æ次
幎éïŒSave20%ïŒ
ããŒã·ãã¯
$15$0æé¡
æã人æ°
æšæº
$55$5æé¡
ãã
$99$29æé¡
ããŒã·ãã¯
$150$0幎é
æã人æ°
æšæº
$550$50幎é
ãã
$990$290幎é
ãããã質å
Open Web Application Security Project® (OWASP) ã¯ããœãããŠã§ã¢ ã»ãã¥ãªãã£ã®åäžãç®çãšããéå¶å©å£äœã§ããOWASP Foundation ã¯ãWeb ãä¿è·ããããã®éçºè
ãæè¡è
ã®æ ç¹ã§ãããäžçäžã«æ°çŸã®å°åæ¯éšãæ°äžäººã®äŒå¡ãæããæè²ããã³ãã¬ãŒãã³ã° ã«ã³ãã¡ã¬ã³ã¹ãäž»å°ããŠããŸãã
OWASP Top 10 ã¯ãWeb ã¢ããªã±ãŒã·ã§ã³ã®ã»ãã¥ãªãã£è匱æ§ãæŠèª¬ãããé »ç¹ã«æŽæ°ãããã¬ããŒãã§ãæãé倧㪠10 ã®è åšã«çŠç¹ãåœãŠãŠããŸãããã®èª¿æ»ã¯ãäžçäžã®ã»ãã¥ãªãã£å°é家ã®ããŒã ããŸãšããŸãããOWASP ã§ã¯ Top 10 ããèªèææžããšåŒãã§ãããçµç¹ã§ã¯ãã»ãã¥ãªãã£ã®è åšãåé¿ãŸãã¯è»œæžããããã«ããã¹ãŠã®äŒæ¥ããã®ã¬ããŒããæé ã«çµã¿èŸŒãããšãæšå¥šããŠããŸãã
ææ°ã® OWASP ããã 10 ãªã¹ãã¯ããã¡ããã芧ãã ããã https://owasp.org/Top10/
OWASP Top 10 ã¯ãWeb ã¢ããªã±ãŒã·ã§ã³ã®ã»ãã¥ãªãã£è匱æ§ãæŠèª¬ãããé »ç¹ã«æŽæ°ãããã¬ããŒãã§ãæãé倧㪠10 ã®è åšã«çŠç¹ãåœãŠãŠããŸãããã®èª¿æ»ã¯ãäžçäžã®ã»ãã¥ãªãã£å°é家ã®ããŒã ããŸãšããŸãããOWASP ã§ã¯ Top 10 ããèªèææžããšåŒãã§ãããçµç¹ã§ã¯ãã»ãã¥ãªãã£ã®è åšãåé¿ãŸãã¯è»œæžããããã«ããã¹ãŠã®äŒæ¥ããã®ã¬ããŒããæé ã«çµã¿èŸŒãããšãæšå¥šããŠããŸãã
ææ°ã® OWASP ããã 10 ãªã¹ãã¯ããã¡ããã芧ãã ããã https://owasp.org/Top10/
æ°æé以å
ã«ããŒããã€è匱æ§ãå«ãææ°ã®ãªã³ã©ã€ã³è匱æ§ãæ€åºããé²åŸ¡ããŸããè匱æ§ãæåã§ä¿®æ£ããå¿
èŠã¯ãããŸããã
è€æ°ã®ã¬ãã«ã®ããã©ã«ãä¿è·ã«ãŒã«ãã«ã¹ã¿ã ä¿è·ããªã·ãŒãã¹ãããã« ããªã·ãŒãCAPTCHA æ€èšŒãããã³ããã㯠ããªã·ãŒãæ¡çšããããšã§ãHTTP ãã©ããæ»æã軜æžããŸãã
è€æ°ã®ã¬ãã«ã®ããã©ã«ãä¿è·ã«ãŒã«ãã«ã¹ã¿ã ä¿è·ããªã·ãŒãã¹ãããã« ããªã·ãŒãCAPTCHA æ€èšŒãããã³ããã㯠ããªã·ãŒãæ¡çšããããšã§ãHTTP ãã©ããæ»æã軜æžããŸãã
匷åãšã¯ãã·ã¹ãã ã®è匱æ§ã®è¡šé¢ç©ãæå°éã«æããŠã·ã¹ãã ãä¿è·ããè¡çºã§ããè匱æ§ã¯ãã·ã¹ãã ãå®è¡ããæ©èœãå¢ããã»ã©å€§ãããªããŸããäžè¬çã«ãåäžæ©èœã®ã·ã¹ãã ã¯ãå€æ©èœã®ã·ã¹ãã ãããå®å
