayithi yakho.Ungaphinda ukhethe ukuvimba ngokuzenzakalela amakheli e-IP ngama-404 amaningi kakhulu.
- Ikhono lokwengeza imithetho yangokwezifiso ukuvimba ukufinyelela kuzinsiza ezahlukahlukene kuwebhusayithi yakho.
Ukuvimbela ukungena ngemvume kwe-Brute force
- Misa ukuhlasela kokungena ngenkani ngokushesha ngesici sethu esikhethekile sokuvimbela ukungena ngemvume kwe-brute force.Lesi sici se-firewall sizovimba yonke imizamo yokungena kubantu nama-bots.
- Ikhono lokwengeza i-captcha yezibalo elula kumafomu okungena e-WordPress ukuze uvikele ekuhlaselweni kokungena ngemvume okunamandla.
- Ikhono lokufihla ikhasi lokungena lomlawuli.Qamba kabusha i-URL yekhasi lakho lokungena le-WordPress ukuze ama-bots nabaduni bangakwazi ukufinyelela i-URL yakho yokungena ye-WordPress yangempela.Lesi sici sikuvumela ukuthi uguqule ikhasi lokungena elizenzakalelayo (wp-login.php) kunoma yini oyilungisayo.
- Ikhono lokusebenzisa i-honeypot yokungena ngemvume, ezosiza ukunciphisa imizamo yokungena nge-brute force ngama-bots.
WHOIS ukubheka
- Bheka i-WHOI yabasingathi abasolisayo noma amakheli e-IP futhi uthole imininingwane egcwele.
isithwebuli sokuphepha
- Iskena Sokuthola Ukushintsha Kwefayela singakuxwayisa uma kukhona amafayela ohlelweni lwakho lwe-WordPress ashintshile.Ungabe usuphenya ukuze ubone ukuthi lolu wushintsho olusemthethweni, noma uma ngabe ikhodi ethile embi ifakiwe.
- Umsebenzi wesithwebuli sesizindalwazi ungasetshenziswa ukuskena amathebula esizindalwazi.Ibheka noma yiziphi izintambo ezivamile ezisolisayo, i-JavaScript kanye nekhodi ethile ye-html kumathebula ayisisekelo e-WordPress.
Beka amazwana kugaxekile uphephile
- Gada amakheli e-IP asebenza kakhulu ahlala ekhiqiza amazwana amaningi ogaxekile futhi uwavimbe ngaso leso sikhathi ngokuchofoza inkinobho.
- Ungavimbela amazwana ukuthi athunyelwe uma engaveli esizindeni sakho (lokhu kuzonciphisa okunye okuthunyelwe kogaxekile kusayithi lakho).
- Engeza i-captcha efomini lakho lamazwana le-WordPress ukuze uthole ukuphepha okwengeziwe ngokumelene nogaxekile wamazwana.
- Vimba ngokuzenzekelayo futhi unomphela amakheli e-IP adlula inani elithile lamazwana amakwe njengogaxekile.
Ukuvikela ikhophi yombhalo osekupheleni
- Ikhono lokukhubaza ukuchofoza kwesokudla, ukukhetha umbhalo kanye nezinketho zokukopisha ze-frontend yakho.
Izibuyekezo ezivamile kanye nokwengezwa kwezici ezintsha zokuphepha
- Ukuphepha kwe-WordPress kuye kwavela ngokuhamba kwesikhathi.Ababhali be-plugin bazobuyekeza njalo i-plugin yezokuphepha ye-All In One WP ngezici ezintsha zokuphepha (kanye nezilungiso uma kudingeka) ukuze uqiniseke ukuthi isayithi lakho lizoba senqenqemeni lobuchwepheshe bezokuphepha.
okwaziwayo kakhuluI-plugin ye-WORDPRESS
- Kufanele isebenze kahle ngama-plugin aziwa kakhulu e-WordPress.
Izici ezengeziwe
- Ikhono lokususa imininingwane ye-meta ye-WordPress kusuka kukhodi yomthombo we-HTML yewebhusayithi yakho.
- Ikhono lokususa ulwazi lwenguqulo ye-WordPress kumafayela e-JS ne-CSS kuhlanganise newebhusayithi yakho.
