WordPress 3 Ultimate Security: WordPress is for everyone and so is this brilliant book on making your site impenetrable to hackers. This jargon-lite guide covers everything from stopping content scrapers to understanding disaster recovery.

$54.99

4.6 (7 Ratings)

Paperback Jun 2011 408 pages 1st Edition

$54.99

Paperback Jun 2011 408 pages 1st Edition

What do you get with Print?

Instant access to your digital eBook copy whilst your Print order is Shipped

Paperback book shipped to your preferred address

Download this book in EPUB and PDF formats

Access this title in our online reader with advanced features

DRM FREE - Read whenever, wherever and however you want

View table of contents

Preview Book

WordPress 3 Ultimate Security

Chapter 2. Hack or Be Hacked

You probably took the hint by now that, put succinctly, your whole network from local power up to remote page query is one big bag of risk. What fun.

The question is: how to shore it up? You could simply trawl this tome, follow the links and, one would hope, end up with a tough nut of a site and with its wider network equally hardened. Then again, the copy-paste do this do that approach doesn't properly acquaint you with security's first friend, awareness. Hack or be hacked is designed to help here.

Chapter 1 was about theoretical awareness and, let's face it, we yawned a bit. Chapter 2 practises awareness as you take on a hacker's mindset and toolkit to gauge the risks, relative to your network, head-on:

Introduce the hacker's methodology ...
... reconnaissance, scanning, gain access, secure access, cover tracks
Carry out reconnaissance to uncover information leaks
Detour into a DNS 101 to make sense of port scanning
Take steps to secure domain names at the registrar...

Introducing the hacker's methodology

Of the many types of hacker introduced in Chapter 1, the most dangerous is the black hat, particularly when motivated by money or a grudge. We, therefore, should protect against this worst case scenario and, in the process, resist the more mundane attackers.

While a script kiddie is likely to get bored after a few failed SQL and directory traversal attacks, the black hat is a professional criminal and is armed with a five point plan:

Phase	Description
Reconnaissance	Gain target knowledge under the radar
Scanning	Find weaknesses by probing the target
Gain Access	Attack vulnerabilities to access network
Secure Access	Maintain access with a backdoor
Cover Tracks	Remain invisible by editing logs

Reconnaissance

This time-consuming phase gathers data about the target, such as a site's underlying technology, yet without making any direct web queries so as not to raise alarms. Instead, insight is gained on the quiet, for example by viewing Google-cached...

Key benefits

Know the risks, think like a hacker, use their toolkit, find problems first ‚Äì and kick attacks into touch
Lock down your entire network from the local PC and web connection to the server and WordPress itself
Find out how to back up and secure your content and, when it's scraped, know what to do to enforce your copyright
Understand disaster recovery and use the best-of-breed tools, code, modules, techniques, and plugins to insure against attacks
Learn fast with this easy-read, jargon-light book jam-packed with copy-paste solutions to suit all levels

Description

Most likely ‚Äì today ‚Äì some hacker tried to crack your WordPress site, its data and content ‚Äì maybe once but, with automated tools, very likely dozens or hundreds of times. There's no silver bullet but if you want to cut the odds of a successful attack from practically inevitable to practically zero, read this book. WordPress 3 Ultimate Security shows you how to hack your site before someone else does. You'll uncover its weaknesses before sealing them off, securing your content and your day-to-day local-to-remote editorial process. This is more than some "10 Tips ..." guide. It's ultimate protection ‚Äì because that's what you need. Survey your network, using the insight from this book to scan for and seal the holes before galvanizing the network with a rack of cool tools. Solid! The WordPress platform is only as safe as the weakest network link, administrator discipline, and your security knowledge. We'll cover the bases, underpinning your working process from any location, containing content, locking down the platform, your web files, the database, and the server. With that done, your ongoing security is infinitely more manageable. Covering deep-set security yet enjoyable to read, WordPress 3 Ultimate Security will multiply your understanding and fortify your site.

