Connect with us

SECURITY

How to Protect a WordPress Site from Hackers

Published

on

How to Protect a WordPress Site from Hackers

WordPress is a frequent target for hacking. Hackers are targeting the theme, the core WordPress files, plugins, and even the login page.

These are the steps to take to make it less likely to be hacked and to be able to recover easier if it should still happen.

How Hackers Attack WordPress

All sites on the web are under constant attack – whether it’s a phpBB forum or a WordPress site – all sites are being probed by hackers. It’s not unusual for a hacker to scan thousands of pages or try to login in hundreds of times a day.

And that’s just one hacker. Sites are under attack by several hackers at the same time.

Typically it’s not a person who is trying to hack you. Hackers employ automated software to crawl the web to probe for specific weaknesses in the website.

These automated software programs crawling the web are called bots. I call them hacker bots in order to distinguish them from scraper bots (software that is trying to copy content).

Secure Your WordPress Site With a Firewall

A firewall is a software program that blocks an intruder. In my opinion, the best WordPress firewall is a plugin called Wordfence.

What Wordfence does is to check if a website visitor’s behavior matches that of an abusive bot. If the bot breaks certain rules, like asking for too many web pages in a short amount of time, Wordfence will then automatically block the bot.

Wordfence is also programmed to allow legitimate bots like Google and Bing on the site.

There are advanced features that let a publisher see what bots are attacking a site and to view where the bot is coming from, like if it’s a bad bot coming from Amazon Web Services or Bluehost for example. Wordfence provides the publisher the ability to block the bot by their IP address, the entire IP address range, or even by a fake browser user agent that the bot is using.

About User Agents (UA)

A user agent is identifying information that a browser sends that tells a website what browser it is (Chrome, Firefox, Vivaldi), and what operating system it is operating on (Windows 10, Mac OS X).

For example, this is a user agent string for a Safari 11 browser on a Mac OS X computer:

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1.2 Safari/605.1.15

Bots use a lot of different user agents in order to fool websites and sneak in. For example, some bots pretend to be a browser on Windows XP.

The actual amount of real users on Win XP are close to zero, I can create a rule with Wordfence to block all user agents with Windows XP as the operating system and with that one rule, I can block thousands of bad bots, regardless of what country they are coming from or IP address.

The bad bots will sometimes respond by changing to another user agent, so by combining these rules, a publisher stands a chance of blocking a wide range of bad hacker bots.

And that’s with the free version of Wordfence.

The paid version can block entire countries. So if you don’t have legitimate site visitors from certain countries, you can block every visitor that’s coming from those countries.

WordPress Defense Against Exploits

Additionally, the paid version of Wordfence will protect you in advance from many compromised themes and plugins before those plugins are fixed.

Once Wordfence researchers are aware of an exploit they will update the premium version of the firewall to provide subscribers with protection from those exploits, sometimes weeks before the exploit is fixed by the compromised theme or plugin developer.

Website Security Hardening

Another free plugin that provides an additional layer of protection is called Sucuri Security. Sucuri (owned by GoDaddy) helps harden the WordPress security to block bad bots from taking advantage of certain kinds of attacks. It also has a malware scanning feature that checks all files to see if they’ve been altered.

Sucuri will alert you every time someone logs into your site, helping publishers to identify if a hacker is logging in. Sucuri can also alert a publisher if a file was changed, something that hackers do.

These are the features of the free version of Sucuri:

  • Security Activity Auditing.
  • File Integrity Monitoring.
  • Remote Malware Scanning.
  • Blacklist Monitoring.
  • Effective Security Hardening.
  • Post-Hack Security Actions.
  • Security Notifications.

The paid version of Sucuri includes a website firewall.

Limit Logins to Your Site

WordFence is able to block bots that are repeatedly filling in user names and passwords on the WordPress login page.

But if you want to focus on limiting those logins, there is a plugin called, Limit Login Attempts Reloaded that allows publishers to automatically block all hackers who enter a set number of failed name and password combinations.

For example, you can set it to block hackers after three attempts to guess the password.

