Sida Looga Saaro Malware-ka Mareegahaaga WordPress
WordPress waa mid ka mid ah nidaamyada maaraynta mareegaha ugu caansan ee adduunka oo dhan laga isticmaalo. Sida laga soo xigtay W3Techs(According to W3Techs) , waxay awood u leedahay 34% dhammaan shabakadaha internetka(Internet) . Caannimada WordPress waa qayb ay sabab u tahay tirada faraha badan ee plugins iyo habyaalada la heli karo kuwaas oo u oggolaanaya ku dhawaad wax kasta in lagu sameeyo mareegaha.
Kala duwanaanshahaas ballaaran ee shaqeyntu waxay la yimaadaan baylahda sidoo kale. Hackers waxay inta badan awoodaan inay galaan koodka oo ay ku faafiyaan boggaga WordPress -ka malware-ka si la mid ah waxay ku beeran karaan malware-ka router(malware on a router) .
Malware waxa ay wax yeeli kartaa oo burburin kartaa goobtaada, marka waa muhiim in aad si dhakhso leh wax uga qabato si aad malware-ka uga saarto boggaga WordPress .
Marka hore la xidhiidh mareegahaaga(Contact Your Web Host First)
Kahor intaadan isku dayin mid ka mid ah talooyinka hoose, la xidhiidh shirkaddaada martigelinaysa marka hore. Waxaa suurtagal ah in server-ka martida loo yahay, gaar ahaan haddii aad ku jirto server-ka la wadaago, uu ku faafinayo koodka xaasidnimada ee ka socda goob kale adiga.
Weydii inay iskaan ka sameeyaan server-kooda si aad u hubiso inuusan ahayn dembiilaha ka hor inta aanad isku dayin inaad ka saarto malware-ka goobtaada. Intaa waxaa dheer, waxay u soo jeedin karaan talooyinka milkiilayaasha mareegaha farsamada yar ee ku saabsan sida si badbaado leh loo baadho oo looga saaro malware-ka boggooda.
Qaar ka mid ah martigeliyayaasha ayaa laga yaabaa inay sidoo kale bixiyaan adeegyo halkaasoo ay kaaga saari doonaan. Ka dibna ku kaydi goobtaada, yaraynta khatarta ah inaad malware-ka geliso kaydkaaga.
Martigeliyayaasha shabakadu waxay leeyihiin khibrada, agabka, iyo fursadaha ay wax kaga qabtaan malware-ka, markaa ka hubi iyaga marka hore ka hor intaadan isku dayin inaad keligaa samayso.
Qaado Tallaabooyinka Ka Hortagga ah(Take Preventative Measures)
Had iyo jeer way fiican tahay inaad isku daydo inaad ka hortagto hanjabaadaha ka hor intaysan dhicin. Talaabada ugu muhiimsan ee isticmaalayaashu ay tahay inay qaadaan waa inay hubiyaan inay mar walba ku socdaan nooca ugu dambeeyay uguna xasilloon ee WordPress , xitaa haddii ay kaliya ku rakibayaan nooca tijaabada kumbuyuutarkooda.
Noocyo cusub ayaa badanaa la sii daayaa si loo hagaajiyo dayacanka caadiga ah ee laga helay noocyadii hore. Isla sidaas oo kale ayaa ah plugins iyo mawduucyada. Cusbooneysii iyaga oo ka saar kuwa aadan isticmaalin.
Qaar ka mid ah arrimaha taban ee badan ee malware-ku ku keeni karo goobta WordPress waxaa ka mid ah:
- Shabakadda(Web) iyo MySQL waxay kordhiyeen isticmaalka agabka server-ka.
- Xayeysiis aan la rabin.
- Boostada spamka ayaa lagu soo diray bug
- Xatooyada xogta gaarka ah ee macaamiisha iyo isticmaalayaasha.
- Luminta macluumaadka goobtaada
- Ganaaxa Google
Maxaad samayn kartaa haddii website-kaagu uu cudur ku dhaco ama la jabsado? Maqaalkan, waxaan ku qeexi doonaa tillaabooyinka aad qaadi karto si aad malware-ka uga saarto goobta WordPress .
Isticmaal Plugins ka saarida Malware WordPress(Use WordPress Malware Removal Plugins)
Haddii aad geli karto oo aad geli karto aaggaaga maamulka WP, waxaa laga yaabaa inaadan dib u soo gelin dhammaan goobtaada. Isticmaalka plugin WordPress(WordPress plugin) ah oo ku habboon waxay kaa caawin kartaa ka saarida malware-ka mareegahaaga WordPress(WordPress) .
