SlideShare une entreprise Scribd logo

Backing up WordPress & Basic Security presented at WordCamp Atlanta, 2013.

Carel Bekker
Carel Bekker

Backing up WordPress & Basic Security presented at WordCamp Atlanta, 2013. Security myths, 3 ways to backup WordPress, and numerous security tips, including some plugins.

Technologie
1  sur  22
Télécharger pour lire hors ligne
BACKING UP WORDPRESS & BASIC SECURITY Carel Bekker - @ClickHOST & @carelbekker Saturday, March 16, 13
Who is this guy? • From South Africa • In US since 1998 • 25+ years in technology • Owner of ClickHOST.com • Loves my wife, 3 children, technology, reading, travel and occasional round of golf. • linkedin.com/in/cbekker Carel Bekker - @ClickHOST 2 Saturday, March 16, 13
If only... Carel Bekker - @ClickHOST 3 Saturday, March 16, 13
What will we cover? “I’m going to show your where the windows and doors are on your WordPress house and how to lock them!” • Basics needed to protect your WordPress website or blog • Very little technical skills are needed • Some definitions • Resource list • Security Myths •3 ways to Backup WordPress •3 security tips that will safe your life, ok, at least your website Carel Bekker - @ClickHOST 4 Saturday, March 16, 13
What is malware? • Malware = malicious software. • Anything loaded onto your website (or computer) that you didn’t authorize. • Malware, short for malicious (or malevolent) software, is software used or created by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software. - wikipedia.org Carel Bekker - @ClickHOST 5 Saturday, March 16, 13
Other definitions • SQL Injections: Entering SQL statements into form fields. • Cross-site contamination: WordPress sites infecting sites in the same hosting account. • Phishing or Spoofing: Email or website that looks like the real thing • Social engineering, e.g., Wired reporter story Carel Bekker - @ClickHOST 6 Saturday, March 16, 13
Security Myths • #1: Who would want to hack my website • #2: I will see when my website is hacked • #3: My website is 100% secure • #4: My hosting provider will have a backup for me • #5: I use strong passwords -- I’m ok Carel Bekker - @ClickHOST 7 Saturday, March 16, 13
Backing up WordPress Carel Bekker - @ClickHOST 8 Saturday, March 16, 13
Backup Basics • What is a backup? • Reliable recent copy of your website. • Should be easy to restore from your backup. • Why should I backup? • Bad things happen, especially in the WWW = wild, wild west. • How often & when should I backup? • Before any major updates to your website • Before updating WordPress, plugins or themes • Daily, Weekly, Monthly. • 1-2 different backup copies. Carel Bekker - @ClickHOST 9 Saturday, March 16, 13
Use a WordPress plugin • Installa plugin to backup your WordPress website. • Most offer option to backup to: hosting account, cloud, local or email the backup. • Numerous FREE WordPress backup plugins: • One-click installers like Softaculous • BackWPup (free and pro versions) • WordPress Backup to Dropbox • or Paid plugins: • BackupBuddy ($$$) • VaultPress ($$) Carel Bekker - @ClickHOST 10 Saturday, March 16, 13
DIY Backups • Use tools provided by hosting company • cPanel most common control panel • Select the Database to download. • Only backup the database. • Backup will be downloaded to your local directory. • You can then upload the database to restore your WordPress website. • Paid services: CodeGuard, SiteAutoBackup, Carel Bekker - @ClickHOST 11 Saturday, March 16, 13