These are the features of the login blocker:

  • Limit the number of retry attempts when logging in (per each IP). This is fully customizable.
  • Informs the user about the remaining retries or lockout time on the login page.
  • Optional logging and optional email notification.
  • It is possible to whitelist/blacklist IPs and Usernames.
  • Sucuri Website Firewall compatibility.
  • XMLRPC gateway protection.
  • Woocommerce login page protection.
  • Multi-site compatibility with extra MU settings.
  • GDPR compliant. With this feature turned on, all logged IPs get obfuscated (md5-hashed).
  • Custom IP origins support (Cloudflare, Sucuri, etc.)

The Limit Login Reloaded plugin provides a fast way to shut down hack bots that are trying to guess a password.

Backup Your WordPress Site

It is important to automatically create a daily backup of your website. Any catastrophic event that takes the site down can be recovered with a backup.

There are many backup solutions but the one that I have found to be immensely useful is called UpdraftPlus WordPress Backup Plugin. UpdraftPlus is trusted by over two million users, it’s a well-regarded choice.

It can be configured to email the backups every day or send them to a cloud storage location like Dropbox.

I once accidentally removed all the theme layout files from a site, completely removed the look of the site. But I was able to restore the site to exactly how it was before by using an UpdraftPlus backup. It was easy to do and I was so thankful.

Update All Themes and Plugins

It’s important to always update all themes and plugins. WordPress provides a way to update all plugins automatically, which is convenient for publishers or businesses who don’t log in and do updates often.

By enabling the auto-update feature a publisher can be assured of having the most up-to-date software. Having an out-of-date plugin is one of the leading causes of being hacked.

How to Protect a WordPress Site from Hackers

There are reasons not to enable the auto-update feature, but the negatives tend to happen rarely. For example, an updated plugin might be incompatible with other plugins.

But for sites that don’t change frequently, the auto-update feature is probably a good thing to enable.

Beware of Abandoned Plugins

A final warning about abandoned plugins. Some plugins can continue to work years after they’ve been abandoned by their developer. What can happen is that these old plugins may contain a vulnerability. But because they are abandoned, they will never get fixed.

Another issue is that hackers sometimes buy old plugins and update them with malware and viruses.

Check all your WordPress plugins to make sure that they have not been abandoned and appear to be updated on a fairly frequent basis.

Protect Your WordPress Site from Hackers

For many sites, simply taking these small steps to secure a website is enough to keep the sites from getting hacked. The free versions of these plugins provide an extraordinary amount of protection and the premium versions give even more protection.

There are many security-type plugins and some of those have actually contained vulnerabilities themselves. Wordfence and Sucuri are in my opinion top choices for WordPress security.

Citations

WordFence Security

Sucuri Security

Limit Login Attempts Reloaded

UpdraftPlus


Image Credits: Paulo Bobita

Searchenginejournal.com

SECURITY

Database Security Best Practices: The Essential Guide

Published

on

database-security-best-practices:-the-essential-guide

In 2021, an F-35 fighter jet is more likely to be taken out by a cyberattack than a missile. In the digital age, the threat of an attack is everywhere and constantly growing. If your company or agency fails to adhere to database security best practices, you risk a lot. Items at risk include your valuable data, public trust and your brand’s good name.

Forbes reports that 78% of companies lack confidence in their current security posture, pointing out that cyber crime surged during 2020.

Read on as we explore the benefits of database security. What network security best practices can you use to safeguard against threats? In the end, you’ll have the blueprint to keep your data safe and your users and customers happy.

What Is Database Security?

Database security is an information security methodology that includes tools, controls and processes. It is used to uphold the confidentiality, integrity and availability of database management systems by protecting them against unauthorized access, illegitimate use and malicious cyberattacks.

This means it helps protect several critical assets:

  • The database management system
  • The data in the database
  • Any related applications or integrations
  • The database servers (both physical and virtual)
  • The hardware
  • The computing and network infrastructure people use to access the database.

When a database is easier to access and use, it is more at risk from threats. As security teams increase protection measures, the database becomes more resistant to threats. The caveat is it also becomes more difficult to access and use.