Who is this book for?

Just as WordPress is used by a broad spectrum of website owners, with varying degrees of security know-how, so WordPress 3 Ultimate Security is written to be understood by security novices and web professionals alike. From site and server owners and administrators to members of their contributing team, this essential A to Z reference takes a complex and, let's face it, frankly dull subject and makes it accessible, encouraging, and sometimes even fun. Even if you are a total newbie to security, you can transform an insecure site into an iron-clad fortress, safeguarding your site users, your content and, sooner or later, your stress level.

What you will learn

Hack or be hacked! Learn the mind-set, how attackers work, the methods they employ and how to use those to secure WordPress
Work safely from anywhere, using the latest antimalware tools on your PC and being secure even on infected shared machines
Understand the dangers of wireless connections, maximize your router s protection and know how to safely use public WiFi hotspots
Learn about and use the toughest internet protocols to connect to your server, site, and files with military-strength encryption
Find out how to hide your Dashboard and any other sensitive web files by using code, plugins, and Apache modules
Carry out dozens of WordPress security tasks using either plugins or code and utilizing either a control panel or terminal
Keep tabs on content, find out who is using it, and how to enforce your copyright (and safeguard your SEO)
Know the risks with control panels and interfaces like phpMyAdmin, learning how to solidify them or completely hide them from attackers
Recover from a WordPress disaster, properly diagnosing the underlying cause of the problem so that it won t be repeated
Consider the security differences between web hosting types and know what kind of security questions to ask a shared host
Grasp key Linux concepts like file ownership and permissions, using the terminal to maximize security options (for shared hosting too)
Reinforce the server with ‚Äì for starters ‚Äì an encrypted connection, network, firewall, and kernel hardening and with a web application firewall

Estimated delivery fee Deliver to United States

Economy delivery 10 - 13 business days

Free ~~$6.95~~

Premium delivery 6 - 9 business days

$21.95

(Includes tracking information)

What do you get with Print?

Instant access to your digital eBook copy whilst your Print order is Shipped

Paperback book shipped to your preferred address

Download this book in EPUB and PDF formats

Access this title in our online reader with advanced features

DRM FREE - Read whenever, wherever and however you want

Frequently bought together

$54.99

$48.99

Total $ 103.98

FAQs

What is the delivery time and cost of print book?

Shipping Details

USA:

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.

Unfortunately, due to several restrictions, we are unable to ship to the following countries:

Afghanistan
American Samoa
Belarus
Brunei Darussalam
Central African Republic
The Democratic Republic of Congo
Eritrea
Guinea-bissau
Iran
Lebanon
Libiya Arab Jamahriya
Somalia
Sudan
Russian Federation
Syrian Arab Republic
Ukraine
Venezuela

What is custom duty/charge?

Customs duty are charges levied on goods when they cross international borders. It is a tax that is imposed on imported goods. These duties are charged by special authorities and bodies created by local governments and are meant to protect local industries, economies, and businesses.

Do I have to pay customs charges for the print book order?

The orders shipped to the countries that are listed under EU27 will not bear custom charges. They are paid by Packt as part of the order.

List of EU27 countries: www.gov.uk/eu-eea:

A custom duty or localized taxes may be applicable on the shipment and would be charged by the recipient country outside of the EU27 which should be paid by the customer and these duties are not included in the shipping charges been charged on the order.

How do I know my custom duty charges?

The amount of duty payable varies greatly depending on the imported goods, the country of origin and several other factors like the total invoice amount or dimensions like weight, and other such criteria applicable in your country.

For example:

If you live in Mexico, and the declared value of your ordered items is over $ 50, for you to receive a package, you will have to pay additional import tax of 19% which will be $ 9.50 to the courier service.
Whereas if you live in Turkey, and the declared value of your ordered items is over € 22, for you to receive a package, you will have to pay additional import tax of 18% which will be € 3.96 to the courier service.

How can I cancel my order?

