blocks|key|482140|text|你不能在共享主机上安装一个真正的IDS，这是主机的责任。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|482141|一个类似黑客的解决方案：|482142|您可以创建一个定期运行的脚本(使用cron或其他机制)，该脚本将对所有文件进行校验和，并将校验和与以前存储的记录进行比较，如果存在差异，则通知您。|482143|要查明您的脚本本身是否已被攻击删除(1)，您还必须在远程服务器(可能类似于Google+App+Engine+)上创建一个脚本，该脚本ping您的共享服务器脚本，并检查它是否获得预期的结果(可能是基于给定时间的散列)- if否，它会发送电子邮件给您。|482144|(1)这实际上不太可能，大多数攻击都不会删除文件|482145|entityMap^0|0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|L|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|M|8|@]|9|@]|A|$]]|$1|D|3|E|5|6|7|N|8|@]|9|@]|A|$]]|$1|F|3|G|5|6|7|O|8|@]|9|@]|A|$]]|$1|H|3|I|5|6|7|P|8|@]|9|@]|A|$]]|$1|J|3|-4|5|6|7|Q|8|@]|9|@]|A|$]]]|K|$]]

You can't install a true IDS on shared hosting, this is the host's responsibility.

An hack-ish solution:

You could create a script that ran periodically (using cron or some other mechanism), that would checksum all files, and compare the checksums with a previously stored record, then notify you if there are differences.

To find out if your script itself was deleted by the attack (1), you must also create a script sitting on a remote server (something like Google App Engine, perhaps), that pings your shared-server-script, and checks if it gets an expected result (a hash based on given time, perhaps) – if not, it emails you.

(1) This is actually quite unlikely, most attacks don't delete files

blocks|key|2797570|text|http://www.la-samhna.de/samhain/|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|2797571|然而，这不适用于共享主机，因此您需要一个vps或一个专用服务器|2797572|entityMap|0|LINK|mutability|MUTABLE|url^0|0|W|0|0|0^^$0|@$1|2|3|4|5|6|7|M|8|@]|9|@$A|N|B|O|1|P]]|C|$]]|$1|D|3|E|5|6|7|Q|8|@]|9|@]|C|$]]|$1|F|3|-4|5|6|7|R|8|@]|9|@]|C|$]]]|G|$H|$5|I|J|K|C|$L|4]]]]

<a href="http://www.la-samhna.de/samhain/" rel="nofollow noreferrer">http://www.la-samhna.de/samhain/</a>

However this won't work on shared hosting, so you'll need either a vps or a dedicated server

blocks|key|835327|text|我以前用过Tripwire。它真的工作得很好。...its不是免费软件。您可以通过搜索术语"IDS“或”入侵检测系统“找到一些不错的选项|type|unstyled|depth|inlineStyleRanges|entityRanges|data|835328|entityMap^0|0^^$0|@$1|2|3|4|5|6|7|D|8|@]|9|@]|A|$]]|$1|B|3|-4|5|6|7|E|8|@]|9|@]|A|$]]]|C|$]]

I've used Tripwire before. It worked really well. ...its not freeware.
You could find some good options by searching the term "IDS" or "Intrusion Detection System"

blocks|key|482306|text|我赞同上面Joel+L的建议--通常，任何cron作业输出都会通过电子邮件发送到您在设置cron作业时选择的地址。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|482307|如果你很少改变主题或插件，那么这是一个很好的选择。|482308|当您进行更改时，您可以只更新“基线”校验和值。|482309|我需要检查静音尖叫器插件，不过，这可能是最好的。|482310|entityMap^0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|J|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|K|8|@]|9|@]|A|$]]|$1|D|3|E|5|6|7|L|8|@]|9|@]|A|$]]|$1|F|3|G|5|6|7|M|8|@]|9|@]|A|$]]|$1|H|3|-4|5|6|7|N|8|@]|9|@]|A|$]]]|I|$]]

I second the suggestion of Joel L above - usually any cron job output is emailed to the address you pick when you set up the cron job. 

If you rarely change themes or plugins, then this is a good way to go. 

When you do make a change, you can just update the "baseline" checksum values. 