However, despite the potential friction in the user experience, organizations have little choice but to err on the side of caution now. Data breaches are a regular occurrence in recent years, as bad actors and high-tech cyberattacks are prevalent.

The Benefits of Database Security

There was a 430% growth in next-gen cyber attacks in 2020. As technologies advance, cybercriminals experiment with new strategies to attack and breach networks. And so, security teams must remain vigilant to fend off damaging attacks.

Here are four reasons to maintain a proactive approach to database security in 2021 and beyond:

Data Protection Is Asset Protection

A database breach is no small event. Whether it’s an insider threat or a threat actor that gains access to your network, threat actors can quickly wreak havoc in a database.

A surge of ransomware attacks in 2020 hit the education and health care sectors hard, with some targets facing ransoms of up to $40 million. Another problem is the threat of direct denial-of-service attacks. This is a worry for retail companies riding the waves of a resurgent e-commerce industry.

When you invest more resources in devising more robust database security, you can prevent breaches and reduce the chances of attacks like viruses, ransomware and firewall intrusion.

Reducing Human Error Improves Data Security

According to a Varonis report, 95% of cybersecurity breaches are the result of human error. Today, 30,000 websites are breached every day. Companies have enough worries without someone on their own team leaving the back door open.

Thankfully, database security and automation go hand-in-hand. Machine learning technology and automated detection help you detect and identify vulnerabilities and security threats in real-time. With quicker insights and more accurate monitoring and analysis, there is less chance of false positives and more chance that you can react in time to prevent genuine cyberattacks.

As you use automation with database security, you can free up your team to focus on other tasks and get protection around the clock. You can also use intelligent automation to manage security patches, which further reduces human error and saves time and costs.

Strengthen Customer Relationships

Data privacy is much more than a box-ticking exercise to keep the regulatory bodies happy. Consumers are cautious about what they share online and who they share it with. That makes database security vital for building trust with your target market.

Deloitte says 73% of consumers are more open to sharing details if they feel an organization is transparent about how they will use the data. So, address people’s concerns around privacy. Be clear about how you intend to use data to improve the user experience. That way, you can build stronger connections with your customers.

Protect Your Brand’s Name With Data Security

It may be a data-driven age, but the customer is still king. If you lose the trust of your customers, it’s hard to get it back. SecureLink reports 87% of consumers will never do business with a company again after being hit with a data breach. Just as trust can foster customer loyalty, the loss of trust can send them running to your rivals.

People want to know that what they share will remain protected and private. If they have any doubts on this front, you may struggle to attract customers or scale your business. Once people see an organization in a bad light where data privacy is considered, it’s almost impossible to recover.

10 Essential Database Security Best Practices

It’s clear why database security matters in 2021. But how can you improve your security posture to become more cyber resilient?

Here are 10 database security best practices you can start using. The sooner you put these in play, the more prepared you will be.

Keep Your Database Servers Separate

Do you keep your data and website on the same server? If so, you run the risk of losing everything in one swoop. For example, an attacker could compromise your e-commerce store website and then move sideways in the network to access your database.

Avoid this pitfall by keeping your database servers isolated. Not only should it be on a separate physical machine, but it should not be connected to any other server or application.

Add an HTTPS Proxy Server

A proxy server is a specific application that evaluates and routes HTTP requests from workstations to the database server. You can think of it as the gatekeeper that prevents unauthorized access.

With the rise in online business, e-commerce and information sharing, proxy servers are a vital tenet of database security. Add this feature to your security infrastructure to encrypt all data and offer users more peace of mind when sharing sensitive information like their passwords or payment details.

One Firewall Isn’t Enough for Good Data Protection

A firewall denies traffic by default, offering a robust first layer in your database security framework. You can protect your database with a firewall, but it won’t stop SQL injection attacks. These attacks may come from a permitted web application, enabling the perpetrator to sneak in or delete data in your database.

Therefore, you’ll need to add more than one type of firewall. Most of the time, these three will cover your network:

  • Packet filter firewall
  • Stateful packet inspection
  • Proxy server firewall.

Just remember to configure them correctly and keep them updated.

Update all Software and Applications Often

Most (95%) websites use outdated software products. Whether it’s a WordPress plugin or legacy software, too many businesses leave their networks exposed to attacks with dated software.

