{"id":1076,"date":"2016-02-09T09:36:00","date_gmt":"2016-02-09T08:36:00","guid":{"rendered":"https:\/\/2016.prague.wordcamp.org\/?p=1076"},"modified":"2016-02-09T19:06:30","modified_gmt":"2016-02-09T18:06:30","slug":"rozhovor-vlada-smitka","status":"publish","type":"post","link":"https:\/\/prague.wordcamp.org\/2016\/rozhovor-vlada-smitka\/","title":{"rendered":"Rozhovor &#8211; Vl\u00e1\u010fa Smitka, bezpe\u010dnost a temn\u00e1 strana s\u00edly"},"content":{"rendered":"<p><a href=\"https:\/\/2016.prague.wordcamp.org\/speaker\/vladimir-smitka\/\">Vl\u00e1\u010fa Smitka<\/a> se star\u00e1 p\u0159edev\u0161\u00edm o s\u00edt\u011b a servery.\u00a0D\u00edky tomu p\u0159in\u00e1\u0161\u00ed do WordPress komunity jedine\u010dn\u00fd pohled na to, jak v\u011bci funguj\u00ed zevnit\u0159. Specializuje se zejm\u00e9na na bezpe\u010dnost a v\u00fdkon webov\u00fdch aplikac\u00ed a mohli jste o n\u011bm sly\u0161et nap\u0159\u00edklad d\u00edky jeho velk\u00e9mu pr\u016fzkumu <a href=\"http:\/\/lynt.cz\/blog\/wordpress-v-cz-velky-pruzkum\" rel=\"nofollow\">65 000 \u010desk\u00fdch WordPress web\u016f<\/a>.<\/p>\n<p><strong>U\u017e n\u011bkolikr\u00e1t jsme t\u011b vid\u011bli p\u0159edn\u00e1\u0161et o bezpe\u010dnosti. Za\u010dneme tedy ot\u00e1zkou na t\u011blo. Sv\u011btl\u00e1, nebo temn\u00e1 strana?<\/strong><\/p>\n<p><em>Jako jestli zranitelnosti vyu\u017e\u00edv\u00e1m ve sv\u016fj prosp\u011bch? Samoz\u0159ejm\u011b, \u017ee ano \ud83d\ude42 . Vyu\u017e\u00edv\u00e1m je k tomu, abych se pou\u010dil a m\u011bl o \u010dem p\u0159edn\u00e1\u0161et. A samoz\u0159ejm\u011b t\u00edm, \u017ee n\u011bkoho upozorn\u00edm na probl\u00e9m a poskytnu mu i n\u00e1vod k vy\u0159e\u0161en\u00ed situace, dokazuji, \u017ee bezpe\u010dnost u n\u00e1s ve firm\u011b nebereme na lehkou v\u00e1hu. Jinak si nemysl\u00edm, \u017ee bych temnou stranu s\u00edly n\u011bjak zneu\u017e\u00edval. Nap\u0159\u00edklad za posledn\u00ed m\u011bs\u00edc jsem nahl\u00e1sil p\u0159es 500 kritick\u00fdch zranitlenost\u00ed na \u010desk\u00fdch webech a jejich tv\u016frce a vlastn\u00edky jsem pozval na WordCamp. A dal\u0161\u00edch zhruba 500 mi k ozn\u00e1men\u00ed zb\u00fdv\u00e1, mus\u00edm jen dohledat kontakty, co\u017e je na t\u00e9to pr\u00e1ci bohu\u017eel to nejslo\u017eit\u011bj\u0161\u00ed.<\/em><\/p>\n<p><strong>To nen\u00ed v\u016fbec m\u00e1lo. Jak vlastn\u011b lid\u00e9 na tv\u00e9 ozn\u00e1men\u00ed reaguj\u00ed?<\/strong><\/p>\n<p><em>To m\u011b tro\u0161ku tr\u00e1p\u00ed&#8230; Pouze ve zhruba 5 % p\u0159\u00edpad\u016f mi p\u0159ijde odpov\u011b\u010f, \u017ee chybu u\u017e opravili, nebo to budou \u0159e\u0161it s tv\u016frcem, a \u017ee d\u011bkuj\u00ed. Zhruba 10 % dal\u0161\u00edch chybu v tichosti odstran\u00ed. 15 % mi v\u0161ak p\u0159ijde st\u00e1le jako velmi mal\u00e1 \u00fasp\u011b\u0161nost na to, \u017ee je ozn\u00e1men\u00ed ps\u00e1no v p\u0159\u00e1telsk\u00e9m duchu, je v n\u011bm n\u00e1vod, jak probl\u00e9m odstranit, a ani v n\u011bm nevnucuji \u017e\u00e1dnou svou slu\u017ebu. Mus\u00edm tak\u00e9 podotknout, \u017ee \u010d\u00e1st email\u016f adres\u00e1t\u016fm v\u016fbec nedoraz\u00ed, proto\u017ee na webu nejsou funk\u010dn\u00ed kontakty. I tak se pozn\u00e1, \u017ee se majitel o web nestar\u00e1. Najdou se v\u0161ak i tac\u00ed, kte\u0159\u00ed to berou velmi osobn\u011b a hroz\u00ed za zaslan\u00e9 ohl\u00e1\u0161en\u00ed soudem a podobn\u011b, t\u011bch je ale na\u0161t\u011bst\u00ed opravdu m\u00e1lo. Jsem ale r\u00e1d za ka\u017ed\u00fd opraven\u00fd web.