5 Matakai Ga Zunin Shafin Yanar Gizo na Shafin Farko

Mataki na ashirin da ya rubuta ta:
  • WordPress
  • An sabunta: Jun 19, 2019

Kare kullun shafinka ba za a iya cika ta kowace fasaha ɗaya ba, amma akwai matakai da yawa asusun tsaro na tsaro za ku iya ɗauka don yin wani hare-haren da ya ragu ba zai yiwu ba.

Shafin shafin yanar gizonku na hakika ɗaya daga cikin shafukan yanar gizo mafi sauki a kan shafin yanar gizonku, don haka bari mu fara kan yin shafin yanar gizon shafin yanar gizonku ta yanar gizo kaɗan.

1. Yi amfani da Maganar Kalmomi da Sunan mai amfani

Ƙwararrun tilasta shafukan shiga yana daya daga cikin nau'in hare-haren yanar gizon da shafin yanar gizonku zai fuskanta. Idan kana da sauki don yin tunanin kalmar sirri ko sunan mai amfani, shafin yanar gizonku ba zai yiwu ba kawai manufa amma ƙarshe wanda aka azabtar.

Fassara bayanai ya kirga jerin jerin kalmomin sirri masu amfani da yawa don 2014.

Kalmar wucewa ta hanyar matsayi dangane da amfani.

  1. 123456
  2. password
  3. 12345
  4. 12345678
  5. qwerty
  6. 123456789
  7. 1234
  8. baseball
  9. dragon
  10. kwallon kafa

Idan kun yi amfani da ɗaya daga waɗannan kalmomin shiga da shafin yanar gizon ku na samun duk wata hanya, to za a cire shafin yanar gizonku nan gaba ko daga baya.

Yi amfani da kalmomin sirri mai ƙarfi da sunayen masu amfani na sababbin. A baya can tare da WordPress, dole ka fara tare da tsoffin sunan mai amfani, amma wannan ba haka ba ne. Duk da haka, mafi yawan sababbin shafukan yanar gizo suna amfani da sunan mai amfani na tsoho kuma suna buƙatar canza sunan mai amfani. Zaka iya amfani Admin Renamer ya kara don canza sunan mai amfanin ku.

Tare da samfurori na tsaro, zaka iya karfafa karfi da kalmomi a duk masu amfani da ku. Ba za ku so wani ya sami damar shiga edita ba don amfani da kalmomin sirri marasa ƙarfi a yanzu, kuna so? Yana daidaitawa da tsaro sosai.

Yi amfani da kalmar sirri ta sirri ta sirri kayan aiki samuwa kamar layi Kalmar sirri ta sirri or Norton ta Password Generator or LastPass. Dukansu suna da kyauta don amfani.

Idan kana da wahalar tunawa da kalmominka, zaka iya amfani da su KeePass Password Safe or Dashlane ta mai sarrafa kalmar sirri.

2. Ɓoye Shafin Farko da Wp-Admin Page

Mai hawan ƙwallon ƙaƙa yana buƙatar neman shafin shiga, idan ya yi niyya babban ƙarfi shafin shiga don samun damar. Kuna iya hana wannan ta hanyar yin amfani da abin da wasu suke kira tsaro ta hanyar duhu, ra'ayin cewa ɓoye shafin yanar gizonku zai kare ku, kamar yadda mai haɗari ba zai iya gano hanyar shiga ba. Shafukan yanar gizonku zai zama daidai da banki ba tare da kofa ko wata hanyar samun damar jama'a ba.

Yawancin yanar gizo na yanar gizo suna da wurin shiga shigarwa a yourwebsite.com/login.php.

Ka yi kokarin buga webhostingsecretrevealed.net/login.php a cikin adireshin adireshinka. Shin ba ya aiki, shin? Domin ba ya wanzu. Shigar da shiga don WHSR yana samuwa a kan wani adireshin daban.

Hakazalika, za ka iya canja wurin samun dama akan shafin yanar gizonka zuwa wani abu dabam. Musamman mu canza shafin yanar gizon shiga.

ProtectYourAdmin

Kamar shafin login.php, akwai kulawar wp-admin wanda ya kamata a kare shi. Yana da kyau sauƙi a yi tare da ko dai daga cikin biyu plugins - WPS Kashe Login da kuma Kare Admin ku.

3. SSL

SSL ko Asusun Layer Sanya shine wani ƙarin tsaro na tsaro wanda ke sanya duk wani bayani da ka aika da karɓar tsakanin mai bincike da uwar garke wanda ba a iya lissafa ba. Idan wani ya tsayar da bayanan, ba za su iya karanta shi ba kuma ba za su iya yin hakan ba.

