Momwe Mungayang'anire, Chotsani, ndi Kuteteza Malware ku WordPress Yanu

yaumbanda

Sabata ino inali yotanganidwa kwambiri. Chimodzi mwazinthu zopanda phindu zomwe ndikudziwa zidapezeka kuti ali pamavuto - tsamba lawo la WordPress linali ndi kachilombo koyipa. Tsambalo lidabedwa ndipo zolemba zidalembedwa kwa alendo omwe adachita zinthu ziwiri zosiyana:

  1. Adayesera kupatsira Microsoft Windows ndi pulogalamu yaumbanda.
  2. Anatumizanso ogwiritsa ntchito patsamba lomwe amagwiritsa ntchito JavaScript kuti agwiritse ntchito PC ya alendo cryptocurrency.

Ndidazindikira kuti tsambalo lidabedwa nditayendera nditadutsa nkhani zawo zaposachedwa ndipo ndidawadziwitsa nthawi yomweyo zomwe zikuchitika. Tsoka ilo, zinali zankhanza kwambiri zomwe ndinatha kuzichotsa koma nthawi yomweyo ndinayambitsanso tsambalo ndikakhala moyo. Ichi ndi chizolowezi chofala cha osokoneza mapulogalamu aumbanda - samangobera tsambalo, amathanso kuwonjezera wogwiritsa ntchito webusayiti kapena kusintha fayilo yayikulu ya WordPress yomwe imabweretsanso kuthyolako ikachotsedwa.

Mapulogalamu aumbanda ndi nkhani yomwe ikupitilira intaneti. Pulogalamu yaumbanda imagwiritsidwa ntchito kukulitsa mitengo yotsatsa (zotsatsa malonda), kuyika ziwerengero zamasamba kuti muwonjezere otsatsa, kuyesa kupeza mwayi wazachuma komanso zidziwitso za alendo, ndipo posachedwapa - kuti mupange ndalama zanga. Anthu ogwira ntchito m'migodi amalipidwa bwino chifukwa cha zidziwitso za migodi koma mtengo wopangira makina amigodi ndikulipira ngongole zamagetsi ndizofunikira. Pogwiritsira ntchito makompyuta mobisa, ogwira ntchito m'migodi amatha kupanga ndalama popanda kuwononga ndalama.

WordPress ndi nsanja zina zofala ndizofunikira zazikulu za osokoneza chifukwa ndiwo maziko amalo ambiri pa intaneti. Kuphatikiza apo, WordPress ili ndi mutu ndi zomangamanga zomwe siziteteza mafayilo apakati pamabowo achitetezo. Kuphatikiza apo, gulu la WordPress ndilofunika kwambiri pozindikira komanso kutchera mabowo achitetezo - koma eni masamba sakhala tcheru posunga tsamba lawo posinthidwa ndimitundu yatsopano.

Tsambali lidasungidwa malinga ndi chikhalidwe cha GoDaddy (osati Kusungidwa kokhala ndi WordPress), yomwe imapereka chitetezo cha zero. Zachidziwikire, amapereka Chojambulira pulogalamu yaumbanda ndikuchotsa service, komabe. Makampani omwe amayang'anira WordPress monga Flywheel, WP Engine, LiquidWeb, GoDaddy, ndi Pantheon zonse zimapereka zosintha zokha kuti masamba anu azikhala achikale pomwe nkhani zathu ndizodziwika. Ambiri ali ndi pulogalamu yaumbanda yojambulidwa ndi mindandanda yakuda ndi mapulagini kuthandiza eni masamba kupewa kubera. Makampani ena amapitanso patsogolo - Kinsta - wokhala ndi maudindo akuluakulu a WordPress - ngakhale amapereka chitetezo chachitetezo.

Kodi Tsamba Lanu Lalembedwa Kuti Lipeze Malware:

Pali masamba ambiri pa intaneti omwe amalimbikitsa "kuwunika" tsamba lanu ngati muli ndi pulogalamu yaumbanda, koma kumbukirani kuti ambiri sakuyang'ana tsamba lanu pompopompo. Kusanthula pulogalamu yaumbanda pompopompo kumafunikira chida chokwera chachitatu chomwe sichingathe kupereka zotsatira nthawi yomweyo. Masamba omwe amapereka cheke nthawi yomweyo ndi masamba omwe adapeza kuti tsamba lanu lili ndi pulogalamu yaumbanda. Zina mwamawebusayiti omwe amapezeka pa intaneti ndi awa:

