Author Archives: ChloeCon

Google Search: inurl:/wp-content/plugins/vulnerable-plugin/

Quick Reference Guide Who is this person? I am Chloe, a Threat Analyst for Wordfence. I have the following security certifications: C|EH (Certified Ethical Hacker) SSCP (System Security Certified Practitioner) Security+ CySA+ (Cybersecurity Analyst+) PenTest+ When I am not working (or while I am?), I enjoy traveling the world and exploring new places. Google Hacking. […]

Passwords are one of your biggest weaknesses. Don’t be a victim.

  Resources  Slides: https://docs.google.com/presentation/d/e/2PACX-1vTGdxKUPiMimTFYSEIou39bwNGCy6oLIy0NuIokPkLmeagmpMSGWTkJxkTWxRWehe4A8xtAZWnBGhIs/pub?start=false&loop=false&delayms=3000Video: https://wordpress.tv/2019/06/05/chloe-chamberland-passwords-are-one-of-your-biggest-weaknesses-dont-be-a-victim/https://howsecureismypassword.net/https://www.md5hashgenerator.com/https://crackstation.net/https://haveibeenpwned.com/https://1password.comhttps://www.lastpass.com/business-password-managerhttps://www.dashlane.comhttps://www.roboform.com

#WCMIA: 7 Steps to Secure your WordPress & 7 Tips to Keep it Secure Extended Cut

Quick Reference Guide Hardening General Login Configurations Disabling xmlrpc.php # Block WordPress xmlrpc.php requests<Files xmlrpc.php>order deny,allowdeny from allallow from 123.123.123.123</Files> .htpassword generator  http://www.htaccesstools.com/htpasswd-generator/  .htpasswd .htaccess code # Protect wp-login<Files wp-login.php>AuthUserFile /path/to/.htpasswdAuthName “Private access”AuthType Basicrequire user yourusername</Files> Hardening your General WordPress Configurations Disable File Editing ## Disable Editing in Dashboarddefine(‘DISALLOW_FILE_EDIT’, true); Enable WordPress Auto-Updates ## Auto […]

#WCMIA: 7 Steps to Secure your WordPress & 7 Tips to Keep it Secure

Quick Reference Guide Hardening General Login Configurations Disabling xmlrpc.php # Block WordPress xmlrpc.php requests<Files xmlrpc.php>order deny,allowdeny from allallow from 123.123.123.123</Files> .htpassword generator  http://www.htaccesstools.com/htpasswd-generator/  .htpasswd .htaccess code # Protect wp-login<Files wp-login.php>AuthUserFile /path/to/.htpasswdAuthName “Private access”AuthType Basicrequire user yourusername</Files> Hardening your General WordPress Configurations Disable File Editing ## Disable Editing in Dashboarddefine(‘DISALLOW_FILE_EDIT’, true); Enable WordPress Auto-Updates ## Auto […]