MalCare Security
MalCare waa plugin qiimo leh oo isla markaaba ka saari doona malware-ka rakibaada WP. Ma aha oo kaliya inay nadiifin doonto goobta la jabsado, laakiin waxay sidoo kale ka ilaalin doontaa xadgudubyada amniga mustaqbalka.
Mid ka mid ah faa'iidooyinka badan ee MalCare ayaa ah inay ku baadho goobtaada server-keeda. Mareegtaada ma la kulmi doonto wax culays ah kheyraadkeeda oo waxay u sii wadi doontaa inay si habsami leh u shaqeyso.
Waxa jira afar heerar oo qiimo ah oo ka bilaabmaya $99/sanadkii hal goob ( Personal ) ilaa qorshaha Wakaalada Custom Plus(Custom Agency Plus) ee in ka badan 20 goobood.
Malcare waa plugin amniga WP dhamaystiran oo ay ku jiraan astaamo dheeri ah oo badan sida:
- Ogeysiisyada iimaylka ee waqtiga-dhabta ah
- Raadraaca faylka yar ayaa isbedelaya.
- Yaraynta digniinaha beenta ah.
WordFence
Mid ka mid ah plugins-yada aadka loo isticmaalo ee amniga WP waa WordFence . Waxaa ka mid ah iskaanka malware-ka iyo firewall-ka barta dhamaadka.
Laga soo bilaabo ilaalinta weerarrada xoogga ah ilaa blocks firewall, nooca bilaashka ah ee WordFence(the free version of WordFence) ayaa awood ku filan u leh mareegaha yaryar.
Haddii aad rabto astaamo dheeri ah sida xaqiijinta laba-factor, ilaalinta erayga sirta ah ee soo daatay, iyo xannibaadda gacanta ee horumarsan, waxaad iibsan kartaa liisan qaali ah. Qiimuhu wuxuu ku salaysan yahay tirada shatiyada aad iibsatay, laga bilaabo $99 midkii.
Dhammaan waxay ku jiraan Hal WP Security & Firewall(All in One WP Security & Firewall)(All in One WP Security & Firewall)
Mid ka mid ah pluginsyada amniga bilaashka ah ee leh astaamaha ugu badan waa Dhammaan ku jira Hal WP Security & Firewall . Waxay ku siinaysaa is-dhexgal muuqaal fudud iyadoo la isticmaalayo mitir iyo garaafyo.
Plugin waxaa loogu talagalay kuwa bilowga ah iyo kuwa horumarsan oo leh seddexda qaybood: aasaasiga, dhexe, iyo sare.
Dhammaan kuwa ku jira Hal WP Security waxay ilaalin doonaan mareegaha iyagoo:
- Bixinta amniga faylka iyo kaydinta xogta.
- Kobcinta amniga diiwaangelinta isticmaalaha.
- Joojinta isku dayga soo gelista xoogga leh.
Astaamaha dheeriga ah waxaa ka mid ah awooda lagu soo celiyo .wp-config iyo .htaccess faylalka. Isticmaalayaashu waxay sidoo kale soo celin karaan faylashaas haddii ay wax ka khaldan yihiin boggooda.
Si aad u hesho liiska buuxa ee dhammaan plugins ammaanka WordPress , booqo WordPress.org(visit WordPress.org) . Haddii aadan awoodin inaad gasho, waxaa laga yaabaa inaad dib u rakibto dhammaan goobtaada.
Haddii aad ka aqoon badan tahay tignoolajiyada, oo aad ku maamusho goob server-kaaga ah, si taxadar leh u raac tillaabooyinka hoose.
Maskaxda ku hay in taageerada goobtaada iyo tirtirida ay noqon karto khatar waana in kaliya ay isku dayaan milkiilayaasha shabakadaha farsamada sare.
Kaydi xogtaada iyo Dhammaan faylalkaaga(Backup Your Database & All Files)
Haddii aad cudurka qabto oo aad u baahan tahay inaad ka saarto malware-ka boggaaga WordPress(WordPress) , waa muhiim inaad isla markiiba ilaaliso macluumaadkaaga. Kahor intaadan waxba samayn, samee nuqul dhamaystiran oo ku samee boggaaga WordPress(WordPress) si aad dib ugu soo celiso haddii ay wax qaldamaan.
Hubi inaad dib u soo celiso nooca nadiifka ah ee xogta MySQL(back up a clean version of your MySQL database) iyo akoonkaaga FTP . Waxaa jira dhowr siyaabood oo lagu kaydiyo goobta, oo ay ku jiraan cPanel, phpMyAdmin, iyo plugins WordPress (sida Vaultpress ).
