Jump to content

Search the Community

Showing results for tags 'wordpress security'.

  • Search By Tags

    Type tags separated by commas.

  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End

Last Updated

  • Start

    End

Filter by number of...

Joined

  • Start

    End

Group

Website URL

Yahoo

Jabber

Skype

Location

Interests

Biography

Location

Interests

Occupation

Found 1 result

  1. aelius
    Nu folosesc pentru ca nu au un certificat SSL valid. Setarea precizata de tine este utila doar daca este instalat un certificat SSL. In plus, nu vad ce are deaface certificatul ssl si conexiunea securizata cu plugin-urile vulnerabile. SSL este doar pentru a asigura un mediu confidential de comunicare intre client si server. Cel mai bine, faci disable la functiile php considerate a fi cu grad mare de risc, setezi php_admin_value in documentroot, utilizezi cat mai putine plugine in wordpress iar cele ce le folosesti, le verifici in prealabil, instalezi mod_security2 pe apache, iar toate astea nu fac decat sa minimizeze probabilitatea ca site-ul sa fie afectat de vulnerabilitati. Apropo de setari SSL in wp-config.php: define('FORCE_SSL_LOGIN', true); define('FORCE_SSL_ADMIN', true); Daca vrei sa-ti faci tot site-ul (wp) accesibil pe https (SSL): https://www.rtfm.ro/diverse/wordpress-over-https/ Site-ul din exemplul tau, gigaom dot com: hp ~ # openssl s_client -connect gigaom.com:443 CONNECTED(00000003) depth=3 /L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 2 Policy Validation Authority/CN=http://www.valicert.com//emailAddress=info@valicert.com verify error:num=19:self signed certificate in certificate chain verify return:0 --- Certificate chain 0 s:/O=*.wordpress.com/OU=Domain Control Validated/CN=*.wordpress.com i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287 1 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287 i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority 2 s:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority i:/L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 2 Policy Validation Authority/CN=http://www.valicert.com//emailAddress=info@valicert.com 3 s:/L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 2 Policy Validation Authority/CN=http://www.valicert.com//emailAddress=info@valicert.com i:/L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 2 Policy Validation Authority/CN=http://www.valicert.com//emailAddress=info@valicert.com --- Server certificate -----BEGIN CERTIFICATE----- MIIFWzCCBEOgAwIBAgIHTsRneEuflzANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5 IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky ODcwHhcNMTAxMDE0MTEyOTI2WhcNMTUxMDE0MTEyOTI2WjBXMRgwFgYDVQQKEw8q LndvcmRwcmVzcy5jb20xITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRl ZDEYMBYGA1UEAxMPKi53b3JkcHJlc3MuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEA8HVxtPIGCifPIjsKjiIkfLySgiljhGChFa+q5lfBQ3OvqF3t lDr1mU3+MKPtFjAA8bnfXG+cQCyHv/aiKyJboraK6XV4bO9AcgVtc4QYYRgL9pAv zNEPde6wMpBIsc5L+dKRdBkmo30wdHPDVOZOzEWtRwgqt723fEa34VtHmJltCLVk hJT4JsVnU2sQqaG+RlJJyGNgDujwdOuboo8tRkbq1allIQrF6QQCAvKbkZFPfDHd K4h2t0RvHoaivuaHJECZuw7St35J1LfbokNixHfHWzmhf7dy83Oz6wGmf7HSTQjG I92XGx73lJBWdnZ6pESAl0z0XvvNz+eyWH0WUwIDAQABo4IBtjCCAbIwDwYDVR0T AQH/BAUwAwEBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0P AQH/BAQDAgWgMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZ29kYWRkeS5j b20vZ2RzMS0yNC5jcmwwTQYDVR0gBEYwRDBCBgtghkgBhv1tAQcXATAzMDEGCCsG AQUFBwIBFiVodHRwczovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMIGA BggrBgEFBQcBAQR0MHIwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHku Y29tLzBKBggrBgEFBQcwAoY+aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNv bS9yZXBvc2l0b3J5L2dkX2ludGVybWVkaWF0ZS5jcnQwHwYDVR0jBBgwFoAU/axh MpNsRdbi7oVfmrrndplozOcwKQYDVR0RBCIwIIIPKi53b3JkcHJlc3MuY29tgg13 b3JkcHJlc3MuY29tMB0GA1UdDgQWBBS0LxcwXRnO4OGsS52wlrTIZXaqnzANBgkq hkiG9w0BAQUFAAOCAQEAHPpi8d4ryH89h3anScdwc/i9OXXd4frvWgUTaLqR/wow y8EIINBycbNttRccmBkexPrToi0pgmk5+MUukqc8USQ1r4dIxRN2EoSH2aWKop2U eY9oA5Yl0TO2dexEyl9IUWkFTl/r77deF4HcYP++9apntxxZpxw2N+0IMwLasPgT 1JDLw4kJNwKvxBETYUqUPSGokHO5XGaFwVhcqDLLnRE/eSmfGcinzdgCFZHwW4oH Ohz0kWTHfWkSu1QaAZg/5OuO1xur8FJWyq050CxPWyBkfroMLj2jzF/wFqiLNJko 7PMeIg87UdxZlDb2e8jc+YDBz9923bBPalJoHeganA== -----END CERTIFICATE----- [B]subject=/O=*.wordpress.com/OU=Domain Control Validated/CN=*.wordpress.com [/B]issuer=/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287 --- No client certificate CA names sent --- SSL handshake has read 4829 bytes and written 465 bytes --- New, TLSv1/SSLv3, Cipher is AES256-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : AES256-SHA Session-ID: EDD77E87C842096B8792D05478FD9F9D2169C87D9658D80ECBD845111BE84127 Session-ID-ctx: Master-Key: 589F7542057E1E83EB07828BCC6F319A3E262637E2FDFC21347E3ED1BEBBA21BFA972FAF0272136ABDC6066812D0F3DD Key-Arg : None Start Time: 1339596091 Timeout : 300 (sec) Verify return code: 19 (self signed certificate in certificate chain) --- read:errno=0 hp ~ #
×
×
  • Create New...