Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
As stated in your previous topic, all we can suggest is that you review http://wordpress.org/news/category/security/
that give steps on how to execute the attacks
It’s not like we are going to advertise how to hack WordPress. That would be highly unprofessional and more than a little stupid.
steps on how to mitigate against them
Have you reviewed Hardening_WordPress?
i appreciate the help but even having to backtrack for me will be a difficult task, i am a complete novice in IT security and i am only sticking my degree out because i’m so close to the end and it’d be a waste otherwise. however thanks for your support guys.
Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
So you found your answer?
Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
What is the question again, can you rephrase it?
like where you said i can backtrack from the solutions to exploits, i am going to have great difficulty with this. For example obviously for my project i’ve had to do initial research, so i provided a few examples of exploits that have occurred. one of which is: SQL commands via the ‘post_type’ parameter which sends to the ‘pingback.extentions.getpingbacks’ process. so i have looked up this on google and i don’t even know what these processes/methods are for, let alone being able to perform/mitigate against.
so saying to backtrack is going to be difficult because i literally understand very little.
i probably sound really stupid and you’re wondering why i’m doing IT security but as i said i just want to get it done and move on.
thanks
Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
The resources I linked have not been written for a technical audience, so you should be fine.
okay thanks andrew, appreciate the help and i’ll have a look through them. if i have any queries is it okay to post here again?