Waxaa aad loogu talinayaa in dhammaan isticmaalayaasha WordPress ay si joogto ah u kaydiyaan boggooda. Tallaabooyinka hoose waxay muujinayaan sida gacanta looga saaro malware-ka goobtaada WordPress .
Tallaabada 1: Baadh faylalkaaga(Step 1: Examine Your Files)
Ka dib markaad kaydiso dhammaan goobtaada WP, soo deji faylka zip-ka ee kombayutarkaaga ah. Ku fur bidix adigoo laba jeer gujinaya. Waa inaad aragto faylasha soo socda:
- Dhammaan faylalka muhiimka ah ee WordPress.
- wp-config.php.
- .htaccess : Kani waa fayl dahsoon waxaana ku jira magaca, isticmaalaha, iyo erayga sirta ah ee xogtaada WordPress . Si aad u hubiso inaad taageertay faylkan, isticmaal codsi tafatirka code ama barnaamijka FTP kaas(an FTP program) oo kuu ogolaanaya inaad aragto faylasha qarsoon. Hubi inaad hubiso ikhtiyaarka Show Hidden Files .
- Galka wp-content ka oo ay ku jiraan mawduucyo, plugins, iyo uploads.
- Xogta SQL
Talaabada 2: Ka Tirtir Dhammaan Faylasha & Fayliyada Faylka Dadweynaha_html(Step 2: Erase All Files & Folders From The Public_html Folder)
Markaad hubiso inaad haysato kayd dhamaystiran oo website-kaaga ah, gal maamulaha faylka ee(File Manager) martigelinaya webkaaga .
Soo hel folder_html(public_html) oo tirtir waxa ku jira marka laga reebo wp-config.php, wp-content, iyo cgi-bin galka.( cgi-bin folders.)
Hubi(Make) inaad sidoo kale daawanayso faylasha aan la arki karin, oo ay ku jiraan . htaccess maadaama laga yaabo in la carqaladeeyo.
Haddii aad martigelinayso goobo badan, waa inaad ka fikirtaa in sidoo kale la dhibay sababtoo ah caabuqa isdhaafka ah waa mid caadi ah. Raac nidaamka isku midka ah ee dhammaan goobaha la martigeliyo ee isla serverka.
Fur faylka wp-config.php oo barbar dhig muunad faylka wp-config . Waxaad ka heli kartaa faylkan kaydka WP GitHub(WP GitHub repository) .
Sidoo kale, fiiri faylkaaga si aad u aragto haddii ay wax u eg yihiin shaki sida xargaha koodka dheer. Haddii aad hubto in shay aanu meesha ku jirin, ka saar.
Hadda tag wp-content directory oo:
- Samee liis dhammaan pluginskaaga rakiban ka dibna tirtir.
- Tirtir(Delete) dhammaan mawduucyada, oo uu ku jiro midka aad isticmaalayso. Dib baad u soo dajin doontaa.
- Ka fiirso gal gelintaada si aad u aragto haddii ay jiraan wax aanad dhigan.
- Tirtir index.php ka dib markaad tirtirto dhammaan plugins-yada.
Tallaabada 3: Ku rakib Nooc Nadiif ah oo WordPress ah(Step 3: Install a Clean Version Of WordPress)
U gudub(Navigate) guddiga kontoroolka martigeliyahaaga oo dib ugu rakib WordPress isla tusaha goobta asalka ah.
Waxay noqon doontaa hagaha guud_html(public_html) ama hage-hoosaad haddi aad ku rakibtay WordPress bogga wax-ku-darka. Isticmaal rakibaha hal-guji ama QuickInstall (waxay kuxirantahay shirkaddaada martigelinaysa) ee ku dhex jira guddiga kontoroolka martigelinta ee shabakadaada.
Ka fur faylka daamurka ama zipped oo geli faylashaada seerfarkaaga. Waxaad u baahan doontaa inaad abuurto faylka wp-config.php cusub oo aad xogta ka geliso kaydinta degelkaaga. Waxa kaliya oo aad u baahan tahay inaad geliso magaca kaydka xogta, erayga sirta ah, iyo horgalayaasha
Tallaabada 4: Dib u deji Permalinks & Passwords(Step 4: Reset Permalinks & Passwords)
Gal(Log) goobtaada WP oo dib u deji dhammaan isticmaalayaasha iyo ereyada sirta ah. Haddii ay jiraan isticmaaleyaal aan la aqoonsan, waxay la macno tahay in xogtaada la jabsaday.
Waxaad shaqaaleysiin kartaa xirfadle si aad u nadiifiso xogtaada si aad meesha uga saarto kood kasta oo xaasidnimo leh.