An yi amfani da SSL don amfani da tashoshin kuɗi na kudi kuma a duk lokacin da aka raba wani bayani mai mahimmanci. Shafukan yanar gizo suna adana bayanai game da masu amfani da kuma SSL suna taimakawa wajen kiyaye wannan bayanin.

Hakazalika, SSL ke aiki a shafin yanar gizon shiga ta hanyar yin bincike ga hanyar sadarwar uwar garken aiki da yawa.

SimpleSSl

Ga masu rubutun shafukan yanar gizo da ƙananan kasuwanci, kyauta, raba SSL - abin da zaka iya samun daga mai bada sabis, Bari mu Encrypt, ko CloudFlare - yawanci ya fi dacewa.

Ga harkokin kasuwanci da ke aiwatar da biyan kuɗi na abokan ciniki - ya fi kyau ku saya takaddun shaidar takardar shaidar SSL daga gidan yanar gizonku ko kuma takardar shaidar takarda (CA). Very Simple SSL da kuma WP Force SSL duka taimaka muku saitin SSL akan shafin yanar gizonku, da zarar kuka sayi SSL takardar shaidar.

4. Ƙayyade yawan ƙwaƙwalwar shiga

Wannan wata hanya ce mai sauƙi mai mahimmanci don dakatar da hare-hare mai tsanani a kan shafin yanar gizonku na dama a cikin hanyarsu. Kuskuren karfi mai karfi yana aiki ta ƙoƙarin samun sunan mai amfani da kalmar sirri ta hanyar yin ƙoƙarin samun haɗuwa da yawa a duk tsawon lokaci.

Idan ana sa ido na musamman IP wanda ke ci gaba da kai farmaki, to, za ka iya toshe magoya bayanan da ke maimaitawa ta tilasta gwaje-gwaje da kuma kiyaye shafinka na tsaro. Wannan kuma dalilin da yasa fasalin DDOS na duniya yana faruwa tare da adiresoshin IP masu yawa tare da asalin kai hari, don jefa ayyukan sabis na yanar gizon tsaro da tsaro a tsare.

Tabbacin shiga

Shiga LockDown da kuma Shigar da Tsaro Tsaro duka suna bayar da kyakkyawan mafita don kare shafin yanar gizonku. Suna biye da adreshin IP da kuma iyakance yawan ƙoƙarin shiga don kare shafin yanar gizonku.

5. Biyu Factor Gasktawa

Google Authenticator yana da WordPress plugin da ke aiki ta hanyar app shigar a kan Android / iPhone / Blackberry. Wannan plugin yana haifar da QR code wanda za ka iya duba tare da na'urarka ta hannu ko zaka iya shigar da lambar sirri da hannu.

AuthCode

Shigar da ku zai buƙatar wata ƙirar ƙira wadda aka samo a kan na'urar ku ta hannu don shiga. Za'a iya amfani da plugin ɗin a kan mai amfani ta hanyar mai amfani kuma ba a bada shawara ga masu amfani ba su da iyaka. Ganin cewa yana da wuya sosai cewa dan gwanin kwamfuta yana da damar samun dama ga na'urarka ta hannu, shafukan yanar gizo na shafin yanar gizonku zai kasance da tabbaci sosai (zaton babu sauran vulnerabilities).

Ƙarin Tsaro

Mun tattauna ɓoyewa / sake sunan sunan shiga da kuma wp-admin shugabanci, bada SSL akan shafukan shiga, ta yin amfani da ƙirar matsala guda biyu, iyakance ƙoƙarin shiga da kuma amfani da kalmomin mai ƙarfi da kuma masu amfani na sababbin abubuwa. Har ila yau, ya kamata ka san cewa wasu shafukan yanar gizo suna ba da wasu daga cikin wadannan ayyukan tsaro a kan masu amfani da su.

Idan kuna so, zaku iya amfani da matakan tsaro kamar yadda yake Tsaro na iThemes or Kalma wanda bayar da dama login kariya siffofin baya ga overall WordPress shafin tsaro matakan.

Babu shafin tsaro na tsaro na WordPress ba tare da ambaci cewa tsaro za a iya yin sulhu ba. Yi shirin gaba da dawo da shafin yanar gizonku tare da kayan aikin kyauta kamar Updraft Plus ko mai bada bayani kamar VaultPress or BackUp Buddy.

Ina fata wannan labarin ya taimaka kuma ya sanya shafin yanar gizonku ya fi tsaro.

Game da Vishnu

Vishnu marubucin wallafawa ne da dare, yana aiki a matsayin masanin bayanai a rana.