查找wordpress端口
Often we get asked by our users, is there a way to scan your WordPress site for potentially malicious code? The answer to that question is YES, YES, and YES. There are both free and paid tools available to scan your WordPress site for potentially malicious or unwanted code. Usually, malware and malicious code can go unnoticed for a long time unless you regularly scan your website. In this article, we will show you how to easily scan your WordPress site for malware and potentially malicious code.
用户经常会问我们,有没有一种方法可以扫描您的WordPress网站中是否存在潜在的恶意代码? 该问题的答案是“是”,“是”和“是”。 有免费和付费工具可用于扫描WordPress网站以查找潜在的恶意或有害代码。 通常,除非您定期扫描网站,否则恶意软件和恶意代码可能会在很长一段时间内不被注意。 在本文中,我们将向您展示如何轻松扫描WordPress网站中的恶意软件和潜在的恶意代码。
什么时候扫描WordPress网站中的恶意软件和恶意代码? (When To Scan Your WordPress Site for Malware and Malicious Code?)
The best time to scan your WordPress site for malware and malicious code is now. Many beginners don’t install a WordPress security scanner right away, this means that a malware or malicious code injection can go unnoticed for a long time.
现在是扫描WordPress网站上是否有恶意软件和恶意代码的最佳时机。 许多初学者不会立即安装WordPress安全扫描程序 ,这意味着恶意软件或恶意代码注入可能会在很长一段时间内被忽略。
Many users don’t notice anything until some telltale signs make them suspicious. See our list of common signs that your WordPress site is hacked.
许多用户直到一些明显的迹象使他们变得可疑之前才注意到任何东西。 请参阅我们的常见迹象列表, 表明您的WordPress网站已被黑客入侵 。
Even if your WordPress site is not hacked or affected, you should still learn how to scan your WordPress site for malicious code. It will help you protect your website against future attacks.
即使您的WordPress网站未遭到黑客入侵或受影响,您仍应学习如何扫描WordPress网站中的恶意代码。 它将帮助您保护您的网站免受日后的攻击。
Most importantly, you can improve WordPress security to protect your WordPress site like a total pro (it doesn’t require any technical skills).
最重要的是,您可以提高WordPress的安全性,以像全面专家一样保护WordPress网站(不需要任何技术技能)。
That being said, let’s take a look at how to thoroughly scan your WordPress site for potentially malicious code.
话虽如此,让我们看一下如何彻底扫描WordPress网站中是否存在潜在的恶意代码。
1. Sucuri (1. Sucuri)
Sucuri is the industry leader in WordPress security. They are a paid service but offer limited WordPress scanning feature for free.
Sucuri是WordPress安全领域的行业领导者。 他们是一项付费服务,但免费提供有限的WordPress扫描功能。
To quickly scan your website, you need to install and activate the free Sucuri Security plugin. For more details, see our step by step guide on how to install a WordPress plugin.
要快速扫描您的网站,您需要安装并激活免费的Sucuri Security插件。 有关更多详细信息,请参阅有关如何安装WordPress插件的分步指南。
The plugin checks your WordPress files to see if they are changed. It also scans for possible malicious code, iframes, links, and suspicious activity.
该插件会检查您的WordPress文件,以查看它们是否已更改。 它还会扫描可能的恶意代码,iframe,链接和可疑活动。
The real value comes from their paid plans which come with the best WordPress firewall protection. Their DNS level website application firewall blocks any suspicious activity or malware even before it reaches your website.
真正的价值来自于他们的付费计划,该计划带有最好的WordPress防火墙保护。 他们的DNS级网站应用程序防火墙甚至可以阻止任何可疑的活动或恶意软件进入您的网站。
We recommend using a DNS level website firewall because it is more effective. Sucuri firewall also serves your website static content through their own CDN which gives you a significant performance boost and improves WordPress speed.
我们建议使用DNS级别的网站防火墙,因为它更有效。 Sucuri防火墙还通过其自己的CDN为您的网站提供静态内容,从而显着提高性能并提高WordPress速度 。
Most importantly, if your website gets affected, then Sucuri experts will clean your website at no additional cost. Cleaning a hacked WordPress site is quite difficult even for experienced WordPress users. Knowing that you have real security experts available to clean your website is a huge peace of mind for business owners.
最重要的是,如果您的网站受到影响,那么Sucuri专家将免费清洁您的网站。 即使有经验的WordPress用户,清理被黑客入侵的WordPress网站也非常困难。 知道您有真正的安全专家可以清理您的网站,对于企业所有者来说,这是极大的安心。
We use Sucuri on our website. To learn more see our complete Sucuri review.
我们在我们的网站上使用Sucuri。 要了解更多信息,请参阅我们完整的Sucuri评论 。
2. Wordfence (2. Wordfence)
Wordfence is another popular WordPress security plugin which allows you to easily scan your WordPress site for suspicious code, backdoors, malicious URLs, and known patterns of infections.
Wordfence是另一个流行的WordPress安全插件,它使您可以轻松地扫描WordPress网站中的可疑代码,后门,恶意URL和已知感染模式。
It automatically scans your website in the background, and you can also manually initiate a scan at any time.