Si aad dib ugu dejiso Permalinks(Permalinks) , aad Settings > Permalinks ka bacdina Keydi Isbeddellada(Save Changes) . Habkani wuxuu soo celin doonaa faylka .htaccess wuxuuna hagaajin doonaa URL(URLs) -yada goobtaada si ay u shaqeeyaan. Sidoo kale, dib u deji dhammaan xisaabaadka martigelinta iyo furayaasha FTP -ga .
Tallaabada 5: Dib u rakib mawduuca & Plugins(Step 5: Reinstall Theme & Plugins)
Ha ku rakibin noocyadii hore ee mawduucaaga ama pluginskaaga. Taa beddelkeeda, ka hel soo dejisyo cusub kaydka WordPress ama goobta horumariyaha plugin premium. Ha isticmaalin plugins aan hadda la taageerin.
Haddii aad wax ka bedel ku leedahay mawduucaagii hore, eeg faylalka kaydka ah ee aad ku soo dejisay kumbuyuutarkaaga oo ku celceli isbeddellada nuqulka cusub.
Talaabada 6: Sawir oo dib u soo rar sawiradaada iyo dukumeentiyadaada kaabtaada(Step 6: Scan & Re-Upload Your Images & Documents From Your Backup)
Tallaabadani waxay noqon kartaa mid caajis ah, laakiin waa lagama maarmaan. Si taxadar leh(Carefully) u fiiri sawiradaada iyo faylasha la soo galiyay ka hor intaadan dib ugu wp-content > uploads folder ee maamulaha faylka.
Isticmaal(Use) barnaamij ka hortag ah oo casri ah si aad u sawirto dhammaan faylasha si aad u aragto haddii mid ka mid ah uu cudurka qabo. Ku soo rar faylalka nadiifka ah seerfarkaaga addoo isticmaalaya macmiilka FTP ama maamulaha faylka. Qaab dhismeedka galku isku mid ha ahaato si aadan ugu dambayn xiriirin jaban.
Tallaabada 7: Ogaysii Google(Step 7: Notify Google)
Haddii aad ogaatay in goobtaada ay waxyeello ka soo gaartay digniin ka timid Google , waxaad u baahan tahay inaad ogeysiiso inaad ka saartay malware-ka si ay u diidaan ogeysiiska xisaabtaada.
Aad Google Search Console oo gal haddii aad horeba akoon u leedahay. Haddii aadan, diiwaan geli website-kaaga.
Ka hel Amniga & Tallaabooyinka(Security & Manual Actions) gacanta ee marinka gacanta bidix. Guji(Click) meesha hoose oo dooro Arrimaha Amniga(Security Issues) .
Halkan waxaad ku arki doontaa warbixin ku saabsan ammaanka goobtaada. Dooro Codso dib u eegis(Request a review) oo u gudbi Google.
Related posts
Sida Loo Kordhiyo Bogga WordPress ee 11 Tallaabo
Sida Loo Sameeyo Bogga WordPress Mid Sugan
Sida Loo Sameeyo Mareegtaada Twitter-ka La mid ah Adigoo Adeegsanaya Mawduuca P2 ee WordPress
10ka Muhiimka ah ee WordPress Plugins ee Mareegaha Ganacsiga Yaryar
Sida Loogu Rakibo Goobta Imtixaanka WordPress ee Kumbuyuutarkaaga
Sida Loo Sameeyo Tijaabooyin Qaybsan Oo Wax Ku Ool Ah Gudaha WordPress
Sida Looga Gudbo Tifaftiraha WordPress ee Classic ah una Gudbinaya Gutenberg
3-da ugu Fiican SEO Plugins ee WordPress
11-ka ugu Fiican WordPress Podcast Plugins
Casharka WordPress Gutenberg: Sida Loo Isticmaalo Tifaftiraha Cusub
Sida Loo Abuuro Kuuboonkaaga Kuuboonka ah gudaha WordPress
Sida loo hubiyo in mareegaha laga mamnuucay AdSense
Abuuritaanka Mawduuca Ilmaha ee WordPress
7 Talooyin WordPress ah oo loogu talagalay Mareegta Saaxiibtinimada Mobilka
Sida Loo Badbaadiyo-Password-ka Bogagga Mareegahaaga WordPress
Sida loo rakibo WordPress on Google Cloud Platform
Sida Loo Isticmaalo Lumen5 Si Loogu Bedelo Boostada Blog-ga Muuqaal
Sida Loo Helo Adminkaaga WordPress Login
Sida loo rakibo & habaynta WordPress ee Microsoft Azure
Sida loo habeeyo Asturnaanta gudaha WordPress iyo sababta ay muhiim u tahay