{"id":887,"date":"2015-08-26T11:54:41","date_gmt":"2015-08-26T09:54:41","guid":{"rendered":"http:\/\/www.ub.edu\/tecnicweb\/?p=887"},"modified":"2021-05-11T09:56:39","modified_gmt":"2021-05-11T07:56:39","slug":"atacs-ddos-a-wordpress","status":"publish","type":"post","link":"https:\/\/www.ub.edu\/tecnicweb\/atacs-ddos-a-wordpress\/","title":{"rendered":"Atacs DDoS a WordPress"},"content":{"rendered":"<p>Un atac DDoS (de l&#8217;angl\u00e8s <em>distribute<\/em> <i>denial-of-service attack) <\/i>o atac de denegaci\u00f3 de servei consisteix\u00a0 en atacar a un servidor web mitjan\u00e7ant m\u00faltiples peticions err\u00f2nies, fent servir un bon nombre de m\u00e0quines atacants, per tal que el servidor augmenti el seu temps de processador i\u00a0 aix\u00ed deixi de donar servei, ja que es quedar\u00e0 sense recursos.<\/p>\n<p>En WordPress existeix el servei XML-RPC, que est\u00e0 actiu per defecte, que fa que qualsevol WordPress pugui patir un atac d&#8217;aquestes caracter\u00edstiques.<\/p>\n<p>Aquest servei XML-RPC s&#8217;utilitza b\u00e0sicament per a publicaci\u00f3 de WordPress des de dispositius m\u00f2bils i, si no s&#8217;utilitza aquesta capacitat, es recomana la seva deshabilitaci\u00f3 pels motius anteriors.<\/p>\n<p>Per deshabilitar el servei\u00a0XML-RPC existeixen varis sistemes entre ells la utilitzaci\u00f3 de plugins de seguretat que ens permeten administrar diferents caracter\u00edstiques amb l&#8217;objectiu de securitzar el nostre WordPress d&#8217;una forma gr\u00e0fica i unificada. Aix\u00ed per exemple est\u00e0:<\/p>\n<p><a href=\"https:\/\/wordpress.org\/plugins\/better-wp-security\/\">iThemes Security<\/a><\/p>\n<p>que en el seu apartat WordPress Tweaks permet deshabilitar completament el servei XML-RPC o tan sols algunes de les seves opcions.<\/p>\n<p>Podeu trobar m\u00e9s informaci\u00f3 sobre recomanacions de seguretat en WordPress a:<\/p>\n<p><a href=\"https:\/\/www.ub.edu\/tecnicweb\/guia-de-seguretat-en-wordpress\/\">https:\/\/www.ub.edu\/tecnicweb\/guia-de-seguretat-en-wordpress\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Un atac DDoS (de l&#8217;angl\u00e8s distribute denial-of-service attack) o atac de denegaci\u00f3 de servei consisteix\u00a0 en atacar a un servidor web mitjan\u00e7ant m\u00faltiples peticions err\u00f2nies, fent servir un bon nombre de m\u00e0quines atacants, per tal que el servidor augmenti el seu temps de processador i\u00a0 aix\u00ed deixi de donar servei, ja que es quedar\u00e0 sense [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[44],"tags":[32,34,37],"class_list":["post-887","post","type-post","status-publish","format-standard","hentry","category-ajuda","tag-seguretat","tag-cms","tag-wordpress"],"_links":{"self":[{"href":"https:\/\/www.ub.edu\/tecnicweb\/wp-json\/wp\/v2\/posts\/887","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ub.edu\/tecnicweb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ub.edu\/tecnicweb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ub.edu\/tecnicweb\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ub.edu\/tecnicweb\/wp-json\/wp\/v2\/comments?post=887"}],"version-history":[{"count":7,"href":"https:\/\/www.ub.edu\/tecnicweb\/wp-json\/wp\/v2\/posts\/887\/revisions"}],"predecessor-version":[{"id":1376,"href":"https:\/\/www.ub.edu\/tecnicweb\/wp-json\/wp\/v2\/posts\/887\/revisions\/1376"}],"wp:attachment":[{"href":"https:\/\/www.ub.edu\/tecnicweb\/wp-json\/wp\/v2\/media?parent=887"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ub.edu\/tecnicweb\/wp-json\/wp\/v2\/categories?post=887"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ub.edu\/tecnicweb\/wp-json\/wp\/v2\/tags?post=887"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}