<\/em><\/p>\n<p><strong>V p\u0159edn\u00e1\u0161ce se bude\u0161 v\u011bnovat bezpe\u010dnosti. Jak hodnot\u00ed\u0161 aktu\u00e1ln\u00ed stav WordPress z tohoto pohledu?<\/strong><\/p>\n<p><em>Osobn\u011b si mysl\u00edm, \u017ee to nen\u00ed tak \u0161patn\u00e9, jak se z r\u016fzn\u00fdch zpr\u00e1v m\u016f\u017ee zd\u00e1t. Nejsem si v\u011bdom, \u017ee by z\u00e1va\u017en\u00fdch bezpe\u010dnostn\u00edch chyb v j\u00e1d\u0159e WP bylo n\u011bjak znateln\u011b v\u00edce ne\u017e u ostatn\u00edch redak\u010dn\u00edch syst\u00e9m\u016f. A kdy\u017e u\u017e se objev\u00ed, tak jsou i velmi rychle opraveny a patch je d\u00edky automatick\u00fdm aktualizac\u00edm brzo aplikov\u00e1n. Odli\u0161n\u00e1 situace samoz\u0159ejm\u011b panuje kolem plugin\u016f a \u0161ablon, u kter\u00fdch jsou velmi \u010dasto zanedb\u00e1v\u00e1ny aktualizace, \u010di poch\u00e1z\u00ed z neleg\u00e1ln\u00edch zdroj\u016f, a to je p\u0159\u00ed\u010dinou mnoha zpr\u00e1v o tom, jak je vlastn\u011b WP nebezpe\u010dn\u00fd.<\/em><\/p>\n<p><strong>V\u0161eobecn\u011b panuje n\u00e1zor, \u017ee je nedostatek kvalitn\u00edch WordPress odborn\u00edk\u016f. Jak\u00fd je tv\u016fj pohled?<\/strong><\/p>\n<p><em>Nemysl\u00edm si, \u017ee je to probl\u00e9m jen WordPressu. Nap\u0159\u00edklad sehnat kvalitn\u00edho program\u00e1tora je n\u00e1ro\u010dn\u00e1 z\u00e1le\u017eitost a pro koncov\u00e9ho z\u00e1kazn\u00edka m\u016f\u017ee b\u00fdt opravdu obt\u00ed\u017en\u00e9 rozli\u0161it, zda dan\u00fd \u010dlov\u011bk problematice skute\u010dn\u011b rozum\u00ed, nebo jen um\u00ed dob\u0159e mluvit. Jsem toho n\u00e1zoru, \u017ee skute\u010dn\u00fdch odborn\u00edk\u016f, kte\u0159\u00ed vid\u00ed i do detail\u016f (nap\u0159. nastaven\u00ed serveru) a um\u00ed v\u00edce ne\u017e nahr\u00e1t a trochu upravit p\u00e1r plugin\u016f, je skute\u010dn\u011b m\u00e1lo.<br \/>\n<\/em><em>Na druhou stranu v p\u0159\u00edpad\u011b\u00a0WordPressu pro provoz men\u0161\u00edho blogu lze vysta\u010dit s minimem zku\u0161enost\u00ed. Sta\u010d\u00ed se jen dr\u017eet n\u011bkolika z\u00e1kladn\u00edch pravidel &#8211; pravideln\u011b aktualizovat, z\u00e1lohovat, neinstalovat zbyte\u010dnosti, kdy\u017e u\u017e n\u011bco instalovat, tak jen z d\u016fv\u011bryhodn\u00fdch zdroj\u016f a prost\u011b se o sv\u016fj web starat.<\/em><\/p>\n<p><strong>Je n\u011bco, co ti na WordPressu vad\u00ed? Co bys zm\u011bnil, nebo vylep\u0161il?<\/strong><\/p>\n<p><em>Mysl\u00edm, \u017ee mnoho koleg\u016f odpov\u00ed podobn\u011b \ud83d\ude42 Na WP je mnoho v\u011bc\u00ed, kter\u00e9 mi nevyhovuj\u00ed, ale d\u00e1 se s nimi \u017e\u00edt. Mysl\u00edm si, \u017ee za\u010d\u00ednaj\u00edc\u00ed u\u017eivatel, kter\u00fd se chce posunout jen o kousek d\u00e1l, m\u00e1 p\u0159ed sebou velmi slo\u017eitou cestu. N\u011bkolik p\u0159\u00edklad\u016f:<\/em><br \/>\n<em> Pokud chcete zv\u00fd\u0161it v\u00fdkon, je pot\u0159eba doinstalovat dopln\u011bk podle cachovac\u00ed technologie dostupn\u00e9 na serveru. O tom b\u011b\u017en\u00fd u\u017eivtel prakticky nic nev\u00ed. Pro\u010d nen\u00ed u\u017e v z\u00e1kladu pou\u017eit\u00e1 n\u011bjak\u00e1 univerz\u00e1ln\u00ed cache, kterou si za\u010d\u00e1te\u010dn\u00edk jen zapne a zku\u0161en\u011bj\u0161\u00ed si ji p\u0159izp\u016fsob\u00ed sv\u00e9mu serveru?