SlideShare une entreprise Scribd logo

WordPress Security

Ivan Storck
Ivan Storck

WordPress Security is important! An ounce of prevention is worth a pound of cure. Learn four critical steps to protect your WordPress web site.

TechnologieBusiness
1  sur  12
WordPress Security Four Steps to Protect Your Website
Why Bother? • Hackers do illegal stuff with your site, and you may be liable. Phishing, Spam • Protect your hard-won SEO reputation • Protect yourself, your customers, and site visitors
4 Essential Steps 1. Backup 2. Protect / Tweak 3. Monitor 4. Analyze
Backups - No excuses • Use the cPanel backup wizard weekly • Automate with DBC Backup • Backup to the cloud with WP S3 Backups • Schedule depends on amount of content
Protect ✓ Ze’s Admin Update Notification http://wordpress.org/extend/plugins/zes-admin-update-notification/ ✓ Bulletproof Security http://wordpress.org/extend/plugins/bulletproof-security/ ✓ Hash Checker http://wordpress.org/extend/plugins/hashchecker/
Protect ✓ TAC - Theme Authenticity Checker http://wordpress.org/extend/plugins/tac/ ✓ Limit Login Attempts http://wordpress.org/extend/plugins/login-lockdown/ ✓ Secure WordPress http://wordpress.org/extend/plugins/secure-wordpress/
Tweak • File Permissions and location • command line: chmod 640 wp-config.php • Use cPanel File Manager • put wp-config.php one level above public_html (so it’s not publicly accessible) • Delete ‘admin’ user, use your own name • Change table prefix, something other than wp_ • Use phpMyAdmin in cPanel and this article: http://bit.ly/wp-prefix
Monitor • You can visually inspect your page every day, but why not automate it?! • ChangeDetection.com - FREE • http://site24x7.com/monitor-webpage- defacement.html
Analyze • Google Analyticator / Google Webmaster Tools • http://wordpress.org/extend/plugins/google-analyticator/ • Firefox User Agent Tool • https://addons.mozilla.org/en-US/firefox/addon/59/ • Safari: Develop Menu, User Agent: use one from http://www.useragentstring.com/ • Check log files for suspicious activity • cPanel - awstats
Sustainable Websites • Take responsibility for their presence on the internet, their affect on people, and on the earth • Don’t waste energy with spam • Don’t waste people’s time with spam links • Don’t install malware on people’s computers
SustainableWebsites.com • Secured cPanel servers • Easy backups • Automatic WordPress installation via Fantastico • Automatic notification of out-of-date scripts • Energy Efficient, Green Powered
Credits & etc Photos used with permission by Creative Commons License: http://creativecommons.org/licenses/by/2.0/deed.en Playmobil: http://www.flickr.com/photos/nedrichards/56919158/ Wind turbines: iStockPhoto.com Thanks WordPress community! Ross Chapman, Luke Fretwell, Mani Sheriar, Maiya Holliday, more customers These slides may go out of date but the four steps have less likelihood of doing so. Even so, following these steps may not guarantee your site against hacking and there is no implied warrantee to the fitness of the information in this document for your unique setup. Stay up to date on security via more sources than just this slideshow. © Sustainable Websites LLC Creative Commons License http://SustainableWebsites.com/contact +1-888-755-8436 93 S Jackson St #58069 Seattle WA 98103

Recommandé

Managing Multisite: Lessons from a Large Network
Managing Multisite: Lessons from a Large NetworkManaging Multisite: Lessons from a Large Network
Managing Multisite: Lessons from a Large NetworkWilliam Earnhardt
 
WordPress Server Security
WordPress Server SecurityWordPress Server Security
WordPress Server SecurityPeter Baylies
 
WordPress Multisite
WordPress MultisiteWordPress Multisite
WordPress MultisiteBrad Williams
 
Word camp2011 introwordpresssecurity
Word camp2011 introwordpresssecurityWord camp2011 introwordpresssecurity
Word camp2011 introwordpresssecurityDavid Wilemski
 
Understanding WordPress Multisite
Understanding WordPress MultisiteUnderstanding WordPress Multisite
Understanding WordPress MultisiteRyan Imel
 
8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress websiteSiteGround.com
 
Getting started with WordPress development
Getting started with WordPress developmentGetting started with WordPress development
Getting started with WordPress developmentSteve Mortiboy
 
Ithemes presentation
Ithemes presentationIthemes presentation
Ithemes presentationJason Yingling
 