Ask your hosting provider • This is not specific to WordPress. • Some hosting providers provide automatic backups • Full account backups • Some offer free restore services • Others charge a fee to restore a from a backup • Ask your hosting provider to setup a backup schedule • Don’t keep too many backups in your hosting account • Download to your local machine Carel Bekker - @ClickHOST 12 Saturday, March 16, 13
Top Tips to Secure WordPress Carel Bekker - @ClickHOST 13 Saturday, March 16, 13
Don’t use ADMIN • Don’t use admin as your username. • This is the default when installing • Almost as bad as using password for your password :) • How to fix this! • Create a new administrator user. • Log out, then log in as the new admin user. • Delete the old “admin” user. Carel Bekker - @ClickHOST 14 Saturday, March 16, 13
Update! Update! • New versions/updates include security fixes and new functionality. • Always keep your WordPress installation current! • Keep your plugins updated. • Try to keep your theme current too, however be careful and only upgrade if you are sure that a child theme was used. • Make a backup BEFORE you update WordPress, plugins or themes. Carel Bekker - @ClickHOST 15 Saturday, March 16, 13
Passwords • Use strong passwords, not 123456 or Password • Use Pass-phrases, correcthorsebatterystaple • Better yet, use a password manager: • Generate very strong passwords • No need to remember 100’s of password • Easy to use with browser addons. • LastPass.com, 1password.com, RoboForm. Carel Bekker - @ClickHOST 16 Saturday, March 16, 13
Anti-spam techniques • How do I prevent comment spam? Unwanted comments in my blog posts. • Don’t allow comments. • Also to moderate all comments. • Use a comment system plugin: • Disqus • Livefyre • Use Facebook Comment system. • Comment spam control plugins: • Akismet ($5/month) • Growmap Anti Spambot (free) Carel Bekker - @ClickHOST 17 Saturday, March 16, 13
Security plugins • Most include: • One-click hardening • File monitoring • Personal Firewall (IP blocking) • Security plugins: • Sucuri (w/ membership) • WordFence (free and paid) • IPVenger (beta) • Login LockDown Carel Bekker - @ClickHOST 18 Saturday, March 16, 13
Random security tips • Make sure you have anti-virus installed on your computer • Even on a Mac (Sophos) • Email spam filtering • Only download themes, and plugins from trusted sources. • WordPress and reputable theme/plugin sources • Delete unused themes, and plugins! (not just de-activate) • Delete unused WordPress installations. Carel Bekker - @ClickHOST 19 Saturday, March 16, 13
Questions?? Carel Bekker - @ClickHOST 20 Saturday, March 16, 13
Resources • More great WordCamp presentations: • WordPress End-User Security, Dre Armeda • Building secure WordPress sites, Sakin Shrestha • or goto wordpress.tv and search for security • WordPress Codex: http://codex.wordpress.org/WordPress_Backups • WordPress Backup options: http://www.clickhost.com/wordpress-backup/ • Search clickhost.com/blog for WordPress • How to make your WordPress installation Secure • WordPress Security: 5 Steps To Reduce Your Risk • Three sure fire ways to prevent being hacked! Carel Bekker - @ClickHOST 21 Saturday, March 16, 13
Carel Bekker President&Owner carel@clickhost.com Twitter: @clickhost, @carelbekker Tel: 404.220.8110 Friends don’t let friends host on Go Daddy! Carel Bekker - @ClickHOST 22 Saturday, March 16, 13

