You are here: Home / How To / Top 10 WordPress Security Error

Top 10 WordPress Security Error

January 10, 2017 By

Top 10 WordPress Security Error

A short video on the fundamentals of Linux Security. We are going to base of web-hosting of Security: the most common Configuration and security Flaws (by a System Administrator of a point of View in the Pages of WordPress.

These Safety Tips are valid for Joomla, Magento and other content management Systems as well. I’m going to show You how to fix the glaring Problems, which prevent a large Part of the Security Compromise, I see it every day.

# Core Of The Application
incorrect File /Directory Permissions
-777 — should be 775 for Directories, 644 for Files, except in SPECIAL Cases

http://stackoverflow.com/questions/3740152/how-to-set-chmod-for-a-folder-and-all-of-its-subfolders-and-files-in-linux-ubunt

http://serverfault.com/questions/357108/what-permissions-should-my-website-files-folders-have-on-a-linux-webserver

run the Pages as a root
-dave:www-data instead of Group (web server) has read the OWNER IS the ONLY one WHO CAN WRITE

shared PHP/User between the Sites
-most hosting Companies use shared hosting
-if You have a web Site, or 23 Pages, They are all run under A user and A PHP Process.
-an infected Site means that everything is in Danger, since the Site allows users to write to other Sites (and therefore cross-infection)

for web Users, a shell (instead of /bin/false)
-grep www /etc/passwd — /sbin/nologin well, /bin/bash == BAAAD

ssh with passwd login root enabled
-no root to iNet.
-no Password-based logins. Period of time.

low FTP/hosting/DNS passwords
the hosting Companies, put FTP scary

# Administration
People don’t update Your CMS Installations and plugins
People run huge Amounts of plugins

# 3rd-party
poorly constructed plugins/themes/, etc
sensitive ‘clean’ code-Upload with no Authentication, etc
malicious advertisements

#########################
Complte Linux-Sysadmin Basics Playlist: https://www.youtube.com/playlist?list=PLtK75qxsQaMLZSo7KL-PmiRarU7hrpnwK

Check out my Project based on Linux-System-Administration-Courses-Free-trial-videos): https://www.udemy.com/hands-on-linux-self-hosted-wordpress-for-linux-beginners/?couponCode=tl35

Patreon: https://www.patreon.com/tutorialinux
Official website: https://tutorialinux.com/
Twitter: https://twitter.com/tutorialinux
Facebook: https://www.facebook.com/tutorialinux