One place for hosting & domains

      DigitalOcean

      How to Troubleshoot and Fix a Brute-Force Attack in WordPress on a DigitalOcean Droplet


      Introduction

      While running a WordPress installation through a hosting service can be a convenient way to start a website, it’s not without security vulnerabilities that may sometimes be hard to troubleshoot. Brute-force attacks, cyberattacks that rapidly work to guess and access personal information like logins or passwords, happen when these vulnerabilities are exploited, and can sometimes originate from your website.

      When facing brute-force attacks from your Droplets on DigitalOcean, it’s imperative to remove the threat quickly. While there are a number of ways to identify and remove compromised files vulnerable to attack, this tutorial aims to provide you with some steps to help you detect, resolve, and secure your WordPress installation(s) across DigitalOcean Droplets from vulnerabilities in the future.

      Step 1: Identify the Source of the Brute-Force Attack

      The first step in troubleshooting an issue with a brute-force attack initiated from your Droplet is to identify the malware responsible for the malicious traffic. There are numerous tools and options available, but ClamAV ( http://www.clamav.net/ ) is a good tool to initially attempt to identify and remove the malware.

      Most Linux distributions have ClamAV in their package management system, and typically you’ll need to install ClamAV and then run it.

      • For Ubuntu, Debian, and most Debian-based distributions, you can run:
      • sudo apt-get install clamav clamav-daemon
      • For CentOS 8 you need to enable the EPEL ( https://fedoraproject.org/wiki/EPEL ) repo, which is an official repository of packages supported by the Fedora project, and then install ClamAV.

      You can do so with a single command:

      • dnf --enablerepo=epel -y install clamav clamav-update

      Once ClamAV is installed, you can scan your system with:

      • clamscan --infected --recursive /path/to/wordpress/sites

      Replace the highlighted path with the correct path for your WordPress site. The --recursive parameter will make sure that the command is configured to recurse through subdirectories, and the path we used in this example points to the root folder where all WordPress installations are located. This way, with a single command you can scan all your WordPress sites. ClamAV will then return a list of all files it finds suspicious, but will not take any action yet. After investigating which files ClamAV detected as suspicious and confirming they can be safely removed without causing further damage to your system, you might want to re-run the command with the --remove option to remove the infected files.

      Note:
      --remove will delete any files it finds suspicious with no input from you, so it is NOT RECOMMENDED to run with --remove as your first scan until you can confirm the results.

      In cases where ClamAV does not find any malware, you will need to manually investigate and find the malware. While there are several ways to do this, a good starting point is to find and identify any recently uploaded files, based on the file’s timestamp information.

      To do this, use the ‘find’ command:

      • find /path/to/wordpress/site -mtime -DAYS

      To use this command, replace the /path/to/wordpress/site with the file path to your WordPress site, and -DAYS with how many days to go back. For example, if you wanted to look back 1 day, it would be -1; to look back 10 days, it would be -10.

      Take time to investigate any files that were uploaded or modified that you’re unaware of.

      Step 2: Update your WordPress Installation

      After identifying the malware, the next step to preventing malicious attacks from reoccurring is to update your WordPress installation. It’s wise to patch WordPress and any themes or plugins installed, to ensure that, if the compromise was in a plugin or theme’s install directory, you have removed and reinstalled that plugin or theme. You may be able to remove all malicious files, but in most cases, a clean installation of a compromised component is preferred.

      You can perform these updates from within WordPress’ administration UI in most cases, which doesn’t require the use of any additional tools. WordPress also offers an automatic update option that you’re encouraged to enable in order to reduce the time your websites might be vulnerable to newly discovered security issues.

      Another helpful piece of advice in preventing malicious attacks is to update all components, even the ones that are marked as inactive. In some situations, even disabled plugins and themes may be accessible and able to be compromised if not kept updated. If you’re sure you don’t need a theme or plugin, the best course of action would be to remove it in its entirety.

      In some cases, a theme or plugin may be abandoned by the author, and while you have the most recent version installed, the plugin or theme may have an issue that has not been fixed. In this case, you may need to consider other options for substituting the abandoned component that is currently updated, but was still the source of a compromise.

      Step 3: Secure Your WordPress Installation Against Malicious Attacks

      Once you have both removed any malicious files and ensured all components are updated, it’s time to secure your WordPress installation. The next step we recommend is to change all passwords for users that have access to the administration UI, especially those that have full admin rights, or the ability to upload or modify file contents.

      Checking your filesystem permissions if you’re not aware of the current configuration is also an important step in securing your WordPress installation, as the wrong permissions can allow file read and write access you didn’t intend. WordPress provides a good outline of what the settings should be and how to update them here.

      As a step in securing your Droplet’s installation, you can also install a plugin to limit the amount of failed login attempts, which dramatically reduces the risk of brute force attacks. The wp-limit-login-attempts plugin is a popular option to use.

