Ce diaporama a bien été signalé.
Le téléchargement de votre SlideShare est en cours. ×

WordPress Plugin Security

5 jan. 2023
0 j’aime 61 vues
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Prochain SlideShare
Preventing Common Security Vulnerabilities
Preventing Common Security Vulnerabilities
Chargement dans…3
×

Consultez-les par la suite

Developing Blocks without React - Controls.pptx
Jonathan Bossenger
Global Styles Variations in Block Themes.pptx
Jonathan Bossenger
Developing Blocks without React - Part 1
Jonathan Bossenger
Creating Custom Templates and Template Parts
Jonathan Bossenger
Let's code! What Happens When You Make Theme Changes
Jonathan Bossenger
Let's code! Creating your Primary Templates in the Editor.pptx
Jonathan Bossenger
Let's code_ WP REST API - custom routes and endpoints.pptx
Jonathan Bossenger
Developing Blocks without React - Part 2.pptx
Jonathan Bossenger
1 sur 9 Publicité

WordPress Plugin Security

5 jan. 2023
0 j’aime 61 vues

Télécharger pour lire hors ligne

Technologie

In this online workshop, we'll be looking at one of the most vital but overlooked aspects of developing plugins for WordPress, and that's ensuring your plugin's code is secure!

We will look at why this is important and learn how to implement a security-first mindset as you add functionality to your plugins, using real-world examples.

In this online workshop, we'll be looking at one of the most vital but overlooked aspects of developing plugins for WordPress, and that's ensuring your plugin's code is secure!

We will look at why this is important and learn how to implement a security-first mindset as you add functionality to your plugins, using real-world examples.

Technologie
Publicité

Suggestions

Preventing Common Security Vulnerabilities
Jonathan Bossenger
20 vues
9 diapositives
Developing Blocks without React - Block Supports.pptx
Jonathan Bossenger
23 vues
9 diapositives
Interacting with the WP REST API
Jonathan Bossenger
57 vues
9 diapositives
Using the WP REST API
Jonathan Bossenger
60 vues
9 diapositives
Let's code: extending the WP REST API - modifying responses
Jonathan Bossenger
51 vues
9 diapositives
Help test WordPress - developer edition
Jonathan Bossenger
25 vues
9 diapositives
Let's code! Converting a Shortcode into a Block
Jonathan Bossenger
16 vues
10 diapositives
Using Block Patterns in your Block Theme.pptx
Jonathan Bossenger
19 vues
10 diapositives
Publicité

Plus De Contenu Connexe

Similaire à WordPress Plugin Security (12)

Developing Blocks without React - Controls.pptx
Jonathan Bossenger
22 vues
Global Styles Variations in Block Themes.pptx
Jonathan Bossenger
24 vues
Developing Blocks without React - Part 1
Jonathan Bossenger
72 vues
Creating Custom Templates and Template Parts
Jonathan Bossenger
73 vues
Let's code! What Happens When You Make Theme Changes
Jonathan Bossenger
16 vues
Let's code! Creating your Primary Templates in the Editor.pptx
Jonathan Bossenger
65 vues
Let's code_ WP REST API - custom routes and endpoints.pptx
Jonathan Bossenger
35 vues
Developing Blocks without React - Part 2.pptx
Jonathan Bossenger
16 vues
Developing Blocks without React - Attributes.pptx
Jonathan Bossenger
28 vues
Developing Blocks without React - Part 2
Jonathan Bossenger
17 vues
Let's code! Diving into theme.json
Jonathan Bossenger
67 vues
Using Create Block Theme
Jonathan Bossenger
28 vues
Developing Blocks without React - Controls.pptx
Jonathan Bossenger
22 vues
11 diapositives
Global Styles Variations in Block Themes.pptx
Jonathan Bossenger
24 vues
10 diapositives
Developing Blocks without React - Part 1
Jonathan Bossenger
72 vues
12 diapositives
Creating Custom Templates and Template Parts
Jonathan Bossenger
73 vues
11 diapositives
Let's code! What Happens When You Make Theme Changes
Jonathan Bossenger
16 vues
9 diapositives
Let's code! Creating your Primary Templates in the Editor.pptx
Jonathan Bossenger
65 vues
9 diapositives

Plus par Jonathan Bossenger (13)