Recommandé

Managing Multisite: Lessons from a Large Network
Managing Multisite: Lessons from a Large NetworkManaging Multisite: Lessons from a Large Network
Managing Multisite: Lessons from a Large NetworkWilliam Earnhardt
 
WordPress Server Security
WordPress Server SecurityWordPress Server Security
WordPress Server SecurityPeter Baylies
 
WordPress Multisite
WordPress MultisiteWordPress Multisite
WordPress MultisiteBrad Williams
 
Word camp2011 introwordpresssecurity
Word camp2011 introwordpresssecurityWord camp2011 introwordpresssecurity
Word camp2011 introwordpresssecurityDavid Wilemski
 
Understanding WordPress Multisite
Understanding WordPress MultisiteUnderstanding WordPress Multisite
Understanding WordPress MultisiteRyan Imel
 
8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress websiteSiteGround.com
 
Getting started with WordPress development
Getting started with WordPress developmentGetting started with WordPress development
Getting started with WordPress developmentSteve Mortiboy
 
Ithemes presentation
Ithemes presentationIthemes presentation
Ithemes presentationJason Yingling
 
How to be a Super Super-Admin - WCMTL 2014
How to be a Super Super-Admin - WCMTL 2014How to be a Super Super-Admin - WCMTL 2014
How to be a Super Super-Admin - WCMTL 2014Richard Archambault
 
Multisite core concepts final
Multisite core concepts finalMultisite core concepts final
Multisite core concepts finalUmesh Chaudhary
 
Wordpress
WordpressWordpress
WordpressPriya Kumar
 
A crash course in scaling wordpress
A crash course in scaling wordpress A crash course in scaling wordpress
A crash course in scaling wordpress GovLoop
 
Savannah
SavannahSavannah
SavannahAndrea Rennick
 
When to use WordPress MultiSite WordCamp Nepal 2012
When to use WordPress MultiSite WordCamp Nepal 2012When to use WordPress MultiSite WordCamp Nepal 2012
When to use WordPress MultiSite WordCamp Nepal 2012Utsav Singh Rathour
 
Utsav Singh Rathour: How, Why and Where to use WordPress multisite
Utsav Singh Rathour: How, Why and Where to use WordPress multisiteUtsav Singh Rathour: How, Why and Where to use WordPress multisite
Utsav Singh Rathour: How, Why and Where to use WordPress multisitewpnepal
 
WordPress Intermediate Workshop
WordPress Intermediate WorkshopWordPress Intermediate Workshop
WordPress Intermediate WorkshopThe Toolbox, Inc.
 
WordCamp Boston WordPress plugins-8-2014
WordCamp Boston WordPress plugins-8-2014WordCamp Boston WordPress plugins-8-2014
WordCamp Boston WordPress plugins-8-2014The Toolbox, Inc.
 
WordPress Fav Plugins & Security
WordPress Fav Plugins & SecurityWordPress Fav Plugins & Security
WordPress Fav Plugins & SecurityThe Toolbox, Inc.
 
WordPress and Multisite
WordPress and MultisiteWordPress and Multisite
WordPress and MultisiteAndrea Rennick
 
Wcmtl top-10-multisite
Wcmtl top-10-multisiteWcmtl top-10-multisite
Wcmtl top-10-multisiteAndrea Rennick
 
I Can Haz More Performanz?
I Can Haz More Performanz?I Can Haz More Performanz?
I Can Haz More Performanz?Andy Melichar
 
WordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupWordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupChris Burgess
 
Piecing Together the WordPress Puzzle
Piecing Together the WordPress PuzzlePiecing Together the WordPress Puzzle
Piecing Together the WordPress PuzzleBusiness Vitality LLC
 
WordPress Security 101: Practical Techniques & Best Practices
WordPress Security 101: Practical Techniques & Best PracticesWordPress Security 101: Practical Techniques & Best Practices
WordPress Security 101: Practical Techniques & Best PracticesJonathan Hall
 
WordPress(The Big Picture)
WordPress(The Big Picture)WordPress(The Big Picture)
WordPress(The Big Picture)Sandip Basnet
 
WordPress Multisite: What? Why? How?
WordPress Multisite: What? Why? How?WordPress Multisite: What? Why? How?
WordPress Multisite: What? Why? How?bcasel
 
2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite
2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite
2014 WordCamp Austin: Do's and Don'ts of WordPress MultisiteWPMU DEV
 
Speeding Up WordPress sites
Speeding Up WordPress sitesSpeeding Up WordPress sites
Speeding Up WordPress sitesJason Yingling
 
