Hi,
How to prevent execution of scripts and defacing a vulnerable websites
Ips , for example a wordpress site
Thanks
If using just Fortigate IPS, look at the list of vulnerabilities it can protect from - https://fortiguard.com/search?q=wordpress&engine=1 to see if it is enough for your case .
Anti-Defacement is a feature of Fortiweb only - when enabled it watches for the website unauthorized changes, and if found any - re-uploads the saved copy of the website to the server.
Update the WordPress site.
Start with the underlying host architecture. Ensure that the host updates their platform. Then change your PHP version to latest. If you don't see PHP 7.4+ you will need to open a support ticket with the host and tell them you need the latest version of PHP because you got hacked due to their insecure platform. Completely wipe the site. Install the latest version of WordPress fresh. Update WordPress and all plugins. Only after everything is at the latest version then you can restore from a backup taken before the system was hacked. Only restore the DB and Content, do not restore the insecure version of WordPress itself. Ensure to update everything again after the restore. Install a WordPress security plugin.
If you actually did prevent the execution of scripts it would make the site inoperable. If you want a site that doesn't run any scripting then stop using WordPress. Make a pure HTML5 based site. That is the only way.
If you don't understand any of these steps then it's time to hire a professional.
Hi,
Changing flow mode to proxy mode will give any benefits ?
Thanks
Against web defacing and such? Nope
Hi,
Is there a way to stop uploading scripts to the web server ?
How can I stop scanning using kali ?
Thanks
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.