šã§ããããã©ã«ãã®ãã¹ã¯ãŒãã®å€æŽãäžèŠãªãœãããŠã§ã¢ã®åé€ãäžèŠãªãŠãŒã¶ãŒããã°ã€ã³ã®åé€ãäžèŠãªãµãŒãã¹ã®ç¡å¹åãŸãã¯åé€ã¯ãã¹ãŠãã¢ã¯ã»ã¹å¯èœãªæ»æãã¯ãã«ãæžããããã®ã¢ãããŒãã®äŸã§ãã
1. ãµã€ããŒè
åšããã®ä¿è·: ãã¡ã€ã¢ãŠã©ãŒã«ã¯ããã«ãŠã§ã¢ãXSSãSQL ã€ã³ãžã§ã¯ã·ã§ã³ãªã©ã®ããŸããŸãªãµã€ããŒæ»æãã WordPress ãµã€ããä¿è·ããã®ã«åœ¹ç«ã¡ãŸãã
2. è匱æ§ã®è»œæž: ãã©ã°ã€ã³ãããŒãã®æ¢ç¥ã®è匱æ§ãä¿®æ£ããæªçšããããªã¹ã¯ã軜æžããŸãã
3. ããã©ãŒãã³ã¹ã®æé©å: ã»ãã¥ãªã㣠ããã»ã¹ãã¯ã©ãŠãããŒã¹ã®ãã¡ã€ã¢ãŠã©ãŒã«ã«ãªãããŒããããšããµãŒããŒã®è² è·ã軜æžãããWeb ãµã€ãã®ããã©ãŒãã³ã¹ãåäžããŸãã
4. ãªã¢ã«ã¿ã€ã æŽæ°: ãã¡ã€ã¢ãŠã©ãŒã«ã¯ãæ°ããªè åšããé²åŸ¡ããããã«ãªã¢ã«ã¿ã€ã ã®æŽæ°ãæäŸããŸãã
5. 24æé365æ¥ã®ã»ãã¥ãªãã£ç£èŠ: ç¶ç¶çãªç£èŠãšä¿è·ã«ããããµã€ã㯠24 æéäœå¶ã§å®å šã«ä¿ãããŸãã
ãŸããŸãæµå¯Ÿçã«ãªããªã³ã©ã€ã³ç°å¢ã«ãããŠãWordPress ãµã€ãã®ã»ãã¥ãªãã£ãšæŽåæ§ãç¶æããã«ã¯ããã¡ã€ã¢ãŠã©ãŒã«ã®äœ¿çšãäžå¯æ¬ ã§ãã
2. è匱æ§ã®è»œæž: ãã©ã°ã€ã³ãããŒãã®æ¢ç¥ã®è匱æ§ãä¿®æ£ããæªçšããããªã¹ã¯ã軜æžããŸãã
3. ããã©ãŒãã³ã¹ã®æé©å: ã»ãã¥ãªã㣠ããã»ã¹ãã¯ã©ãŠãããŒã¹ã®ãã¡ã€ã¢ãŠã©ãŒã«ã«ãªãããŒããããšããµãŒããŒã®è² è·ã軜æžãããWeb ãµã€ãã®ããã©ãŒãã³ã¹ãåäžããŸãã
4. ãªã¢ã«ã¿ã€ã æŽæ°: ãã¡ã€ã¢ãŠã©ãŒã«ã¯ãæ°ããªè åšããé²åŸ¡ããããã«ãªã¢ã«ã¿ã€ã ã®æŽæ°ãæäŸããŸãã
5. 24æé365æ¥ã®ã»ãã¥ãªãã£ç£èŠ: ç¶ç¶çãªç£èŠãšä¿è·ã«ããããµã€ã㯠24 æéäœå¶ã§å®å šã«ä¿ãããŸãã
ãŸããŸãæµå¯Ÿçã«ãªããªã³ã©ã€ã³ç°å¢ã«ãããŠãWordPress ãµã€ãã®ã»ãã¥ãªãã£ãšæŽåæ§ãç¶æããã«ã¯ããã¡ã€ã¢ãŠã©ãŒã«ã®äœ¿çšãäžå¯æ¬ ã§ãã
ã¯ããWP-Firewall ã¯ãµãŒãã¹ãéããŠãä»®æ³ãããããæäŸããŠããŸãããã®ãã©ãããã©ãŒã ã¯ãè匱ãªãã©ã°ã€ã³ããã®ä»ã®ãµã€ã ã³ã³ããŒãã³ããèªåçã«ä¿®æ£ããå°æ¥ã®åé¡çºçã®å¯èœæ§ãæžããã®ã«åœ¹ç«ã¡ãŸãããã®æ©èœã¯ãããåºç¯ãªãããããã³åŒ·åãµãŒãã¹ã®äžéšã§ãããããŸããŸãªãµã€ããŒè
åšã«å¯Ÿããå
æ¬çãªä¿è·ãä¿èšŒããŸãã
WP ãã¡ã€ã¢ãŠã©ãŒã« ã¯ãXSS/SQL ã€ã³ãžã§ã¯ã·ã§ã³ãæªæã®ããã¢ã¯ãã£ããã£ãªã©ã®ããŸããŸãªãµã€ããŒè
