garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added wp hardening tips link

ethicalhack3r
2012-07-17 12:26:11 -07:00
parent c4f4d8d850
commit a993fc0808
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
WordPress-Security-Tips.md

@@ -81,3 +81,5 @@ Attackers may use search engines to find potential vulnerable victims. By removi
21. Enable X-Frame-Options for unauthenticated users. 21. Enable X-Frame-Options for unauthenticated users.
WordPress in recent versions uses the 'X-Frame-Options' HTTP header for privileged users to tell the browser where HTML frames are allowed to be loaded from. This isn't however set for unauthenticated users, allowing for potential [ClickJacking](https://www.owasp.org/index.php/Clickjacking) attacks. WordPress in recent versions uses the 'X-Frame-Options' HTTP header for privileged users to tell the browser where HTML frames are allowed to be loaded from. This isn't however set for unauthenticated users, allowing for potential [ClickJacking](https://www.owasp.org/index.php/Clickjacking) attacks.
For further WordPress hardening tips see: [http://codex.wordpress.org/Hardening_WordPress](http://codex.wordpress.org/Hardening_WordPress)