I need to check out the mute screamer plugin, though, that may be best.

blocks|key|482099|text|最好的免费和开源的网络应用入侵防御系统(如在网络应用防火墙中)是Mod_Security。但任何系统都无法阻止这一切。尤其是Wordpress，因为它的不安全而获得了pwnie+award奖。我会认真考虑放弃Wodrpess，转而使用其他博客引擎。|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|482100|如果你在一个共享主机环境中，另一个最适合的选择是使用PHP-IDS。这个名字有点欺骗性，它实际上是一个基于IPS的正则表达式。PHP-IDS使用的所有正则表达式都已移植到Mod_Security。Mod_Security提供了更好的保护(Ips)和日志记录(Ids)级别。|482101|entityMap|0|LINK|mutability|MUTABLE|url|http://www.modsecurity.org/|1|http://pwnie-awards.org/2008/awards.html|2|http://php-ids.org/^0|W|C|0|2B|B|1|0|Q|7|2|0^^$0|@$1|2|3|4|5|6|7|R|8|@]|9|@$A|S|B|T|1|U]|$A|V|B|W|1|X]]|C|$]]|$1|D|3|E|5|6|7|Y|8|@]|9|@$A|Z|B|10|1|11]]|C|$]]|$1|F|3|-4|5|6|7|12|8|@]|9|@]|C|$]]]|G|$H|$5|I|J|K|C|$L|M]]|N|$5|I|J|K|C|$L|O]]|P|$5|I|J|K|C|$L|Q]]]]

The best free and open source Intrusion Prevention System (IPS) for web application (as in a Web Application Firewall WAF) is <a href="http://www.modsecurity.org/" rel="nofollow noreferrer">Mod_Security</a>. But no system will stop it all. Espically with Wordpress because it won a <a href="http://pwnie-awards.org/2008/awards.html" rel="nofollow noreferrer">pwnie award</a> for being so insecure. I would think seriously about ditching Wodrpess for any other blog engine.

Another option which is best suited if you are in a shared hosting enviroment is to use <a href="http://php-ids.org/" rel="nofollow noreferrer">PHP-IDS</a>. The name is a bit deceptive, its actually a regular expression based IPS. All of the regular expressions used by PHP-IDS have been ported to Mod_Security. Mod_Security provides a much better level of protection(ips) and logging(ids).

blocks|key|835385|text|我最初在一篇关于菜鸟答案的评论中写下了这篇文章，但它可能会迷失在那些嘈杂的声音中；|type|unstyled|depth|inlineStyleRanges|entityRanges|data|835386|tripwire+phpid确实看起来很有趣，因为它可以在共享服务器托管环境中使用，而这通常不会是|835387|或mod_security的情况。|blockquote|835388|835389|有趣的是，there+is+a+wordpress+++plugin+which+nicely+integrates+(an+++older+version+of)+phpids+in+++wordpress，所以这可能值得研究一下。|offset|length|835390|entityMap|0|LINK|mutability|MUTABLE|url|http://blogsecurity.net/wordpress/wpids-v012-officially-released^0|0|0|0|0|5|2R|0|0^^$0|@$1|2|3|4|5|6|7|T|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|U|8|@]|9|@]|A|$]]|$1|D|3|E|5|F|7|V|8|@]|9|@]|A|$]]|$1|G|3|-4|5|6|7|W|8|@]|9|@]|A|$]]|$1|H|3|I|5|6|7|X|8|@]|9|@$J|Y|K|Z|1|10]]|A|$]]|$1|L|3|-4|5|6|7|11|8|@]|9|@]|A|$]]]|M|$N|$5|O|P|Q|A|$R|S]]]]

i originally wrote this in a comment on the rook's answer, but it might get lost in all that noise;

<blockquote>
 phpids indeed looks interesting as it can 
 be used in a shared server hosting
 environment, which in general will 
 not be the case for tripwire or mod_security.
 
 interestingly, <a href="http://blogsecurity.net/wordpress/wpids-v012-officially-released" rel="nofollow noreferrer">there is a wordpress
 plugin which nicely integrates (an
 older version of) phpids in
 wordpress</a>, so that might be worth
 looking into.
</blockquote>

blocks|key|4263593|text|我认为这可能是因为WordPress的安全漏洞一旦被发现就会很快被修补。这确实意味着任何运行安装的人都必须关注新版本，并尽快安装它们。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|4263594|entityMap^0|0^^$0|@$1|2|3|4|5|6|7|D|8|@]|9|@]|A|$]]|$1|B|3|-4|5|6|7|E|8|@]|9|@]|A|$]]]|C|$]]

Rook: I think it is probably because WordPress security flaws get patched quickly once discovered. This do mean that anyone running an install must watch for new releases and install them as quickly as they can.