Cancellation Policy for Published Printed Books:

You can cancel any order within 1 hour of placing the order. Simply contact customercare@packt.com with your order details or payment transaction id. If your order has already started the shipment process, we will do our best to stop it. However, if it is already on the way to you then when you receive it, you can contact us at customercare@packt.com using the returns and refund process.

Please understand that Packt Publishing cannot provide refunds or cancel any order except for the cases described in our Return Policy (i.e. Packt Publishing agrees to replace your printed book because it arrives damaged or material defect in book), Packt Publishing will not accept returns.

What is your returns and refunds policy?

Return Policy:

We want you to be happy with your purchase from Packtpub.com. We will not hassle you with returning print books to us. If the print book you receive from us is incorrect, damaged, doesn't work or is unacceptably late, please contact Customer Relations Team on customercare@packt.com with the order number and issue details as explained below:

If you ordered (eBook, Video or Print Book) incorrectly or accidentally, please contact Customer Relations Team on customercare@packt.com within one hour of placing the order and we will replace/refund you the item cost.
Sadly, if your eBook or Video file is faulty or a fault occurs during the eBook or Video being made available to you, i.e. during download then you should contact Customer Relations Team within 14 days of purchase on customercare@packt.com who will be able to resolve this issue for you.
You will have a choice of replacement or refund of the problem items.(damaged, defective or incorrect)
Once Customer Care Team confirms that you will be refunded, you should receive the refund within 10 to 12 working days.
If you are only requesting a refund of one book from a multiple order, then we will refund you the appropriate single item.
Where the items were shipped under a free shipping offer, there will be no shipping costs to refund.

On the off chance your printed book arrives damaged, with book material defect, contact our Customer Relation Team on customercare@packt.com within 14 days of receipt of the book with appropriate evidence of damage and we will work with you to secure a replacement copy, if necessary. Please note that each printed book you order from us is individually made by Packt's professional book-printing partner which is on a print-on-demand basis.

What tax is charged?

Currently, no tax is charged on the purchase of any print book (subject to change based on the laws and regulations). A localized VAT fee is charged only to our European and UK customers on eBooks, Video and subscriptions that they buy. GST is charged to Indian customers for eBooks and video purchases.

What payment methods can I use?

You can pay with the following card types:

Visa Debit
Visa Credit
MasterCard
PayPal

What is the delivery time and cost of print books?

Shipping Details

USA:

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Unfortunately, due to several restrictions, we are unable to ship to the following countries:

Afghanistan
American Samoa
Belarus
Brunei Darussalam
Central African Republic
The Democratic Republic of Congo
Eritrea
Guinea-bissau
Iran
Lebanon
Libiya Arab Jamahriya
Somalia
Sudan
Russian Federation
Syrian Arab Republic
Ukraine
Venezuela

Filter reviews by

All

Amazon verified reviews

Christine L. Golden Aug 09, 2011

As a new web designer/developer, I am really glad to have this book. I came to feel that the author, Olly Connelly, knows what he's talking about and actually wants WordPress users to have a website that is as secure as possible.And not just WordPress users. This book provides a level of depth and technical detail that any internet security manager would love. There are, in fact, only two chapters (and an Appendix) specific to WordPress. The rest contains techniques, explanations and references that cover the gamut of internet security experience; from your personal computer, through its various links to the web, and on into your server system and website files.This book is not for the casual WordPress user, although the information in Chapters 6 and 7 is worth the price of the book. Chapter 8 is also invaluable to those of you who care about your written content and search rankings, and want to protect them them from undeserved use.This book is more for people who have at least a working knowledge of computer and server file systems and a willingness to learn some new vocabulary. It is definitely for internet security novices, and seems to be an excellent resource for pros. Every step of the way, Connelly pays due attention to the different operating systems (Windows, Macs and Linux) including command line access. Having a book full of vested, security-related websites and plugins is certainly worth the cost as well.Olly Connelly runs a website called vpsbible.com especially for people who are new to managing their own Linux servers. His regard for VPS (Virtual Private Server) shows through in the book and he devotes the last two chapters to heavy duty security for unmanaged hosting solutions. Most websites are run on shared servers, though, and he explains the differences and the pros and cons quite well in Chapter 9.I personally enjoyed learning the names of the different sorts of hackers and crackers out there. In the first few chapters, he describes them, the risks (and benefits!) they provide and what you can do as a "white hat" hacker to find out just how vulnerable your systems are.If I have any complaint about the book, it is the `overly youthful' language. Or is that overly geekish? There is, for example, not a single use of the word "or" in the book; it's been replaced with the programming word "else." This is either too clever, or I have lived long enough to be witnessing dramatic changes in our living language.PACKT Publishing is a publisher of the open source community experience and provides the kind of support for its products that I've come to expect of modern day publishers. There are e-versions of the book, online errata and updates as well as code available for your use. All in all I'm very impressed and can easily recommend WordPress 3 Ultimate Security.