åšãã WordPress ãŠã§ããµã€ããä¿è·ããããã«ç¹å¥ã«èšèšãããã¯ã©ãŠãããŒã¹ã® Web ã¢ããªã±ãŒã·ã§ã³ ãã¡ã€ã¢ãŠã©ãŒã« (WAF) ã§ãã
WP-Firewall ã¯ãã»ãã¥ãªã㣠ããã»ã¹ãã¯ã©ãŠãã«ãªãããŒãããããšã§åäœããVM ãªãœãŒã¹ãæ¶è²»ããã« Web ãµã€ããä¿è·ããŸãããã¡ã€ã¢ãŠã©ãŒã« ã«ãŒã«ããªã¢ã«ã¿ã€ã ã§æŽæ°ããŠãæ¢ç¥ã®è匱æ§ã軜æžããŸãã
– å
æ¬çãªä¿è·: OWASP ããã 10 ã®è匱æ§ãšãŒããã€æ»æããä¿è·ããŸãã
â èªåãããé©çš: è匱ãªãã©ã°ã€ã³ãšãµã€ã ã³ã³ããŒãã³ããå³åº§ã«ä¿®æ£ããŸãã
â 24æé365æ¥ãµããŒã: å°çšã®ã»ãã¥ãªã㣠ãªãã¬ãŒã·ã§ã³ ã»ã³ã¿ãŒã«ãã£ãŠãµããŒããããŸãã
â èªåãããé©çš: è匱ãªãã©ã°ã€ã³ãšãµã€ã ã³ã³ããŒãã³ããå³åº§ã«ä¿®æ£ããŸãã
â 24æé365æ¥ãµããŒã: å°çšã®ã»ãã¥ãªã㣠ãªãã¬ãŒã·ã§ã³ ã»ã³ã¿ãŒã«ãã£ãŠãµããŒããããŸãã
WP-Firewallã¯ã以äžã®ãµã€ãã«ãã詳现ãªã€ã³ã¹ããŒã«ã¬ã€ãã«åŸã£ãŠã€ã³ã¹ããŒã«ã§ããŸãã ããã¥ã¡ã³ãããŒãž.
ã¯ããWP-Firewall ã¯åºæ¬çãªã»ãã¥ãªãã£æ©èœãå«ãç¡æãã©ã³ãæäŸããŠããŸãã ç¡æãã©ã³ã®è©³çŽ°ã«ã€ããŠã¯ãã¡ããã¯ãªãã¯ããŠã確èªãã ããã
ããé«åºŠãªä¿è·ã®ããã«ãããŸããŸãªææãã©ã³ãçšæãããŠããŸãã
ããé«åºŠãªä¿è·ã®ããã«ãããŸããŸãªææãã©ã³ãçšæãããŠããŸãã
ã¯ããWP-Firewall ã§ã¯ãæ°èŠãŠãŒã¶ãŒããµãŒãã¹ãè©äŸ¡ããããã7 æ¥éã®ç¡æãã©ã€ã¢ã«ãæäŸããŠããŸãã
ã¯ããWP-Firewall ã¯ã匷åãªã¯ã©ãŠãããŒã¹ã®ã»ãã¥ãªã㣠ãœãªã¥ãŒã·ã§ã³ã«ããã倧äŒæ¥ãå«ãããããèŠæš¡ã® Web ãµã€ããæ¡åŒµããã³ä¿è·ããããã«èšèšãããŠããŸãã
詳ããæ å ±ã«ã€ããŠã¯ã ä»ãããåãåãããã ããã
詳ããæ å ±ã«ã€ããŠã¯ã ä»ãããåãåãããã ããã
WP-Firewall ã¯ãã¯ãã¹ãµã€ã ã¹ã¯ãªããã£ã³ã° (XSS)ãSQL ã€ã³ãžã§ã¯ã·ã§ã³ããã«ãŒã ãã©ãŒã¹æ»æããã®ä»ã®äžè¬ç㪠Web è匱æ§ãå«ããOWASP ããã 10 ã®è匱æ§ãšãŒããã€æ»æããä¿è·ããŸãã
ãã«ãã質åãããå Žåã¯ãé£çµ¡å
ããŒãžãã WP-Firewall ãµããŒãã«åãåãããããšãã§ããŸããStandard ãŸã㯠PRO ãã©ã³ã®å å
¥è
ã®å Žåã¯ãWordPress 管çããŒã¿ã«ã® WP-Firewall ãã©ã°ã€ã³ ããŒãž (äŸ: yoursitedomain.com/wp-admin) ã§çŽæ¥ãµããŒã ãã±ãããçºè¡ã§ããŸãã