它会在后台自动扫描您的网站,也可以随时手动启动扫描。
You will be able to see the progress of the scan in the yellow boxes on the scan page. Once the scan is finished, Wordfence will show you the results.
您将能够在扫描页面的黄色框中看到扫描进度。 扫描完成后,Wordfence将为您显示结果。
It will notify you if it found any suspicious code, infections, malware, or corrupted files on your website. It will also recommend actions you can take to fix those issues.
如果在您的网站上发现任何可疑代码,感染,恶意软件或损坏的文件,它将通知您。 它还将建议您可以采取的解决这些问题的措施。
Wordfence also comes with an application level firewall. This firewall helps you prevent brute force attacks and hacking. However, it runs on your website which makes it a little less effective.
Wordfence还带有应用程序级防火墙。 此防火墙可帮助您防止暴力攻击和黑客攻击。 但是,它在您的网站上运行,因此效果不太好。
For more details, see our step by step guide on how to install and setup Wordfence security in WordPress.
有关更多详细信息,请参阅有关如何在WordPress中安装和设置Wordfence安全性的分步指南。
3.反恶意软件的安全性 (3. Anti-Malware Security)
Anti-Malware Security is another very powerful WordPress security plugin which can help you to scan WordPress for malicious code and malware.
Anti-Malware Security是另一个功能非常强大的WordPress安全插件,可以帮助您扫描WordPress中的恶意代码和恶意软件。
The plugin looks for suspicious code, scripts, .htaccess threats, backdoors, and known-patterns of infections in all folders and files of your website. It performs a comprehensive scan which may take a while to finish.
该插件可在您网站的所有文件夹和文件中查找可疑代码,脚本,.htaccess威胁,后门和已知感染模式。 它执行全面扫描,可能需要一段时间才能完成。
The plugin author actively maintains definitions which means that they are continuously improving to detect new threats as they are discovered.
插件作者会积极维护定义,这意味着它们会不断改进以发现新的威胁。
Keep in mind that the plugin may show a lot of potential threats which are actually false positives. You will have to manually compare those files to source files which could be a lot of work.
请记住,该插件可能显示许多潜在威胁,这些威胁实际上是误报。 您将不得不手动将这些文件与源文件进行比较,这可能需要很多工作。
It also includes a firewall option. The firewall is actually a software level firewall which is less effective than a DNS level firewall.
它还包括防火墙选项。 防火墙实际上是软件级别的防火墙,其效率不如DNS级别的防火墙。
如何清除WordPress中的恶意软件或可疑代码? (How to Clean up Malware or Suspicious Code in WordPress?)
The first thing you need to do is to immediately change all your WordPress passwords. This includes your WordPress user accounts, WordPress hosting account, FTP or SSH user accounts, and your WordPress database password.
您需要做的第一件事是立即更改所有WordPress密码。 这包括您的WordPress用户帐户, WordPress托管帐户 ,FTP或SSH用户帐户以及WordPress数据库密码。
This ensures that if one of these passwords was compromised, then the hackers will not be able to use it to regain access.
这样可以确保如果其中一个密码被泄露,则黑客将无法使用它来重新获得访问权限。
Next, you need to create a complete WordPress backup by either using a plugin or manually through phpMyAdmin and FTP. This step ensures that if something happens during the cleanup, you can still revert back to the infected state of your website.
接下来,您需要使用插件或通过phpMyAdmin和FTP手动创建完整的WordPress备份 。 此步骤可确保如果在清理过程中发生了某些情况,您仍然可以恢复到网站的受感染状态。
After that, we recommend hiring a WordPress security professional to clean the website for you. We recommend Sucuri, each of their paid plans include malware removal service. Even if your website is already affected, they will clean it for you.
之后,我们建议雇用WordPress安全专家来为您清理网站。 我们建议Sucuri ,他们的每个付费计划都包括恶意软件删除服务。 即使您的网站已经受到影响,他们也会为您清除它。
You can also try to clean it yourself. It is difficult work and may take a lot of your time. Stay calm and follow the instructions in our step by step guide on how to fix a hacked WordPress website for beginners.
您也可以尝试自己清洁它。 这是一项艰巨的工作,可能会花费您很多时间。 请保持镇静,并按照分步指南中的说明为初学者修复如何修复被黑的WordPress网站 。
We hope this article helped you learn how to scan your WordPress site for malware and potentially malicious code. You may also want to see our guide on fixing a backdoor in a hacked WordPress site.
我们希望本文能帮助您学习如何扫描WordPress网站上的恶意软件和潜在恶意代码。 您可能还希望查看有关在被黑的WordPress网站中修复后门的指南。
If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.
如果您喜欢这篇文章,请订阅我们的YouTube频道 WordPress视频教程。 您也可以在Twitter和Facebook上找到我们。
翻译自: https://www.wpbeginner.com/plugins/how-to-scan-your-wordpress-site-for-potentially-malicious-code/
查找wordpress端口
8556
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