- Ikhono lokuvimbela abantu ukuthi bafinyelele amafayela e-readme.html, license.txt kanye ne-wp-config-sample.php
- Ikhono lokukhiya isikhashana izivakashi ezingaphambili nezivamile zesayithi ngenkathi wenza imisebenzi ehlukahlukene yangemuva (uphenya ngokuhlaselwa kokuphepha, ukwenza ukuthuthukiswa kwesayithi, ukwenza umsebenzi wokulungisa, njll.).
- Ikhono lokuthekelisa/ukungenisa izilungiselelo zokuphepha.
- Vimbela amanye amasayithi ekuboniseni okuqukethwe kwakho ngozimele noma ama-iframe.
Imibuzo ebuzwa njalo
Isevisi ayitholakali okwamanje
Iphutha: Ukufinyelela ekhelini lakho le-IP kuvinjiwe ngenxa yezizathu zokuphepha.Sicela uthinte umlawuli wakho.
Uma umlayezo ongenhla othi "isevisi ayitholakali okwesikhashana" uvela lapho ungena kuwebhusayithi, kusho ukuthi ukufinyelela kwakho kwekheli le-IP kukhawulelwe.Sicela uzame ukuqamba kabusha i-plugin nge-FTP, ngemva kokwenza i-plugin ingasebenzi, kufanele ukwazi ukungena ngemvume. Uma i-FTP iqamba kabusha i-plugin, namanje ayikwazi ukungena ngemvume:
- Qiniseka ukuthi wonke amanye ama-plugin akho akhutshaziwe.
- Bese ufaka ikhophi entsha futhi unike amandla i-plugin, kodwa ungayifaki kabusha imithetho.
- Bese uqala ukunika amandla izici ezidingwa yisayithi lakho.
Ukuze uvimbele iwebhusayithi yakho ukuthi ingagetshengwa, qala ukufaka i-All In One WP Security & Firewall security plugin manje! Chofoza lapha Konke Ku-One WordPress Security kanye ne-Firewall Ikhasi lokulanda le-plugin
I-Hope Chen Weiliang Blog ( https://www.chenweiliang.com/ ) wabelane ngokuthi "Ukulungiselelwa kwe-plugin yokuvikela ukuphepha kwewebhusayithi ye-WordPress: Konke Ku-One WP Security & Firewall", okuwusizo kuwe.
Siyakwamukela ukwabelana ngesixhumanisi salesi sihloko:https://www.chenweiliang.com/cwl-607.html
Uyemukelwa esiteshini seTelegram sebhulogi ka-Chen Weiliang ukuze uthole izibuyekezo zakamuva!
📚 Lo mhlahlandlela uqukethe inani elikhulu, 🌟Leli ithuba eliyivelakancane, ungaphuthelwa! ⏰⌛💨
Yabelana futhi uthanda uma uthanda!
Ukwabelana kwakho nokuthanda kwakho kuyisisusa sethu esiqhubekayo!
Abantu abangu-5 baphawule ngokuthi "Ukulungiswa kwe-plug-in yokuvikela ukuphepha kwewebhusayithi ye-WordPress: Konke Ku-One WP Security & Firewall"
ulwazi olubalulekile.
Isihloko esihle kakhulu!
Kungani ngingakwazi ukungena ngemva kokunika amandla le plug-in nokwenza "Ukuphepha Kokungena Ngemvume Komsebenzisi"?
Kungase kube nezinkinga zeseva, noma izilungiselelo ze-plugin, ngakho le plugin ayisanconywa manje.
Eqinisweni, akhona amanye ama-plugin okuvikela angcono atholakalayo, afana nalokhu: Ukuphepha Kwetimu
Kufanele ngabe ukhuluma nge-iThemes Security, akunjalo?
I-iThemes Security vs All In One WP Security & Firewall, yikuphi okungcono?
Futhi, iyiphi i-plug-in yokuvikela engcono kakhulu esetshenziswayo njengamanje futhi eza nephekhi yolimi lwesiShayina? Ingabe ama-blogger angayincoma?Kuhle kakhulu!
Ukuqhathaniswa kwe-iThemes Security kanye Konke Ku-One WP Security & Firewall:
I-iThemes Security izoba lula ukuyisebenzisa futhi iza nephakethe lolimi lwesiShayina.