Make a habit of updating all plugins, widgets and third-party apps on your site and network. Also, avoid using any software that the developer doesn’t update often.

Be Proactive With Real-Time Database Monitoring

Database security is all about remaining vigilant. The more you monitor, the less you miss. With reliable real-time monitoring software, you can conduct the following security activities:

  • Monitor all operating systems login attempts
  • Periodic reviews of all logs to check for oddities
  • Create alerts to notify the security team of any potential threat or suspicious behavior
  • Devise escalation protocols to ensure your sensitive data remains safe in the event of an attack.

Create Backups and Use Data Encryption Protocols

No doubt you know about the importance of encrypting stored data. However, many people don’t realize how crucial it is to encrypt data when it’s on the move.

Make sure you create backups on a schedule and store these encrypted backups apart from the decryption keys. That way, even if your data falls into the wrong hands, the information will stay safe.

Keep a Close Eye on Ports (and Stop Using Default Ports)

Default network ports are somewhat of an Achilles’ heel in modern database security. Attackers will target these ports with brute force attacks, which use automation to try every combination of password and username to gain access. Data-stealing ransomware PonyFinal uses this method to breach networks.

Make sure all ports are closed unless using them for an active business case that you have documented, reviewed and approved. You should monitor all ports in your network and investigate any strange incidents or unexpected open ports right away. Lastly, stop using default ports. It’s not worth the risk.

Good User Authentication Is Good Data Security

Passwords offer a thin defense but aren’t enough on their own. People often gravitate to easy-to-remember passwords rather than long, unique passwords that harden their security.

You can tighten access by employing multi-factor authentication. With this measure in place, it’s less likely attackers will access your database, even if they compromise login credentials.

Don’t Overlook Physical Database Security Measures

While the world shifts to the cloud, physical servers are not without their merits. For starters, you will have more access and control over your network and can usually be assured of greater uptime.

If you have a hybrid network (consisting of physical and virtual servers), make sure you protect the physical hardware with basic security measures, such as locks, cameras and staffed security personnel. You can also monitor access to the servers and log all entrances.

Try Attacking Yourself: Penetration Testing and Red Teaming

When you have your cybersecurity framework and protocols in place, and your team adheres to database security best practices, it’s time to put them to the test.

Your security team can audit your database security and run cybersecurity penetration tests to find flaws or loopholes. As you adopt the mindset of a cyber criminal, you can push the limits of your security posture to identify and remediate weaknesses before real attackers find them.

Database Security Best Practices

As the nature of cyberattacks evolves, the challenge of keeping threats at bay gets more complicated. What kept your data and network safe last year may not work next year.

Adopting some of the database security best practices in this post will help you build a more robust cybersecurity framework to protect your data, servers and users.

Ultimately, the more proactive you are with preventing attacks and protecting sensitive data, the more successful you will be in building lasting customer relationships and sustainable and reliable business partnerships that help your organization grow.

Continue Reading

GOOGLE

Google Issues Warning For 2 Billion Chrome Users

Published

on

Main Article Image - Google Chrome

Chrome’s 2.6 Billion users need to be alert again (for the 2nd time in a week), as Google has confirmed multiple high-level hacks to the browser.

Just days after Chrome’s 12th (and 13th) ‘zero-day’ exploits this year were discovered, Google published a blog post that revealed four vulnerabilities. Users must take immediate action.

Google currently restricts information about hacks in order to make it easier for Chrome users to upgrade. This is a standard practice. We have only the following information:

  • High – CVE-2021-37977 : Use after free in Garbage Collection. Report by Anonymous, 2021-09-24
  • High CVE-2021-377978 : Blink buffer overflow. Reported by Yangkang, @dnpushme, of 360 ATA on 2021/08/04
  • High CVE-20237979 : WebRTC buffer overflow. Report by Marcin Towalski, Cisco Talos, on 2021-09/07.
  • High – – Inappropriate Implementation in Sandbox. Reported by Yonghwi Jin, @jinmo123, on 2021-09-30

These descriptions don’t offer much insight, but it’s interesting to see Chrome continue to be attacked with ‘Use After-Free’ ( UAF). In September, the browser was subject to double-digit UAF attacks. This month, hackers exploited a zero day UAF flaw in chrome.

