Andrew Behla

Transcript

1. You’ve BeenHacked Now What? How to Restore your WordPress Site

   and Prevent Your Site from Being Attacked
2. None

3. A Whole Lotta Hacking Going On!

4. None
5. None
6. None

7. Why DoHackers Do It? •Deface your site •Inject spam into

   your site •Run email scripts •Break your site •Infect computers •Because it’s fun!

8. What Do I Do Now? •Check your index.php file •Change

   all WordPress user passwords •Change your FTP passwords •Change your cPanel or hosting passwords •Run Security Scans •Check Permissions

9. Secure Passwords! • heRN~aim25 • WAEs37tOEd; • eff89PhASE? • BIRLs16fIX;

   • eDUcT15CoSh# • LiveS?obEse51 • strongpasswordgenerator.com

10. Find Your Blindspots •Latest Version of WP •Vulnerable Theme •Open

    Permissions (777) •Insecure Password •Outdated timthumb.php

11. Plugins to Help! •Theme Authenticity Checker •Sucuri Plugin also Sucuri.net

    •Exploit Scanner •Website Defender

12. Restore Your Site •Check if hosting has backup and can

    restore •Backup might be corrupt! •Restore from your backup •Reinstall Wordpress •Copy WP Content folder

13. Future Prevention •Update Plugins •Update Wordpress •Update Themes •Install Security

    Plugins •Set Permissions 755 (folder) 644 (files) •Get More Secure Hosting

14. Plugins to Help! •Simple Login Lockdown •Better WordPress Security •WordFence

    •Bullet Proof Security •Secure WordPress

15. Secure Hosting •WPEngine.com •ZippyKid.com •Page.ly •Firehost.com •RockPress.me •SiteGround.com

16. Do it Yourself! •Security Plugins •Best Practices •Cloudflare.com Service

17. •www.behladesign.com •twitter @behladesign •818-340-6088