WordPress Security and Best Practices
WordPress Security and Best PracticesWordPress Security and Best Practices
WordPress Security and Best PracticesRobert Vidal
 
Battling the WSOD - A Tech Support Tale
Battling the WSOD - A Tech Support TaleBattling the WSOD - A Tech Support Tale
Battling the WSOD - A Tech Support TaleKayleigh Thorpe
 

Contenu connexe

Tendances

How to be a Super Super-Admin - WCMTL 2014
How to be a Super Super-Admin - WCMTL 2014How to be a Super Super-Admin - WCMTL 2014
How to be a Super Super-Admin - WCMTL 2014Richard Archambault
 
Multisite core concepts final
Multisite core concepts finalMultisite core concepts final
Multisite core concepts finalUmesh Chaudhary
 
A crash course in scaling wordpress
A crash course in scaling wordpress A crash course in scaling wordpress
A crash course in scaling wordpress GovLoop
 
When to use WordPress MultiSite WordCamp Nepal 2012
When to use WordPress MultiSite WordCamp Nepal 2012When to use WordPress MultiSite WordCamp Nepal 2012
When to use WordPress MultiSite WordCamp Nepal 2012Utsav Singh Rathour
 
Utsav Singh Rathour: How, Why and Where to use WordPress multisite
Utsav Singh Rathour: How, Why and Where to use WordPress multisiteUtsav Singh Rathour: How, Why and Where to use WordPress multisite
Utsav Singh Rathour: How, Why and Where to use WordPress multisitewpnepal
 
WordPress Intermediate Workshop
WordPress Intermediate WorkshopWordPress Intermediate Workshop
WordPress Intermediate WorkshopThe Toolbox, Inc.
 
WordCamp Boston WordPress plugins-8-2014
WordCamp Boston WordPress plugins-8-2014WordCamp Boston WordPress plugins-8-2014
WordCamp Boston WordPress plugins-8-2014The Toolbox, Inc.
 
WordPress Fav Plugins & Security
WordPress Fav Plugins & SecurityWordPress Fav Plugins & Security
WordPress Fav Plugins & SecurityThe Toolbox, Inc.
 
WordPress and Multisite
WordPress and MultisiteWordPress and Multisite
WordPress and MultisiteAndrea Rennick
 
Wcmtl top-10-multisite
Wcmtl top-10-multisiteWcmtl top-10-multisite
Wcmtl top-10-multisiteAndrea Rennick
 
I Can Haz More Performanz?
I Can Haz More Performanz?I Can Haz More Performanz?
I Can Haz More Performanz?Andy Melichar
 
WordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupWordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupChris Burgess
 
Piecing Together the WordPress Puzzle
Piecing Together the WordPress PuzzlePiecing Together the WordPress Puzzle
Piecing Together the WordPress PuzzleBusiness Vitality LLC
 
WordPress Security 101: Practical Techniques & Best Practices
WordPress Security 101: Practical Techniques & Best PracticesWordPress Security 101: Practical Techniques & Best Practices
WordPress Security 101: Practical Techniques & Best PracticesJonathan Hall
 
WordPress(The Big Picture)
WordPress(The Big Picture)WordPress(The Big Picture)
WordPress(The Big Picture)Sandip Basnet
 
WordPress Multisite: What? Why? How?
WordPress Multisite: What? Why? How?WordPress Multisite: What? Why? How?
WordPress Multisite: What? Why? How?bcasel
 
2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite
2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite
2014 WordCamp Austin: Do's and Don'ts of WordPress MultisiteWPMU DEV
 
Speeding Up WordPress sites
Speeding Up WordPress sitesSpeeding Up WordPress sites
Speeding Up WordPress sitesJason Yingling
 

Tendances (20)

How to be a Super Super-Admin - WCMTL 2014
How to be a Super Super-Admin - WCMTL 2014How to be a Super Super-Admin - WCMTL 2014
How to be a Super Super-Admin - WCMTL 2014
 
Multisite core concepts final
Multisite core concepts finalMultisite core concepts final
Multisite core concepts final
 
Wordpress
WordpressWordpress
Wordpress
 
A crash course in scaling wordpress
A crash course in scaling wordpress A crash course in scaling wordpress
A crash course in scaling wordpress
 
Savannah
SavannahSavannah
Savannah
 
When to use WordPress MultiSite WordCamp Nepal 2012
When to use WordPress MultiSite WordCamp Nepal 2012When to use WordPress MultiSite WordCamp Nepal 2012
When to use WordPress MultiSite WordCamp Nepal 2012
 
