Security audit of website based on WordPress
Alto, Sergey (2017)
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2017053011039
https://urn.fi/URN:NBN:fi:amk-2017053011039
Tiivistelmä
This Bachelor’s thesis discovers how to check security level of website based on Word-Press content management system. Many websites are using WordPress CMS today; it means that security is the one of most important things to consider.
The main purpose was to collect information about possible ways of testing security level, how to predict different kind of attacks exist today and improve level of security protection.
The thesis consists of 3 parts:
Theory section, which consists of theoretical research of WordPress platform, its core com-ponents and discovering ways of possible attacks.
Empirical part, which includes information about possible attacks and security checks and design of a security testing cases.
Third part is implementation of previous part, which demonstrate methods and tools on the real website. Results are collecting and placing into final report that contains analysis of test outcomes and recommendations for security improvement. Work for thesis have done in time from March to May of 2017.
The material was collected as follows:
Online sources were used to collect ideas and build the plan of security audit.
Free and open-source tools have been used for practical implementation.
Finally, the conclusion of the thesis indicates achieved outcomes and evaluates project work.
The main purpose was to collect information about possible ways of testing security level, how to predict different kind of attacks exist today and improve level of security protection.
The thesis consists of 3 parts:
Theory section, which consists of theoretical research of WordPress platform, its core com-ponents and discovering ways of possible attacks.
Empirical part, which includes information about possible attacks and security checks and design of a security testing cases.
Third part is implementation of previous part, which demonstrate methods and tools on the real website. Results are collecting and placing into final report that contains analysis of test outcomes and recommendations for security improvement. Work for thesis have done in time from March to May of 2017.
The material was collected as follows:
Online sources were used to collect ideas and build the plan of security audit.
Free and open-source tools have been used for practical implementation.
Finally, the conclusion of the thesis indicates achieved outcomes and evaluates project work.