input from unwanted data Why: • validation is not enough when the range of acceptable input is pretty big • malformed input can lead to a successful attack Helper functions: • `sanitize_` family (e.g. sanitize_email()) • `esc_` family (e.g. esc_html()) • `wp_kses` • type casting
tags • checks if the dashboard or the administration panel is attempting to be displayed • Does NOT check current user capabilities • Will return true for all requests to an admin page, regardless if the user has the rights to access it • Will return true for requests to wp-admin/admin-ajax.php or wp-admin/admin- post.php etc. • Use `current_user_can()` whenever you want to check for current user capabilities Panagiotis Vagenas WordCamp Athens 2016 5
for unauthenticated users • Do NOT use this function for actions that were supposed for logged in users • Always implement strict security checks in functions called by this hook • Be aware that authenticated users can also call this action using the `nopriv_` prefix Panagiotis Vagenas WordCamp Athens 2016 6
hook when a user accesses the admin area • requests to wp-admin/admin-post.php • AJAX requests as long as an action is specified • Requests to wp-admin/admin.php as long as user is authenticated • init action is called in both backend and frontend • Do NOT use these hooks without implementing security checks Panagiotis Vagenas WordCamp Athens 2016 7
access control system • Each role has a predefined set of capabilities • WordPress provides an API for both role-based and capability-based checks • Study the authentication and authorization system, learn the roles and capabilties • Always implement access controls when performing a user requested action • Use the principle of least privilege • Use a single endpoint, if possible • Always protect endpoints Panagiotis Vagenas WordCamp Athens 2016 8
help protect specific actions from certain types of misuse, malicious or otherwise • They have a limited TTL • Given a specific action and user, nonce stays the same during that period of time • Always use nonces • Never use the same nonce action for two distinct actions • Do NOT use nonces for authorizing access • Make nonces available ONLY in the page they are required Panagiotis Vagenas WordCamp Athens 2016 9
Actually, never ever trust the user • Make UI as simple as possible • Document, especially options • Try to avoid options that could have a critical security impact • If you have to include such settings, make as clear as possible what impact could have each option on their website’s security • Validate, sanitize & escape for all input & output, even it’s something only admins can set or see
wpgr
akiomatic
youkidearitai
d0riven
gawa
mayuki
hollycummins
geekplus_tech
blueswen
j_lee
suikabar
nrslib
naruse
mraible
palkan
helmedeiros
yeseniaperezcruz
.jpg){kind=avatar}
cargoodrich
codingconduct
jcasabona
aleyda
mongodb
marktimemedia
akademiya2063
portentint