Utsav Singh Rathour: How, Why and Where to use WordPress multisite
Utsav Singh Rathour: How, Why and Where to use WordPress multisiteUtsav Singh Rathour: How, Why and Where to use WordPress multisite
Utsav Singh Rathour: How, Why and Where to use WordPress multisite
 
WordPress Intermediate Workshop
WordPress Intermediate WorkshopWordPress Intermediate Workshop
WordPress Intermediate Workshop
 
WordCamp Boston WordPress plugins-8-2014
WordCamp Boston WordPress plugins-8-2014WordCamp Boston WordPress plugins-8-2014
WordCamp Boston WordPress plugins-8-2014
 
WordPress Fav Plugins & Security
WordPress Fav Plugins & SecurityWordPress Fav Plugins & Security
WordPress Fav Plugins & Security
 
WordPress and Multisite
WordPress and MultisiteWordPress and Multisite
WordPress and Multisite
 
Wcmtl top-10-multisite
Wcmtl top-10-multisiteWcmtl top-10-multisite
Wcmtl top-10-multisite
 
I Can Haz More Performanz?
I Can Haz More Performanz?I Can Haz More Performanz?
I Can Haz More Performanz?
 
WordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupWordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User Meetup
 
Piecing Together the WordPress Puzzle
Piecing Together the WordPress PuzzlePiecing Together the WordPress Puzzle
Piecing Together the WordPress Puzzle
 
WordPress Security 101: Practical Techniques & Best Practices
WordPress Security 101: Practical Techniques & Best PracticesWordPress Security 101: Practical Techniques & Best Practices
WordPress Security 101: Practical Techniques & Best Practices
 
WordPress(The Big Picture)
WordPress(The Big Picture)WordPress(The Big Picture)
WordPress(The Big Picture)
 
WordPress Multisite: What? Why? How?
WordPress Multisite: What? Why? How?WordPress Multisite: What? Why? How?
WordPress Multisite: What? Why? How?
 
2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite
2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite
2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite
 
Speeding Up WordPress sites
Speeding Up WordPress sitesSpeeding Up WordPress sites
Speeding Up WordPress sites
 

Similaire à WordPress Security

WordPress Security and Best Practices
WordPress Security and Best PracticesWordPress Security and Best Practices
WordPress Security and Best PracticesRobert Vidal
 
Battling the WSOD - A Tech Support Tale
Battling the WSOD - A Tech Support TaleBattling the WSOD - A Tech Support Tale
Battling the WSOD - A Tech Support TaleKayleigh Thorpe
 
Website essentials things every library website should have
Website essentials things every library website should haveWebsite essentials things every library website should have
Website essentials things every library website should haveBrian Pichman
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites Catch Themes
 
WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and SecurityThink Media Inc.
 
Vinay Paudel: Optimizing and Speeding up a WordPress site
Vinay Paudel: Optimizing and Speeding up a WordPress siteVinay Paudel: Optimizing and Speeding up a WordPress site
Vinay Paudel: Optimizing and Speeding up a WordPress sitewpnepal
 
How to create a WordPress Site
How to create a WordPress Site How to create a WordPress Site
How to create a WordPress Site MuhammadUsaid2
 
Blog World 2010 - How to Keep Your Blog from Being Hacked
Blog World 2010 - How to Keep Your Blog from Being HackedBlog World 2010 - How to Keep Your Blog from Being Hacked
Blog World 2010 - How to Keep Your Blog from Being HackedBrian Layman
 
How WordPress Sites Get Hacked
How WordPress Sites Get HackedHow WordPress Sites Get Hacked
How WordPress Sites Get HackedAndrew Marks
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutSiteGround.com
 
Responsible [digital] Home Ownership
Responsible [digital] Home OwnershipResponsible [digital] Home Ownership
Responsible [digital] Home OwnershipDenise (Dee) Teal
 
Presentation to SAIT Students - Dec 2013
Presentation to SAIT Students - Dec 2013Presentation to SAIT Students - Dec 2013
Presentation to SAIT Students - Dec 2013Think Media Inc.
 