<\/em><br \/>\n<em> Tak\u00e9 si \u010dasto kladu ot\u00e1zku, pro\u010d v z\u00e1kladu nen\u00ed automatick\u00e9 do\u010dasn\u00e9 blokov\u00e1n\u00ed u\u017eivatele, kter\u00fd n\u011bkolikr\u00e1t \u0161patn\u011b zadal heslo. Za\u010d\u00e1te\u010dn\u00edk tak na to, \u017ee je dobr\u00e9 n\u011bco podobn\u00e9ho blokovat, mus\u00ed p\u0159ij\u00edt s\u00e1m. Anebo p\u0159ij\u00edt na mou p\u0159edn\u00e1\u0161ku, kde mu to \u0159eknu \ud83d\ude09<\/em><\/p>\n<p><strong>M\u016f\u017ee\u0161 n\u00e1m tedy p\u0159edstavit, o \u010dem bude tv\u00e1 p\u0159edn\u00e1\u0161ka, na co se m\u016f\u017eeme t\u011b\u0161it?<\/strong><\/p>\n<p><em>M\u00fdm c\u00edlem je p\u0159edev\u0161\u00edm uk\u00e1zat u\u017eivatel\u016fm, kde vlastn\u011b nebezpe\u010d\u00ed hroz\u00ed a jak se ho vyvarovat. Je t\u0159eba pochopit, \u017ee \u00fatoky jsou ve sv\u011bt\u011b internetu b\u011b\u017en\u00e9, a je nutn\u00e9 b\u00fdt na n\u011b p\u0159ipraven. Uk\u00e1\u017eeme si p\u0159\u00edpady n\u011bkter\u00fdch skute\u010dn\u00fdch \u00fatok\u016f a zkus\u00edme se z nich pou\u010dit.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Vl\u00e1\u010fa Smitka se star\u00e1 p\u0159edev\u0161\u00edm o s\u00edt\u011b a servery.\u00a0D\u00edky tomu p\u0159in\u00e1\u0161\u00ed do WordPress komunity jedine\u010dn\u00fd pohled na to, jak v\u011bci funguj\u00ed zevnit\u0159. Specializuje se zejm\u00e9na na bezpe\u010dnost a v\u00fdkon webov\u00fdch aplikac\u00ed a mohli jste o n\u011bm sly\u0161et nap\u0159\u00edklad d\u00edky jeho velk\u00e9mu pr\u016fzkumu 65 000 \u010desk\u00fdch WordPress web\u016f. U\u017e n\u011bkolikr\u00e1t jsme t\u011b vid\u011bli p\u0159edn\u00e1\u0161et o bezpe\u010dnosti. &hellip; <a href=\"https:\/\/prague.wordcamp.org\/2016\/rozhovor-vlada-smitka\/\" class=\"more-link\">Pokra\u010dov\u00e1n\u00ed textu <span class=\"screen-reader-text\">Rozhovor &#8211; Vl\u00e1\u010fa Smitka, bezpe\u010dnost a temn\u00e1 strana s\u00edly<\/span><\/a><\/p>\n","protected":false},"author":5814035,"featured_media":1080,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[750975,647970],"tags":[],"class_list":["post-1076","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-rozhovory","category-wordcamp-praha"],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/prague.wordcamp.org\/2016\/files\/2016\/02\/vlada-smitka.jpg?fit=350%2C350&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p6VUAp-hm","_links":{"self":[{"href":"https:\/\/prague.wordcamp.org\/2016\/wp-json\/wp\/v2\/posts\/1076","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/prague.wordcamp.org\/2016\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/prague.wordcamp.org\/2016\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/prague.wordcamp.org\/2016\/wp-json\/wp\/v2\/users\/5814035"}],"replies":[{"embeddable":true,"href":"https:\/\/prague.wordcamp.org\/2016\/wp-json\/wp\/v2\/comments?post=1076"}],"version-history":[{"count":5,"href":"https:\/\/prague.wordcamp.org\/2016\/wp-json\/wp\/v2\/posts\/1076\/revisions"}],"predecessor-version":[{"id":1114,"href":"https:\/\/prague.wordcamp.org\/2016\/wp-json\/wp\/v2\/posts\/1076\/revisions\/1114"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/prague.wordcamp.org\/2016\/wp-json\/wp\/v2\/media\/1080"}],"wp:attachment":[{"href":"https:\/\/prague.wordcamp.org\/2016\/wp-json\/wp\/v2\/media?parent=1076"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/prague.wordcamp.org\/2016\/wp-json\/wp\/v2\/categories?post=1076"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/prague.wordcamp.org\/2016\/wp-json\/wp\/v2\/tags?post=1076"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}