beginner-wordpress-user/subtitles/7 Tips to improve website security.bilingual.en-zh.srt

1
00:00:00,000 --> 00:00:03,316
欢迎使用 Learn WordPress。
Welcome to Learn WordPress.

2
00:00:03,316 --> 00:00:06,000
我们来谈谈提升网站安全的 7 个技巧。
Let's talk about 7 tips to improve website security.

3
00:00:06,000 --> 00:00:11,000
第一，为您的登录使用密码管理器和安全密码。
Number one, use a password manager and secure passwords for your logins.

4
00:00:11,000 --> 00:00:17,000
像 OnePassword 和 Bitwarden 这样的密码管理器值得探索。
Password managers such as OnePassword and Bitwarden are worth exploring.

5
00:00:17,000 --> 00:00:22,000
不幸的是，安全漏洞最常见的领域之一往往是人为因素。
One of the most common areas for security failure is unfortunately the human one.

6
00:00:22,000 --> 00:00:24,700
任何两个密码都不应相同，
No two passwords should ever be the same

7
00:00:24,700 --> 00:00:31,000
并确保密码长度至少为 10 到 12 个字符，且包含数字和符号。
and ensure passwords are at least 10 to 12 characters and include numbers and symbols.

8
00:00:31,000 --> 00:00:36,000
并且记住，永远不要使用 admin 作为用户名。
And remember, never use admin as a username.

9
00:00:36,000 --> 00:00:39,636
密码管理器能安全地存储您的密码，
Password managers store your passwords securely

10
00:00:39,636 --> 00:00:46,000
并允许您为每次登录生成唯一的安全密码，而无需记住每一个。
and allow you to generate unique secure passwords for each login without needing to remember each one.

11
00:00:46,000 --> 00:00:49,000
第二，使用双重认证。
Number two, use a two-factor authentication.

12
00:00:49,000 --> 00:00:54,600
双重认证能显著增强您 WordPress 站点的安全性，
Two-factor authentication can significantly enhance the security of your WordPress site

13
00:00:54,600 --> 00:00:58,000
它为登录过程增加了一层额外的保护。
by adding an extra layer of protection to the login process.

14
00:00:58,000 --> 00:01:00,767
这样一来，即使他人获取了您的密码，
This way, even if someone else gets your password,

15
00:01:00,767 --> 00:01:05,000
在没有第二重认证的情况下，他们仍然无法登录您的账号。
they still can't log into your account without that second factor.

16
00:01:05,000 --> 00:01:07,250
双重认证看似一小步，
Two-factor authentication may seem like a small step,

17
00:01:07,250 --> 00:01:14,000
但它能极大提升您在线账号的安全性，并有助于保护您的个人信息。
but it can greatly improve the security of your online accounts and help protect your personal information.

18
00:01:14,000 --> 00:01:25,000
您可以搜索双重认证插件，例如 WP2FA、Two-Factor Authentication 或 MiniOrange 的 Google Authenticator。
You can search for a two-factor authentication plugin such as WP2FA, two-factor authentication or Mini-Orange's Google Authenticator.

19
00:01:25,000 --> 00:01:29,129
一些安全插件也包含双重认证功能，
Some security plugins also include two-factor authentication,

20
00:01:29,129 --> 00:01:33,000
但我们稍后会详细讨论安全插件。
but we will talk more about security plugins in a minute.

21
00:01:33,000 --> 00:01:36,000
第三，始终审查您的用户基础。
Number three, always review your user base.

22
00:01:36,000 --> 00:01:41,000
移除不必要的用户，并对管理员用户保持高度选择性。
Remove unnecessary users and be very selective of admin users.

23
00:01:41,000 --> 00:01:44,000
我们转到仪表盘中的用户管理。
Let's make our way to users in the dashboard.

24
00:01:44,000 --> 00:01:48,000
编辑、作者和贡献者等用户角色应受到监控。
User roles such as editors, authors and contributors should be monitored.

25
00:01:48,000 --> 00:01:53,000
通常，管理员角色仅保留给网站所有者。
Typically, the administrative role is reserved for the website's owner.

26
00:01:53,000 --> 00:02:01,000
移除不必要的用户将最小化攻击者可利用的潜在攻击面或入口点。
Removing unnecessary users will minimize the potential attack surface or entry points that attackers can exploit.

27
00:02:01,000 --> 00:02:10,000
第四，只安装来自可信开发者的插件和主题，并卸载你不使用的。
Number four, only install plugins and themes from trust to developers and uninstall what you are not using.

28
00:02:10,000 --> 00:02:16,000
要评估主题或插件的可靠性，有几项内容需要检查。
To assess the reliability of a theme or plugin, there are a few things to review.

29
00:02:17,000 --> 00:02:20,000
检查用户反馈和评价。
Check user feedback and reviews.