  • Lipoti la Google Transparency - ngati tsamba lanu lalembetsedwa ndi oyang'anira masamba awebusayiti, nthawi yomweyo amakuchenjezani pamene akukwawa tsamba lanu ndikupeza pulogalamu yaumbanda pamenepo.
  • Webusaiti Yotetezeka ya Norton - Norton imagwiritsanso ntchito mapulagini osakatula ndi mapulogalamu a pulogalamu yomwe ingalepheretse ogwiritsa ntchito kutsegula tsamba lanu madzulo ngati adalemba. Eni webusayiti amatha kulembetsa tsambalo ndikupempha kuti tsamba lawo liunikidwenso likakhala loyera.
  • Sucuri - Sucuri ali ndi mndandanda wamawebusayiti komanso lipoti loti adasankhidwa. Ngati tsamba lanu litsukidwa, muwona Limbikitsani Kukonzanso ulalo pansi pamndandanda (zazing'ono kwambiri). Sucuri ili ndi pulogalamu yowonjezera yomwe imazindikira zovuta ... kenako ndikukulowetsani mumgwirizano wapachaka kuti muwachotse.
  • Yandex - ngati mufufuza Yandex pazomwe mumayang'ana ndikuwona "Malinga ndi Yandex, tsamba ili likhoza kukhala lowopsa ", mutha kulembetsa oyang'anira masamba a Yandex, kuwonjezera tsamba lanu, kuyenda ku Chitetezo ndi Zophwanya, ndipo pemphani kuti tsamba lanu litsitsidwe.
  • Phishtank - Osewera ena adzaika zolemba zabodza patsamba lanu, zomwe zingapangitse kuti madambwe anu akhale omwe ali ndi mbiri yoipa. Ngati mungalembetse ulalo wathunthu wa tsamba laumbanda ku Phishtank, mutha kulembetsa ndi Phishtank ndikuvota ngati ilidi tsamba lochitira zachinyengo kapena ayi.

Pokhapokha tsamba lanu litalembetsedwa ndipo muli ndi akaunti yowunikira kwinakwake, mutha kupeza lipoti kuchokera kwa wogwiritsa ntchito imodzi mwazithandizozi. Osanyalanyaza chenjezo… pomwe mwina simukuwona vuto, malingaliro abodza samachitika kawirikawiri. Izi zitha kuchititsa kuti tsamba lanu lisandulizidwe kuchokera pazosaka ndi kutsekedwa pamasakatuli. Choyipa chachikulu, makasitomala anu omwe angakhalepo ndi makasitomala omwe adalipo angadabwe kuti ndi gulu liti lomwe akugwira nawo ntchito.

Kodi Mumayang'ana Bwanji Malware?

Makampani angapo pamwambapa amalankhula za momwe zimavutira kupeza pulogalamu yaumbanda koma sizovuta kwenikweni. Chovuta ndikudziwitsa momwe chidalowa patsamba lanu! Khodi yoyipa nthawi zambiri imapezeka mu:

  • yokonza - Musanachite chilichonse, lozani a tsamba lokonzanso ndi kumbuyo malo anu. Osagwiritsa ntchito WordPress 'kukonza kosasintha kapena pulogalamu yokonza monga momwe zingachititsire WordPress pa seva. Mukufuna kuwonetsetsa kuti palibe amene akuchita fayilo ya PHP patsamba lino. Mukadali pamenepo, yang'anani .htaccess fayizani pa seva yapaintaneti kuti muwonetsetse kuti ilibe nambala yoyipa yomwe ingatumize anthu ambiri.
  • Search mafayilo amalo anu kudzera pa SFTP kapena FTP ndikuzindikira mafayilo aposachedwa m'mapulagini, mitu, kapena mafayilo apakati a WordPress. Tsegulani mafayilowo ndikuyang'ana zosintha zilizonse zomwe zimawonjezera zolemba kapena malamulo a Base64 (omwe amabisala kubisa kwa script).
  • Yerekezerani mafayilo apakatikati a WordPress m'dongosolo lanu la mizu, chikwatu cha wp-admin, ndi wp-kuphatikiza zikwatu kuti muwone ngati pali mafayilo atsopano kapena mafayilo amitundu yosiyanasiyana. Sakanizani fayilo iliyonse. Ngakhale mutapeza ndikuchotsa kuthyolako, pitirizani kuyang'ana popeza ambiri obera amasiya kunyumba kuti akapatsenso tsambalo. Osangolembanso kapena kukhazikitsanso WordPress… obera nthawi zambiri amawonjezera zolembedwera mumndandanda wazotengera ndikuyitanitsa script njira ina yobweretsera kuthyolako. Zolemba zosavutikira kwambiri zaumbanda zimangoyika mafayilo amtundu wa womet or footer.php. Zolemba zovuta kwambiri zidzasintha fayilo iliyonse ya PHP pa seva ndi nambala ya jakisoni kuti mukhale ndi nthawi yovuta kuchichotsa.
  • Chotsani zolemba zotsatsa za ena omwe atha kukhala gwero. Ndakana kugwiritsa ntchito ma intaneti atsopano ndikawerenga kuti abedwa pa intaneti.
  • cheke  tebulo lanu lazomwe mungasunge pazosungidwa zomwe zili patsamba lanu. Mungathe kuchita izi mwa kufufuza mosavuta pogwiritsa ntchito PHPMyAdmin ndikusaka ma URL opempha kapena malemba.