blocks|key|482279|text|你可以使用subversion/git/etc对站点进行版本控制--做一个简单的'svn+status‘或'git+status’就能让你知道源文件是否发生了变化--但是它显然不会捕捉到有人可能对数据库内容所做的任何修改，而且当有人更新插件(或wordpress本身)时，它会变得有点混乱--因为很多东西都会发生变化。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|482280|entityMap^0|0^^$0|@$1|2|3|4|5|6|7|D|8|@]|9|@]|A|$]]|$1|B|3|-4|5|6|7|E|8|@]|9|@]|A|$]]]|C|$]]

You could version the site with subversion/git/etc - doing a simple 'svn status' or 'git status' would allow you to tell if the source files had changed - however it obviously won't catch any modifications someone may have made to the database content, and it'll get a little messy when someone updates plugins (or wordpress itself) - as so much will have changed.

blocks|key|835471|text|了解http://www.guardio.net正常运行时间和文件完整性监视|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|835472|entityMap|0|LINK|mutability|MUTABLE|url|http://www.guardio.net/^0|2|M|0|0^^$0|@$1|2|3|4|5|6|7|L|8|@]|9|@$A|M|B|N|1|O]]|C|$]]|$1|D|3|-4|5|6|7|P|8|@]|9|@]|C|$]]]|E|$F|$5|G|H|I|C|$J|K]]]]

take a look at <a href="http://www.guardio.net" rel="nofollow">http://www.guardio.net</a> uptime and file integrity monitoring

With the current <a href="http://wordpress.org/development/2010/04/file-permissions/" rel="nofollow noreferrer">issues with Network Solutions sites being hacked</a>, I'm in need of a tool (preferably freeware) that I can install into my site and it will email me the second a file change/update occurs.

Any recommendations welcome :)

This site is on a shared server hosting package.

Intrusion Detection System for WordPress sites

翻译质量差，导致语言生硬或混乱。

没有提供实际的解决方法或示例。

解答不清晰，无法理解或解决问题。

页面排版不美观，阅读体验差。

文章

问答

视频

教程

学习中心

腾讯云实验室

直播

竞赛

腾讯云代码分析专区

腾讯iOA零信任安全管理系统专区

腾讯云架构师技术同盟交流圈

腾讯云数据库专区

腾讯云智能顾问专区

腾讯云原生专区

腾讯混元专区

腾讯云TCE专区

腾讯云Lighthouse专区

腾讯云HAI专区

腾讯云Edgeone专区

腾讯云存储专区

腾讯云智能专区

腾讯轻联专区 

腾讯云开发专区

TAPD专区

腾讯轻量云游戏服专区

腾讯云最具价值专家

腾讯云架构师技术同盟

腾讯云创作之星

腾讯云开发者先锋

腾讯云AI代码助手

云原生构建

TAPD 敏捷项目管理

Cloud Studio

SDK中心

API中心

命令行工具

功能1上新10个字符

功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符。

功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符。

功能5描述100个字符功能5描述100个字符功能5描述100个字符功能5描述100个字符功能5描述100个字符功能5描述100个字符

功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符

功能4上新

文章&问答评论现已支持表情

全新交互，全新视觉，新增快捷键、悬浮工具栏、高亮块等功能并同时优化现有功能，全面提升创作效率和体验

社区富文本编辑器全新改版！诚邀体验～ 

精选全网热门MCP server，让你的AI更好用 🚀

💥开发者 MCP广场重磅上线！

涵盖代码开发、场景应用、自动测试全流程，助你从零构建专属AI助手

一站式MCP教程库，解锁AI应用新玩法

聚焦“写作效率、视觉美观与运行性能”三方面进行全面升级，为您提供更高效、稳定的创作环境

社区富文本&Markdown编辑器全新改版上线，欢迎大家体验!

诚挚邀请您参与本次调研，分享您的真实使用感受与建议。您的反馈至关重要，感谢您的支持与参与！

社区新版编辑器体验调研

有了目前的，我需要一个工具(最好是免费软件)，我可以安装到我的网站上，它会在文件更改/更新发生的第二时间给我发电子邮件。欢迎任何建议:)此网站位于共享服务器托管包上。

问面向WordPress站点的入侵检测系统
EN

回答 9

Stack Overflow用户

Stack Overflow用户

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问面向WordPress站点的入侵检测系统EN

回答 9

Stack Overflow用户

Stack Overflow用户

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问面向WordPress站点的入侵检测系统
EN