Recommandé

WP REST API: Actionable.co
WP REST API: Actionable.coWP REST API: Actionable.co
WP REST API: Actionable.coShawn Hooper
 
WordCamp ATL 2017 - Beginner Session - Plugins
WordCamp ATL 2017 - Beginner Session - PluginsWordCamp ATL 2017 - Beginner Session - Plugins
WordCamp ATL 2017 - Beginner Session - PluginsMickey Mellen
 
Serverless WordPress using AWS Services - WordCamp Atlanta 2017
Serverless WordPress using AWS Services - WordCamp Atlanta 2017Serverless WordPress using AWS Services - WordCamp Atlanta 2017
Serverless WordPress using AWS Services - WordCamp Atlanta 2017Carel Bekker
 
WordCamp ATL 2017 - SEO in 2017
WordCamp ATL 2017 - SEO in 2017WordCamp ATL 2017 - SEO in 2017
WordCamp ATL 2017 - SEO in 2017Mickey Mellen
 
Self hosted WordPress
Self hosted WordPressSelf hosted WordPress
Self hosted WordPressCarel Bekker
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 

Recommandé

WP REST API: Actionable.co
WP REST API: Actionable.coWP REST API: Actionable.co
WP REST API: Actionable.coShawn Hooper
 
WordCamp ATL 2017 - Beginner Session - Plugins
WordCamp ATL 2017 - Beginner Session - PluginsWordCamp ATL 2017 - Beginner Session - Plugins
WordCamp ATL 2017 - Beginner Session - PluginsMickey Mellen
 
Serverless WordPress using AWS Services - WordCamp Atlanta 2017
Serverless WordPress using AWS Services - WordCamp Atlanta 2017Serverless WordPress using AWS Services - WordCamp Atlanta 2017
Serverless WordPress using AWS Services - WordCamp Atlanta 2017Carel Bekker
 
WordCamp ATL 2017 - SEO in 2017
WordCamp ATL 2017 - SEO in 2017WordCamp ATL 2017 - SEO in 2017
WordCamp ATL 2017 - SEO in 2017Mickey Mellen
 
Self hosted WordPress
Self hosted WordPressSelf hosted WordPress
Self hosted WordPressCarel Bekker
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 

Contenu connexe

Dernier

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Dernier (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

En vedette

How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Applitools
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at WorkGetSmarter
 

En vedette (20)

How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
 
ChatGPT webinar slides
ChatGPT webinar slidesChatGPT webinar slides
ChatGPT webinar slides
 

Backing up WordPress & Basic Security presented at WordCamp Atlanta, 2013.

