Great Plugin

Viewing 11 replies - 1 through 11 (of 11 total)

  • Hi
    Honestly, no clue.
    Do you have access to your webservers logfiles,
    I guess they can provide some debug information

    best regards
    Henrik Schack

    Thread Starter 344kellogg

    (@344kellogg)

    I use Code Guard to backup my sites. If I do a full site restore to yesterday would that overwrite anything I added today (including the Google Authenticator plugin)?

    Yes, but a simpler solution would be to use ftp to remove the google-authenticator folder

    best regards
    Henrik Schack

    Thread Starter 344kellogg

    (@344kellogg)

    Oh ok. I’ll do that. Thanks.

    I would really like to dig into this, would you care to email me a list of your active plugins?
    and if you can get your hands on some logfiles that would also be helpful.

    I can be reached at: henrik at schack dot dk

    Br Henrik Schack

    Thread Starter 344kellogg

    (@344kellogg)

    I got it working. Thanks for the help though. It was my fault…I didn’t read the instructions carefully enough! Everything is up and running. It works great.

    Great ??

    Thread Starter 344kellogg

    (@344kellogg)

    I have a question. Is gaining access to someone’s username/password the biggest threat to the security of a WordPress site? Or are there other, equally, vulnerable areas? I’m trying to understand security better. For example, a couple years ago, I had one of my WordPress sites hacked somehow and a bunch of PHP code injections were added to multiple files. It was a nightmare. But I don’t think they got in through my username/password (at least that’s what I was told by Rackspace who I was hosting with at the time).

    May I ask what went wrong ? Would like to avoid 2 star reviews if it’s something I can prevent in the plugin ??

    Best regards
    Henrik Schack

    Hi
    Access to username/password is a problem.
    A lot of WordPress installations have the default username “admin” active, so actually you only have to guess the password, in such a case two factor authentication could increase security a great deal.
    There are a few plugins available that can fix some of this stuff, ie rename the admin user rename the default table names etc.

    Always keeping your WordPress installation and plugins up2date with the latest versions is also very important, everyone makes mistakes from time to time that needs fixing.

    A different approach could be to use an application firewall, Naxsi for the nginx webserver looks nice, but I haven’t tried it myself
    https://www.owasp.org/index.php/OWASP_NAXSI_Project

    Best regards
    Henrik Schack

    Thread Starter 344kellogg

    (@344kellogg)

    Thanks for the info.

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Great Plugin’ is closed to new replies.