      Finally, consider using a WordPress security plugin like Jetpack or Wordfence. These plugins help actively combat intrusion attempts and provide a final layer of security to ensure that your site is only used for what you intend.

      An alternative to using a server-side plugin like Jetpack or Wordfence would be to investigate if Cloudflare’s caching and Web Application Firewall (WAF) service might be a good fit for your specific use case. To learn more about this option, check out CloudFlare’s documentation.

      Conclusion

      Navigating troubleshooting options when brute-force attacks originate from your Droplets can be cumbersome, but in this tutorial, we shared some steps to help you detect, resolve, and secure your WordPress installation(s) across Droplets. For more security-related information to help manage Droplets, check out our Recommended Security Measures article.



      Source link

      How To Build A Website With HTML: A DigitalOcean Workshop Kit


      How To Build a Website With HTML Workshop Kit Materials

      This workshop kit is designed to help an instructor guide an audience without a background in web development through the steps of recreating and personalizing this HTML website from start to finish in roughly ninety minutes. Attendees will finish the workshop with an understanding of HTML and a personal website ready to deploy to the cloud.

      No prior coding experience is assumed on the part of the audience. Instructors without HTML experience should be able to teach the course after reviewing the material first.

      The aim of this workshop kit is to provide a complete set of resources for a speaker to host a workshop on building a website with HTML. It includes:

      • Slides and speaker notes that lead participants through setting up their website project, hands-on exercises, and conceptual explanations.
      • An online tutorial series with copyable code snippets, conceptual overviews, and additional HTML lessons and tips for further customizing the project website.
      • A demonstration website to show participants what they will build by the end of the workshop.

      This workshop kit page is intended to help instructors prepare for the workshop and provide a starting point for students. Instructors should point students to this page so they can have access to the slides (which contain useful links), the supplementary tutorial series, and the demonstration website.

      If desired, students can prepare for the workshop by reading the introduction below and making sure that they have the prerequisites ready before the workshop starts.

      Introduction

      If you are interested in learning how to build and design websites, Hyper Text Markup Language (HTML) is a great place to start. This project-based tutorial series will introduce you to HTML and its methods by building a personal website using our demonstration site (below) as a model. Once you learn the fundamentals, you will know how change the website’s design and add personalized content. No prior coding experience is necessary to follow along the tutorials in this series.

      This gif illustrate a scroll through our demonstration site

      HTML is the standard markup language used to display documents in a web browser. First developed by Tim Berners Lee in 1990 while working at the European Organization for Nuclear Research (CERN), HTML was one of the key innovative technologies used to publish the world’s first website on August 6, 1991. Thanks to a restoration project by CERN, you can now revisit the original website. Since that time, HTML has been significantly updated and expanded but its basic purpose to format and structure web pages remains the same.

      Today, HTML is one of many tools used to build the web. Knowing how to write HTML will provide a strong foundation for your career as a web designer and prepare you to learn additional front-end web development skills like CSS and JavaScript.

      In this workshop, you’ll learn how to create and customize a website using common HTML tags and techniques. After finishing workshop, you’ll have a site ready to deploy to the cloud.

      Prerequisites

      • A code editor like Visual Studio Code or Atom. For this tutorial series, we will be using Visual Studio Code as our default code editor but you may use any code editor you like. Certain instructions may need to be slightly modified if you use a different editor.
      • A web browser like Firefox or Chrome. We will be using Firefox as our default browser but you may use any browser you like. Certain instructions may need to be slightly modified if you use a different web browser.
      • Two different profile photos, images, or avatars for personalizing your site (optional).

      Once you have your prerequisites ready, you will be ready to begin the workshop. Follow along with the speaker slides and the online tutorial series for copyable code snippets, conceptual overviews, and additional HTML lessons and tips for further customizing your project website.



      Source link

      Kubernetes Made Simple: An Overview of DigitalOcean Kubernetes


      How to Join

      This Tech Talk is free and open to everyone. Register below to get a link to join the live event.

      Format Date RSVP
      Presentation + Q&A Wednesday, August 5, 2020, 1:00–2:00 p.m. ET

      If you can’t join us live, the video recording will be published here as soon as it’s available.

      About the Talk

      Kubernetes is hard. In our spirit for all things simple, a team of engineers and designers at DigitalOcean set out to create a Kubernetes experience that developers can love. They built features that help you go from zero to running applications as quickly as possible, without the hassle of management and maintenance.

      Hear from Phil Dougherty, Senior Product Manager at DigitalOcean, who will walk through how you can easily set up your own Kubernetes cluster.

      What You’ll Learn

      • How DigitalOcean Kubernetes (DOKS) was developed
      • How DigitalOcean uses DOKS internally
      • How to set up a Kubernetes cluster with DOKS
      • DOKS product roadmap

      Prerequisites

      Beginner knowledge of Kubernetes



      Source link