Emergency WordPress Troubleshooting
Emergency WordPress TroubleshootingEmergency WordPress Troubleshooting
Emergency WordPress TroubleshootingTiffany Bridge
 
WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security EssentialsAngela Bowman
 
WCBos13 intermediate workshop
WCBos13 intermediate workshopWCBos13 intermediate workshop
WCBos13 intermediate workshopBoston WordPress
 
Neo word press meetup ehermits - how to keep your blog from being hacked 2012
Neo word press meetup ehermits - how to keep your blog from being hacked 2012Neo word press meetup ehermits - how to keep your blog from being hacked 2012
Neo word press meetup ehermits - how to keep your blog from being hacked 2012Brian Layman
 
20 tips to Improving Your WordPress Site...for Beginners
20 tips to Improving Your WordPress Site...for Beginners20 tips to Improving Your WordPress Site...for Beginners
20 tips to Improving Your WordPress Site...for BeginnersTRB Design, Inc.
 
Up and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web DesignUp and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web DesignJudy Wilson
 

Similaire à WordPress Security (20)

WordPress Security and Best Practices
WordPress Security and Best PracticesWordPress Security and Best Practices
WordPress Security and Best Practices
 
Battling the WSOD - A Tech Support Tale
Battling the WSOD - A Tech Support TaleBattling the WSOD - A Tech Support Tale
Battling the WSOD - A Tech Support Tale
 
Website essentials things every library website should have
Website essentials things every library website should haveWebsite essentials things every library website should have
Website essentials things every library website should have
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites
 
WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and Security
 
Vinay Paudel: Optimizing and Speeding up a WordPress site
Vinay Paudel: Optimizing and Speeding up a WordPress siteVinay Paudel: Optimizing and Speeding up a WordPress site
Vinay Paudel: Optimizing and Speeding up a WordPress site
 
How to create a WordPress Site
How to create a WordPress Site How to create a WordPress Site
How to create a WordPress Site
 
Blog World 2010 - How to Keep Your Blog from Being Hacked
Blog World 2010 - How to Keep Your Blog from Being HackedBlog World 2010 - How to Keep Your Blog from Being Hacked
Blog World 2010 - How to Keep Your Blog from Being Hacked
 
How WordPress Sites Get Hacked
How WordPress Sites Get HackedHow WordPress Sites Get Hacked
How WordPress Sites Get Hacked
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
 
WordCamp 2015
WordCamp 2015WordCamp 2015
WordCamp 2015
 
Responsible [digital] Home Ownership
Responsible [digital] Home OwnershipResponsible [digital] Home Ownership
Responsible [digital] Home Ownership
 
Presentation to SAIT Students - Dec 2013
Presentation to SAIT Students - Dec 2013Presentation to SAIT Students - Dec 2013
Presentation to SAIT Students - Dec 2013
 
Emergency WordPress Troubleshooting
Emergency WordPress TroubleshootingEmergency WordPress Troubleshooting
Emergency WordPress Troubleshooting
 
WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security Essentials
 
WCBos13 intermediate workshop
WCBos13 intermediate workshopWCBos13 intermediate workshop
WCBos13 intermediate workshop
 
WordPress Complete Tutorial
WordPress Complete TutorialWordPress Complete Tutorial
WordPress Complete Tutorial
 
Neo word press meetup ehermits - how to keep your blog from being hacked 2012
Neo word press meetup ehermits - how to keep your blog from being hacked 2012Neo word press meetup ehermits - how to keep your blog from being hacked 2012
Neo word press meetup ehermits - how to keep your blog from being hacked 2012
 
20 tips to Improving Your WordPress Site...for Beginners
20 tips to Improving Your WordPress Site...for Beginners20 tips to Improving Your WordPress Site...for Beginners
20 tips to Improving Your WordPress Site...for Beginners
 
Up and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web DesignUp and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web Design
 

Plus de Ivan Storck

Bower and Ruby on Rails
Bower and Ruby on RailsBower and Ruby on Rails
Bower and Ruby on RailsIvan Storck
 
Render Or Redirect?
Render Or Redirect?Render Or Redirect?
Render Or Redirect?Ivan Storck
 
Cucumber exercise slides
Cucumber exercise slidesCucumber exercise slides
Cucumber exercise slidesIvan Storck
 
Rails Request Response Lifecycle
Rails Request Response LifecycleRails Request Response Lifecycle
Rails Request Response LifecycleIvan Storck
 
Web Marketing at Business of Organics
Web Marketing at Business of OrganicsWeb Marketing at Business of Organics
Web Marketing at Business of OrganicsIvan Storck
 

Plus de Ivan Storck (9)

Testing intro
Testing introTesting intro
Testing intro
 
Bower and Ruby on Rails
Bower and Ruby on RailsBower and Ruby on Rails
Bower and Ruby on Rails
 
Render Or Redirect?
Render Or Redirect?Render Or Redirect?
Render Or Redirect?
 
