wordpress 容易被黑客入侵还是与任何网站有关?原因是什么? [英] Can wordpress hacked easily or is it about any site? What was the reason?
问题描述
我的一位朋友,他是 RIA 开发人员,从事动作脚本编写工作.他创建了一个博客并开始工作,一段时间后他发现他的博客被黑客入侵了,这是用 WP 开发的,并且写了一些文本,所以他只是去 FTP 并删除了所有文件.
One of my friend who is RIA developer and do action scripting. He started a blog and worked on it, after some time he saw that his blog is hacked that was developed in WP and some text was written in it so he just went to FTP and deleted all files.
因此,所有这些似乎 WP 站点被黑客入侵的可能性不仅仅是用 RoR 或 Django 或 CakePHP 或 kohana 等构建的站点.这是真的吗?黑客入侵的真正原因是什么?WP 真的存在一些安全漏洞吗?
So all this seems that a WP sites probability for being hacked is more than site built in RoR or Django or CakePHP or kohana e.tc. Is it true? What was actually the reason of hacking? Is there really some security vulnerabilities in WP?
我是一名 PHP 开发人员,还开发了许多自定义站点,还曾在 WP 和 joomla 等部门工作过.但从来没有听说过这样的事情.如果有问题,那么 SSL 可以解决这个问题吗?很困惑这是怎么发生的...
I am a PHP developer and also have developed many custom sites, and also have worked in WP and joomla e.t.c. but never heard any thing like that. If it is problem there then can SSL solve this problem? Confused that how that happened...
如果您有任何想法,请告诉我,以便我理解并摆脱好奇心.
Please tell me if you have any idea so that I can understand it and get out of curiosity.
推荐答案
Wordpress 是一个相对安全的产品.然而,任何事情都不是 100% 万无一失的.不幸的是,对于 Wordpress 等广泛使用的产品,一旦发现漏洞,它就会在 0-day 漏洞利用站点上广泛使用,并且许多黑客会在网络上搜索以利用此漏洞.
Wordpress is a relatively secure product. However as with anything nothing is 100% fool-proof. Unfortunately with widely-used products such as Wordpress once an exploit is found it is widely available on 0-day exploit sites and a lot of hackers will trawl the web to take advantage of this exploit.
然而,Wordpress 的工作人员非常快速地修补这些错误,这是一个加分项.此外,由非 Wordpress 团队编码的插件的安装可能会被利用,这是黑客入侵的最常见方式.如果出现问题,SSL 证书不会阻止网站被黑客入侵.只是意味着表单数据将在具有更好加密的位置之间传递.我希望这有帮助.
However staff at Wordpress are very quick to patch these errors which is a plus. Also the installation of plugins coded by the non Wordpress team can be open to exploits and is the most common way a hacker finds his way in. If there is an issue an SSL certificate will not stop the site being hacked. Will just mean that an form data will be passed between locations with better encryption. I hope this helps.
这篇关于wordpress 容易被黑客入侵还是与任何网站有关?原因是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