Amazon Verified review

Khabir Jul 21, 2015

Many, many very good ideas and tactics for WordPress security. Good intro to application security overall (it's a big, bad internet out there!)

BlackvFace Aug 24, 2012

WordPress 3 ULTIMATE SECURITY: Olly Connelly the one and only life saver and mastermind behind VPSBible.com. I bought a Linode.com Ubuntu Virtual Private Machine and did not know what I was getting into. I was expecting to buy the machine connect with it through VM Workstation or some other remote desktop like system and be good to go. I don't know how I found the VPS Bible but my Linode is up and running and I'm on to WordPress. I wont lie I have just started the book so I cant give you the best in depth analysis of this book but I still know it deserves 5 stars because I did in a week with the VPS Bible what would have taken thousands of dollars of schools and several semesters while understanding and having a fallback source.So I can just put in this small quote from the book and be confident that Olly Connelly has provided another guide to get me through the ups and downs of whatever it is we are doing. "This may sound like anathema, but a hefty chunk of this book is devoted to cajolingyour angelic innocence into something more akin to that of a hacker's savvy.This isn't some cunning ploy by yours-truly to see for how many readers I can attainvisitor's rights, you understand. The fact is, as we practice in Chapter 2 and as anycrime agency would explain, to catch a thief one has to think like one.

Amazon Customer Jul 13, 2011

I have been using WordPress since version 2.5 and when I first heard about this book, I was wondering how the author could fill 240+ pages on securing WordPress.As many veteran WordPress users know, Automattic, the company that oversees the development of the open source blogging platform, does an excellent job keeping it secure, with regular updates. The problem here is many users think that Automattic does everything to keep WordPress sites secure. Do not fall into this trap. Users have to take responsibility too.So it came as no surprise that the first four chapters are spent explaining how the bad guys work and how to protect your computer and network. The author covers a broad range of topics from how to secure Windows, Mac, and Linux workstations. He gives advice on where to obtain, install and configure personal firewalls and anti-virus software. He suggests ways to avoid spam and make your web browser safe for browsing.The chapters on WordPress security are just as informative. He explains how to back up your WordPress site (which you are probably already doing. Right?) How to set up file and user permissions. He explains which WordPress files and features should be disabled or removed to avoid hackers and why you should use SSL, SFTP and hardened shell accounts to access your site.If your site does get hacked, there is a disaster recovery section that explains how to get your site back online and make sure it doesn't get hacked again.I am an IT consultant and have worked with PCs in some form since 1982 and built my first website in 1995. I thought I knew a lot about security, but this book taught me many new ways to secure websites and computers. It was a quick read and brought me up to date on the fast changing world of Internet security.This book can help all users, from WordPress beginners to IT professionals. I recommend reading it to keep both your website and PC/Mac/Linux computer safe.