Git
GitGit
Git
 
Cucumber exercise slides
Cucumber exercise slidesCucumber exercise slides
Cucumber exercise slides
 
Rails Request Response Lifecycle
Rails Request Response LifecycleRails Request Response Lifecycle
Rails Request Response Lifecycle
 
Ruby at UW C4C
Ruby at UW C4CRuby at UW C4C
Ruby at UW C4C
 
B O O 102107
B O O 102107B O O 102107
B O O 102107
 
Web Marketing at Business of Organics
Web Marketing at Business of OrganicsWeb Marketing at Business of Organics
Web Marketing at Business of Organics
 

Dernier

What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 

Dernier (20)

What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 

WordPress Security

  • 1. WordPress Security Four Steps to Protect Your Website
  • 2. Why Bother? • Hackers do illegal stuff with your site, and you may be liable. Phishing, Spam • Protect your hard-won SEO reputation • Protect yourself, your customers, and site visitors
  • 3. 4 Essential Steps 1. Backup 2. Protect / Tweak 3. Monitor 4. Analyze
  • 4. Backups - No excuses • Use the cPanel backup wizard weekly • Automate with DBC Backup • Backup to the cloud with WP S3 Backups • Schedule depends on amount of content
  • 5. Protect ✓ Ze’s Admin Update Notification http://wordpress.org/extend/plugins/zes-admin-update-notification/ ✓ Bulletproof Security http://wordpress.org/extend/plugins/bulletproof-security/ ✓ Hash Checker http://wordpress.org/extend/plugins/hashchecker/
  • 6. Protect ✓ TAC - Theme Authenticity Checker http://wordpress.org/extend/plugins/tac/ ✓ Limit Login Attempts http://wordpress.org/extend/plugins/login-lockdown/ ✓ Secure WordPress http://wordpress.org/extend/plugins/secure-wordpress/
  • 7. Tweak • File Permissions and location • command line: chmod 640 wp-config.php • Use cPanel File Manager • put wp-config.php one level above public_html (so it’s not publicly accessible) • Delete ‘admin’ user, use your own name • Change table prefix, something other than wp_ • Use phpMyAdmin in cPanel and this article: http://bit.ly/wp-prefix
  • 8. Monitor • You can visually inspect your page every day, but why not automate it?! • ChangeDetection.com - FREE • http://site24x7.com/monitor-webpage- defacement.html
  • 9. Analyze • Google Analyticator / Google Webmaster Tools • http://wordpress.org/extend/plugins/google-analyticator/ • Firefox User Agent Tool • https://addons.mozilla.org/en-US/firefox/addon/59/ • Safari: Develop Menu, User Agent: use one from http://www.useragentstring.com/ • Check log files for suspicious activity • cPanel - awstats
  • 10. Sustainable Websites • Take responsibility for their presence on the internet, their affect on people, and on the earth • Don’t waste energy with spam • Don’t waste people’s time with spam links • Don’t install malware on people’s computers
  • 11. SustainableWebsites.com • Secured cPanel servers • Easy backups • Automatic WordPress installation via Fantastico • Automatic notification of out-of-date scripts • Energy Efficient, Green Powered
  • 12. Credits & etc Photos used with permission by Creative Commons License: http://creativecommons.org/licenses/by/2.0/deed.en Playmobil: http://www.flickr.com/photos/nedrichards/56919158/ Wind turbines: iStockPhoto.com Thanks WordPress community! Ross Chapman, Luke Fretwell, Mani Sheriar, Maiya Holliday, more customers These slides may go out of date but the four steps have less likelihood of doing so. Even so, following these steps may not guarantee your site against hacking and there is no implied warrantee to the fitness of the information in this document for your unique setup. Stay up to date on security via more sources than just this slideshow. © Sustainable Websites LLC Creative Commons License http://SustainableWebsites.com/contact +1-888-755-8436 93 S Jackson St #58069 Seattle WA 98103

Notes de l'éditeur

  1. \n
  2. \n
  3. \n
  4. \n
  5. \n
  6. \n
  7. http://www.wptavern.com/top-5-wordpress-security-tips-you-most-likely-dont-follow\n
  8. \n
  9. Google Analytics is free and can tell you lots about what people are looking at on your site.\nGoogle Webmaster tools can alert you \n\n
  10. \n
  11. \n
  12. \n