  • 1. BACKING UP WORDPRESS & BASIC SECURITY Carel Bekker - @ClickHOST & @carelbekker Saturday, March 16, 13
  • 2. Who is this guy? • From South Africa • In US since 1998 • 25+ years in technology • Owner of ClickHOST.com • Loves my wife, 3 children, technology, reading, travel and occasional round of golf. • linkedin.com/in/cbekker Carel Bekker - @ClickHOST 2 Saturday, March 16, 13
  • 3. If only... Carel Bekker - @ClickHOST 3 Saturday, March 16, 13
  • 4. What will we cover? “I’m going to show your where the windows and doors are on your WordPress house and how to lock them!” • Basics needed to protect your WordPress website or blog • Very little technical skills are needed • Some definitions • Resource list • Security Myths •3 ways to Backup WordPress •3 security tips that will safe your life, ok, at least your website Carel Bekker - @ClickHOST 4 Saturday, March 16, 13
  • 5. What is malware? • Malware = malicious software. • Anything loaded onto your website (or computer) that you didn’t authorize. • Malware, short for malicious (or malevolent) software, is software used or created by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software. - wikipedia.org Carel Bekker - @ClickHOST 5 Saturday, March 16, 13
  • 6. Other definitions • SQL Injections: Entering SQL statements into form fields. • Cross-site contamination: WordPress sites infecting sites in the same hosting account. • Phishing or Spoofing: Email or website that looks like the real thing • Social engineering, e.g., Wired reporter story Carel Bekker - @ClickHOST 6 Saturday, March 16, 13
  • 7. Security Myths • #1: Who would want to hack my website • #2: I will see when my website is hacked • #3: My website is 100% secure • #4: My hosting provider will have a backup for me • #5: I use strong passwords -- I’m ok Carel Bekker - @ClickHOST 7 Saturday, March 16, 13
  • 8. Backing up WordPress Carel Bekker - @ClickHOST 8 Saturday, March 16, 13
  • 9. Backup Basics • What is a backup? • Reliable recent copy of your website. • Should be easy to restore from your backup. • Why should I backup? • Bad things happen, especially in the WWW = wild, wild west. • How often & when should I backup? • Before any major updates to your website • Before updating WordPress, plugins or themes • Daily, Weekly, Monthly. • 1-2 different backup copies. Carel Bekker - @ClickHOST 9 Saturday, March 16, 13
  • 10. Use a WordPress plugin • Installa plugin to backup your WordPress website. • Most offer option to backup to: hosting account, cloud, local or email the backup. • Numerous FREE WordPress backup plugins: • One-click installers like Softaculous • BackWPup (free and pro versions) • WordPress Backup to Dropbox • or Paid plugins: • BackupBuddy ($$$) • VaultPress ($$) Carel Bekker - @ClickHOST 10 Saturday, March 16, 13
  • 11. DIY Backups • Use tools provided by hosting company • cPanel most common control panel • Select the Database to download. • Only backup the database. • Backup will be downloaded to your local directory. • You can then upload the database to restore your WordPress website. • Paid services: CodeGuard, SiteAutoBackup, Carel Bekker - @ClickHOST 11 Saturday, March 16, 13
  • 12. Ask your hosting provider • This is not specific to WordPress. • Some hosting providers provide automatic backups • Full account backups • Some offer free restore services • Others charge a fee to restore a from a backup • Ask your hosting provider to setup a backup schedule • Don’t keep too many backups in your hosting account • Download to your local machine Carel Bekker - @ClickHOST 12 Saturday, March 16, 13
  • 13. Top Tips to Secure WordPress Carel Bekker - @ClickHOST 13 Saturday, March 16, 13
  • 14. Don’t use ADMIN • Don’t use admin as your username. • This is the default when installing • Almost as bad as using password for your password :) • How to fix this! • Create a new administrator user. • Log out, then log in as the new admin user. • Delete the old “admin” user. Carel Bekker - @ClickHOST 14 Saturday, March 16, 13
  • 15. Update! Update! • New versions/updates include security fixes and new functionality. • Always keep your WordPress installation current! • Keep your plugins updated. • Try to keep your theme current too, however be careful and only upgrade if you are sure that a child theme was used. • Make a backup BEFORE you update WordPress, plugins or themes. Carel Bekker - @ClickHOST 15 Saturday, March 16, 13
  • 16. Passwords • Use strong passwords, not 123456 or Password • Use Pass-phrases, correcthorsebatterystaple • Better yet, use a password manager: • Generate very strong passwords • No need to remember 100’s of password • Easy to use with browser addons. • LastPass.com, 1password.com, RoboForm. Carel Bekker - @ClickHOST 16 Saturday, March 16, 13
  • 17. Anti-spam techniques • How do I prevent comment spam? Unwanted comments in my blog posts. • Don’t allow comments. • Also to moderate all comments. • Use a comment system plugin: • Disqus • Livefyre • Use Facebook Comment system. • Comment spam control plugins: • Akismet ($5/month) • Growmap Anti Spambot (free) Carel Bekker - @ClickHOST 17 Saturday, March 16, 13
  • 18. Security plugins • Most include: • One-click hardening • File monitoring • Personal Firewall (IP blocking) • Security plugins: • Sucuri (w/ membership) • WordFence (free and paid) • IPVenger (beta) • Login LockDown Carel Bekker - @ClickHOST 18 Saturday, March 16, 13
  • 19. Random security tips • Make sure you have anti-virus installed on your computer • Even on a Mac (Sophos) • Email spam filtering • Only download themes, and plugins from trusted sources. • WordPress and reputable theme/plugin sources • Delete unused themes, and plugins! (not just de-activate) • Delete unused WordPress installations. Carel Bekker - @ClickHOST 19 Saturday, March 16, 13
  • 20. Questions?? Carel Bekker - @ClickHOST 20 Saturday, March 16, 13
  • 21. Resources • More great WordCamp presentations: • WordPress End-User Security, Dre Armeda • Building secure WordPress sites, Sakin Shrestha • or goto wordpress.tv and search for security • WordPress Codex: http://codex.wordpress.org/WordPress_Backups • WordPress Backup options: http://www.clickhost.com/wordpress-backup/ • Search clickhost.com/blog for WordPress • How to make your WordPress installation Secure • WordPress Security: 5 Steps To Reduce Your Risk • Three sure fire ways to prevent being hacked! Carel Bekker - @ClickHOST 21 Saturday, March 16, 13
  • 22. Carel Bekker President&Owner carel@clickhost.com Twitter: @clickhost, @carelbekker Tel: 404.220.8110 Friends don’t let friends host on Go Daddy! Carel Bekker - @ClickHOST 22 Saturday, March 16, 13