It was less surprising to see a pair Heap buffer overload exploits listed. This is a memory vulnerability, also known as Heap Smashing. However, it is not a common avenue for Chrome hackers in recent months. The heap contains program data and is dynamically allocated. Critical data structures may be overwritten by an overflow making it a prime target for attackers.

Google responded by releasing a critical update. Google warns Chrome users that rollouts will be delayed so that not all will be protected immediately. To verify if you are safe, go to Settings >Help > About Google Chrome. You are safe if your Chrome version is at least 94.0.4606.81. You can still update your browser if the update is not available.

Remember the last step after you have updated Chrome: Chrome cannot be restarted until it is safe again. This makes it a two-way operation. Google can speed track fixes to Chrome hacks but users will not be protected if they do not restart their browsers after updating. Hackers count on this false sense of security. Go check your browser now.

First seen at: Forbes

Continue Reading

SECURITY

Top 5 benefits to make cloud storage a business priority

Published

on

Top 5 benefits to make cloud storage a business priority

Organizations have been slowly migrating their data to the cloud for the past decade. The primary reason is to improve business performance, reduce infrastructure costs, and promote mobile & distributed workforces. The inception of the pandemic has given a boost to this trend, followed by organizations for a while now.

In 2020, cloud storage started becoming a necessity post-transition to remote work, where employees needed access to files to manage the business documents remotely. Hence, leading organizations to better collaborate.

A report suggests that more than half of the corporate data now resides in cloud storage. A prediction made by Fortune Business Insights indicate that the market share of cloud storage will continue to grow and reach $400 billion by 2028. It is almost six times the market share in 2020.

The storage cost incurred in physical storage compels many organizations to switch to cloud storage. It considerably reduces the investment and management burden that comes on organizations.

However, under certain circumstances, the cost of cloud storage may level up with physical storage. But the time consumed while increasing the storage space in case of physical storage and the fees incurred while retrieving the lost data in physical storage is far more burdensome than cloud storage. Hence, cloud storage has undeniable benefits while organizations are operating in a distributed environment.

Top 5 benefits of using cloud storage 

●     Accessing files – We have been working remotely almost for the past two years. Before the pandemic, several companies like Liqvd Asia had declared work from home policy for their employees. 

In such a mobile and distributed workforce environment, remote accessing files and resources has become vital. Whether you are working from home, business headquarters, or remote locations, accessing files has become easy and quick, having cloud storage in place.

●     Easy collaboration – Suppose you are working from home and your colleague is working from some remote location. In such a scenario, a centralized system ensures synchronization across all the access points.

In simple terms, if multiple workers are accessing & making edits in the files, cloud storage ensures sync and simultaneously incorporates every improvement. Thus, the goal of easy collaboration is achieved. 

●      Additional cost & time – If a business wishes to add on-premise storage, they need to invest time and money in the complicated process of buying, installing, and maintaining additional hardware.  

On the other hand, elastic cloud storage allocates unlimited virtual storage space almost immediately. Thus, ensuring a considerable reduction in the cost incurred while adding on-premise storage and time consumed in installing it.

●     Protection of the data – Cloud storage adopts the industry-wide accepted ‘3-2-1’ data protection policy. In this approach, 3 copies of your data are stored at 2 different media locations, with 1 copy stored off-site for disaster recovery. Thus, keeping your data safe.

●  Business resilience – With the increased risk of ransomware, it is critical restoring your data in case of any attacks. Cloud storage has the potential to restore your operations in a shorter period in case of any incidents where your original data is compromised. You can redirect users to the cloud sources in many instances, reducing the downtime from hours to minutes.

Although the inception of the Covid-19 pandemic had put a lot of pressure on the organizations, the critical nature of cloud storage had kept the stress of collaboration remotely at bay. Cloud storage not only ensured business resilience but also improved the productivity of employees working at remote locations. We can say this is the start of the new era of cloud computing.

Continue Reading

Trending

en_USEnglish