Jeff Jul 29, 2011

If you manage your own WordPress website, you should have this book. If you have someone else manage your WordPress website for you, they should have this book.WordPress 3 Ultimate Security by Olly Connelly is a comprehensive guide, not just to WordPress security, but to Internet security in general. My initial thought when buying the book was that it would compile a bunch of WordPress-specific security best practices into one concise resource. It does indeed do that, but as it turns out, having a secure WordPress website goes way beyond just securing your WordPress installation. Olly Connelly does a superb job of laying out a comprehensive overview of Internet security to help you set up and maintain a clean WordPress website that is as hacker-resistant as possible, from securing your own personal computer, your access point to the Internet, to your web server and of course the WordPress package itself.In dealing with recent WordPress hacks, I was left wondering, who are these hackers that have hacked my site and how did they do it? The book starts off with an introduction to the overall threatscape including who the hackers are, including how they work, their basic methodology (reconnaissance, scanning, gain access, secure access, cover tracks) and tools that they use. This is important in being able to assess your risk, which is the result of vulnerability times threat.After having introduced us to the hackers and their ways, Olly covers securing your own computer, with a detailed analysis of tools and techniques for securing your PC, especially, Windows PCs. In a logical progression he then covers security related to accessing the Internet, including local networks, Wi-Fi and browsers and security related to connecting to your web server. These are not WordPress specific issues, but they all represent potential vulnerabilities that hackers can exploit to gain access to your WordPress site.After five chapters and 150 pages covering these topics, Olly jumps into the WordPress-specific issues. In chapter 6, he outlines 10 must-do WordPress tasks. Then in chapter 7 dives into more WordPress specific tips for hardening your WordPress installation.Chapter 8 is dedicated to a subject that many might not have considered a security risk - securing your content from scrappers and copyright theft.The remaining chapters are dedicated to some advanced techniques for locking down your web server. A lot of the content in these chapters will probably overwhelm those who are not technically inclined, but it is important and relevant and the book would be incomplete if it were omitted.Overall, I give the book very high marks for its comprehensive nature and easy-to-follow style. Being a fan of visual communication, my only quibble with the book is that I would have liked to have seen more illustrations. There's a lot of technical material in the book and Olly does a very good job of explaining in a way that even the technically-challenged should be able to grok. But, I spend a fair bit of time consulting with technically-challenged clients on WordPress issues and my sense is that visual illustrations are very useful in helping to demystify and explain complex technical issues.Nevertheless, I still highly recommend the book for anyone who has a WordPress website. It may not be a fun topic and yes it is a bit scary, but if you have a WordPress website you are a definite target for hackers and I have no doubt that your site will come under attack at some point, if it hasn't already. The more you know about security the more you'll be able to make it less attractive for the hackers to bother with. Buy the book and be informed.

WordPress 3 Ultimate Security: WordPress is for everyone and so is this brilliant book on making your site impenetrable to hackers. This jargon-lite guide covers everything from stopping content scrapers to understanding disaster recovery.

What do you get with Print?

WordPress 3 Ultimate Security

Chapter 2. Hack or Be Hacked

Introducing the hacker's methodology

Reconnaissance

Ethical hacking vs. doing time

Note

The reconnaissance phase

Note

What to look for

Demystifying DNS

Resolving a web address

Domain name security

The scanning phase

Note

Summary

Page 1 of 8

Key benefits

Description

Who is this book for?

What you will learn

Product Details

What do you get with Print?

Product Details

Frequently bought together

Table of Contents

Recommendations for you

Customer reviews

Filter reviews by

People who bought this also bought

FAQs

WordPress 3 Ultimate Security: WordPress is for everyone and so is this brilliant book on making your site impenetrable to hackers. This jargon-lite guide covers everything from stopping content scrapers to understanding disaster recovery.

What do you get with Print?

Contact Details

Shipping Address

Billing Address

Key benefits

Description

Who is this book for?

What you will learn

Product Details

What do you get with Print?

Contact Details

Shipping Address

Billing Address

Product Details

Packt Subscriptions

Frequently bought together

Table of Contents

Recommendations for you

Customer reviews

Filter reviews by

People who bought this also bought

FAQs