30
00:02:20,000 --> 00:02:23,000
注意它的最后更新时间。
Note when it was last updated.

31
00:02:23,000 --> 00:02:28,935
查看其活跃安装数量，探索其支持服务和文档，
Look at the number of active installs, explore their support and documentation

32
00:02:28,935 --> 00:02:36,000
并再次确认它与 WordPress 最新版本兼容。
and double check that it is compatible with the latest version of WordPress.

33
00:02:36,000 --> 00:02:40,500
第五，保持你的插件和主题为最新版本，
Number five, keep your plugins and themes up to date

34
00:02:40,500 --> 00:02:44,000
并记得在更新前备份你的网站。
and remember to back up your site before updating.

35
00:02:44,000 --> 00:02:46,000
但你可能想问为什么。
But you might be asking why.

36
00:02:46,000 --> 00:02:51,220
保持你的 WordPress 主题和插件为最新版本很重要，
Keeping your WordPress themes and plugins up to date is important

37
00:02:51,220 --> 00:02:55,000
这关系到维护你网站的安全、稳定性和兼容性。
for maintaining the security, stability and compatibility of your site.

38
00:02:55,000 --> 00:02:59,263
更新通常包含修复软件漏洞的安全补丁，
Updates often include security patches that fix vulnerabilities in software

39
00:02:59,263 --> 00:03:04,000
以及修复可能导致你网站故障或崩溃的错误。
as well as bug fixes that could cause your site to malfunction or break.

40
00:03:04,000 --> 00:03:11,000
这些错误也可能被攻击者利用，以获取对你网站的未授权访问。
These bugs could also potentially be exploited by attackers to gain unauthorized access to your site.

41
00:03:11,000 --> 00:03:16,385
通过保持你的网站为最新状态，你可以确保你的网站受到保护，
By keeping your website up to date, you can ensure that your site is protected against the latest security threats

42
00:03:16,385 --> 00:03:21,000
免受最新安全威胁，并能与最新的网络技术顺畅运行。
and runs smoothly with the latest web technologies.

43
00:03:24,000 --> 00:03:31,222
第六，安装一个安全插件，例如 WordFence、Jetpack Security 或 iThemes，
Number six, install a security plugin like WordFence, Jetpack Security or iThemes

44
00:03:31,222 --> 00:03:34,000
它会扫描你的网站，查找任何已报告的漏洞。
that will scan your site for any reported vulnerabilities.

45
00:03:34,000 --> 00:03:37,915
插件目录中还有许多其他可用的插件值得探索，
There are also many other plugins available in the plugins directory worth exploring

46
00:03:37,915 --> 00:03:45,000
例如 patch stack、all-in-one security 等等。
such as patch stack, all-in-one security, etc.

47
00:03:45,000 --> 00:03:50,682
网站安全插件可以帮助保护你的网站免受常见网络威胁，
A website security plugin can help protect your website from common cyber threats,

48
00:03:50,682 --> 00:03:55,000
屏蔽恶意流量，并提醒你潜在的安全问题。
block malicious traffic and alert you to potential security issues.

49
00:03:55,000 --> 00:04:02,000
本质上，安全插件将帮助你维护网站的安全性和完整性。
In essence, a security plugin will help you maintain the security and integrity of your website.

50
00:04:02,000 --> 00:04:07,000
最后是第七点，为更高级的用户准备的内容。
And finally number seven, something for more advanced users.

51
00:04:07,000 --> 00:04:14,192
关注以安全为中心的博客，例如 patch stack、WP scan 或 blog.security，
Follow security-focused blogs like patch stack, WP scan or blog.security

52
00:04:14,192 --> 00:04:18,000
它们会报告任何有可用更新的新漏洞以及新出现的网络威胁。
which report any new vulnerabilities for which there are updates as well as emerging web threats.

53
00:04:18,000 --> 00:04:21,000
此外，还有一些其他步骤值得探索。
Then there are also some other steps worth exploring.

54
00:04:21,000 --> 00:04:23,333
第一，选择一个可靠的网络主机。
Firstly, choosing a reliable web host.

55
00:04:23,333 --> 00:04:28,950
第二，如果你的主机尚未安装，请安装一个 SSL 证书，
Secondly, installing an SSL certificate if your host has not already installed one

56
00:04:28,950 --> 00:04:35,000
这将允许你启用 HTTPS，确保信息不以纯文本形式传输。
which will allow you to enable HTTPS which ensures that no information is passed in plain text.

57
00:04:35,000 --> 00:04:42,000
第三，使用垃圾评论检测器，特别是如果你有博客或在文章上允许评论。
And thirdly, using a spam detector, especially if you have a blog or allow comments on posts.

58
00:04:42,000 --> 00:04:47,000
祝你顺利保持网站的安全。
All the best keeping your site safe and secure.