Paul Gilzow (wpDirAuth, Presentation)
Locking down recon to reduce ability to detect (fingerprint) what’s running.
https://builtwith.com/ualr.edu
https://wpscan.org/
Counter measures
Use apache mod_authz
File protection
- protect wp-content (no reason for php files to be able to be directly executed in wp-content, implicitly deny everything and whitelist things that are allowed—things that need to be downloaded as web assets for the browser)
- protect wp-includes (deny everything except wp-tinymce
- protect wp-admin (lock to ip ranges? except for admin-ajax.php?)
- protect the root directory (lock wp-login.php to ip ranges, block xmlrpc, readme, license)
User protection
- disable the redirect from ?author=# to pretty permalinks
- remove permalink from author profile page output
- remove user-specific class
- modify WordPress’s overly informative error messages to force a default error message
- USE SSO for your auth instead of local accounts!
[IDEA] use git to roll through a history of commits to incrementally show changes for a presentation