Musanaike tsamba lanu kukhala lamoyo… ino ndi nthawi yoti muumitse tsamba lanu kuti mupewe kubayanso kapena kubera kwina:

Kodi Mumalepheretsa Bwanji Malo Anu Kuti Asakhadzulidwe ndi Malware Kuyika?

  • Tsimikizani aliyense wogwiritsa ntchito tsambali. Ma hackers nthawi zambiri amalowetsa zolemba zomwe zimawonjezera wogwiritsa ntchito. Chotsani maakaunti akale kapena osagwiritsidwa ntchito ndikupatsanso zomwe zili patsamba lanu kwa wogwiritsa ntchito kale. Ngati muli ndi wosuta wotchedwa boma, onjezani woyang'anira watsopano wokhala ndi malowedwe apadera ndikuchotsani akaunti ya admin yonse.
  • Bwezerani achinsinsi aliyense wogwiritsa. Masamba ambiri amabedwa chifukwa chosuta amagwiritsa ntchito mawu achinsinsi omwe amangoganiza kuti awukira, zomwe zimapangitsa munthu kulowa mu WordPress ndikuchita chilichonse chomwe angafune.
  • Khumba kutha kusintha mapulagini ndi mitu kudzera pa WordPress Admin. Kutha kusintha mafayilowa kumalola wowononga aliyense kuchita zomwezo ngati angawapeze. Pangani mafayilo apakatikati a WordPress kukhala osalembedweratu kuti zolembedwa sizingalembenso kachidindo koyambira. Zonse mwa Mmodzi ili ndi pulogalamu yowonjezera yabwino yomwe imapereka WordPress kuumitsa ndi tani yazinthu.
  • Mwadongosolo tsitsani ndikukhazikitsanso mitundu yatsopano yamapulagini omwe mukufuna ndi kuchotsa mapulagini ena onse. Chotsani kwathunthu mapulagini oyang'anira omwe amapatsa mwachindunji mafayilo am'masamba kapena nkhokwe, izi ndizowopsa.
  • Chotsani ndikusintha mafayilo onse mumndandanda wanu wamazenera kupatula chikwatu cha wp (kotero muzu, wp-kuphatikiza, wp-admin) ndikukhazikitsa kwatsopano kwa WordPress kutsitsidwa patsamba lawo.
  • Pitirizani tsamba lanu! Tsamba lomwe ndimagwira sabata ino linali ndi mtundu wakale wa WordPress wokhala ndi mabowo odziwika otetezedwa, ogwiritsa ntchito akale omwe sayenera kulowanso, mitu yakale, ndi mapulagini akale. Atha kukhala kuti aliyense mwa awa ndiomwe adatsegula kampaniyo kuti ibedwe. Ngati simungakwanitse kusunga tsamba lanu, onetsetsani kuti mwasunthira ku kampani yoyang'anira yomwe ingatero! Kugwiritsanso ntchito ndalama zochepa pakubweza kukadapulumutsa kampaniyi ku manyazi.

Mukakhulupirira kuti zonse zakonzedwa ndi kuumitsidwa, mutha kubwezera tsambalo ndi moyo pochotsa .htaccess kulozera. Ukangokhala moyo, yang'anani matenda omwewo omwe analipo kale. Nthawi zambiri ndimagwiritsa ntchito zida zowunikira msakatuli kuti ndiwone momwe tsamba likufunira. Ndimayang'ana pempho lililonse lapaintaneti kuti ndiwonetsetse kuti silili pulogalamu yaumbanda kapena yosamvetsetseka… ngati ndi choncho, yabwerera kumtunda ndikuyambiranso.

Muthanso kugwiritsa ntchito munthu wotsika mtengo wotsika mtengo ntchito yojambulira pulogalamu yaumbanda ngati Zitsulo zofufuzira mawebusayiti, yomwe idzawunika tsamba lanu tsiku ndi tsiku ndikudziwitsani ngati mwasankhidwa kapena ayi pamndandanda wazinthu zoyang'anira pulogalamu yaumbanda. Kumbukirani - tsamba lanu likakhala loyera, silidzachotsedwa pamndandanda wakuda. Muyenera kulumikizana ndi aliyense ndikupanga pempholi pamndandanda wathu pamwambapa.

Kubedwa chonchi sikusangalatsa. Makampani amalipira madola mazana angapo kuti achotse zoopsezazi. Ndinagwira ntchito osachepera maola 8 kuti ndithandizire kampaniyi kuyeretsa tsamba lawo.

Mukuganiza chiyani?

Tsambali likugwiritsa ntchito Akismet kuchepetsa spam. Phunzirani momwe deta yanu ikufotokozera.