Thanks to Andrea Fabrizi for the awesome DropboxUploader script No to mention, the wonderful folks at stackoverflow that helped tremendously as well. The following 3 folks, were greatly influential in the writing of the script, listed in no particular order. The write-up below describes code the first production release, linked here, even though I’ve since updated the scripts to include some modifications, and as we speak I’m just about the release version 1.2. The full script is available on github here, and the usage instructions will be maintained there. It took me quite a while to write this (partly because I have no experience with Bash scripts), but I thought it would be good to walkthrough the details of the script and what it does. Today, I’ll walk through a short bash script I wrote to backup (and restore) a WordPress installation from scratch.
The last thing you want is to lose your precious design and data, because some one installed a shitty plugin over the weekend. That way, a compromised site can be rebuilt, even if it were defaced. No security is perfect, and you should look into backups–backup often and to a separate location.
Have the permissions of the underlying folders set accordingly (i.e.CHMOD them all)īut even if you took all precautions to hardened your site, there’s always a possibility of it getting hacked. Employ strong passwords for the admin & user. Use themes only from reputable publishers–and have only one theme in the install directory. Use plugins only from reputable publishers. So if you have a WordPress site (like me), chances are you’re in the cross-hairs of hackers already, and securing your site is the responsible thing to do. If the hack works they’d get free username and passwords, and if they were ever caught, most evidence would point to the unsuspecting WordPress site owner. They’d first hack into a seemingly random WordPress website, host their phishing content there, and then blast out emails to unsuspecting victims with links to pointing back to their hacked bounty. Two years ago, when I studied the details of phishing attacks that targeted Maybank and RHB, I found that attackers use compromised WordPress sites to host their phishing content. On the one hand, it’s great that WordPress has empowered so many people to begin blogging without requiring the ‘hard’ technical skills, on the other it just gives criminals a large number of potential victims. WordPress sites get hacked all the time, because the typical WordPress blogger install 100’s of shitty plugins and rarely updates their site.
0 kommentar(er)