Let's code: developing WordPress User Roles and Capabilities
Jonathan Bossenger
13 vues
Interacting with the WordPress REST API
Jonathan Bossenger
28 vues
Using the WordPress REST API
Jonathan Bossenger
18 vues
Introduction to securely developing plugins
Jonathan Bossenger
18 vues
theme.json in classic themes.pptx
Jonathan Bossenger
15 vues
Introduction to theme.json
Jonathan Bossenger
16 vues
Create Block Theme - Fonts
Jonathan Bossenger
12 vues
WordPress theme template tour
Jonathan Bossenger
22 vues
Create Block Theme Part 1.pptx
Jonathan Bossenger
15 vues
Using Block Template Parts in Classic Themes.pptx
Jonathan Bossenger
12 vues
The WordPress Template Hierarchy.pptx
Jonathan Bossenger
10 vues
Using Block Attributes to Enable User Editing
Jonathan Bossenger
13 vues
Styling your WordPress Blocks
Jonathan Bossenger
21 vues
Let's code: developing WordPress User Roles and Capabilities
Jonathan Bossenger
13 vues
9 diapositives
Interacting with the WordPress REST API
Jonathan Bossenger
28 vues
3 diapositives
Using the WordPress REST API
Jonathan Bossenger
18 vues
4 diapositives
Introduction to securely developing plugins
Jonathan Bossenger
18 vues
5 diapositives
theme.json in classic themes.pptx
Jonathan Bossenger
15 vues
3 diapositives
Introduction to theme.json
Jonathan Bossenger
16 vues
3 diapositives
Publicité

Plus récents (20)

Fuel Additives, Lecture 02, Fuel Tech-ll.pdf
ShakeelAhmad816993
0 vues
EyeWay Vision
Boris Greenberg
0 vues
Fractional Distillaton, Lecture 01, Fuel Tech-ll.pptx
ShakeelAhmad816993
0 vues
History and evolution of chatGPT.docx
KhushbuChaurasiya3
0 vues
Working with data using Azure Functions.pdf
Stephanie Locke
0 vues
Detailed large-scale real-time HYPERSIM EMT simulation for transient stabilit...
OPAL-RT TECHNOLOGIES
0 vues
ALTERNATIVE FUELS- Boidiesel- Lecture 6-7.pptx
ShakeelAhmad816993
0 vues
Technology Environment
Sahil Madhuwalia
0 vues
Cisco CCNA ITN (Introduction to Networks) - Certification
Mohamed Haathim Sharfraz
0 vues
Servo Stabilizer
Akil Siddiqui
0 vues
1_AAU_need_for_autonomy_presented_to_AAU_Board_28_march_2021.pptx
hawariyaabel
0 vues
Fuel Energizer, Lecture 04, Fuel Technology, (Week 08).pptx
ShakeelAhmad816993
0 vues
Plant Based Water.pdf
RushiDalve
0 vues
"Modern DevOps & Real Life Applications. 3.0.0-devops+20230318", Igor Fesenko
Fwdays
0 vues
Antenna Inventor.pptx
Jâwêrîâ Sûbhâñî Ràjpôôt I I
0 vues
CSC437-Fall2013-Module-7-Firewalls-IDS.pdf
ssuser1f1964
0 vues
Untangling the Grid: 201
Kerim Baran
0 vues
Energy from Waste, Lecture 09, Fuel Technology2, (Week 11).pptx
ShakeelAhmad816993
0 vues
Microsoft Azure Fundamentals (AZ-900)
Mohamed Haathim Sharfraz
0 vues
Ethanol production, Lecture 07, Fuel Technology2.pptx
ShakeelAhmad816993
0 vues
Fuel Additives, Lecture 02, Fuel Tech-ll.pdf
ShakeelAhmad816993
0 vues
15 diapositives
EyeWay Vision
Boris Greenberg
0 vues
43 diapositives
Fractional Distillaton, Lecture 01, Fuel Tech-ll.pptx
ShakeelAhmad816993
0 vues
13 diapositives
History and evolution of chatGPT.docx
KhushbuChaurasiya3
0 vues
3 diapositives
Working with data using Azure Functions.pdf
Stephanie Locke
0 vues
31 diapositives
Detailed large-scale real-time HYPERSIM EMT simulation for transient stabilit...
OPAL-RT TECHNOLOGIES
0 vues
32 diapositives

WordPress Plugin Security

  1. 1. Jonathan Bossenger Let’s Code Learn.WordPress.org WordPress plugin security
  2. 2. 2 👋🏽 Welcome! As you join, please make sure you have your local development environment ready: • A local WordPress installation • A code editor like VSCode or Sublime • An insecure plugin • https://github.com/jonathanbossenger/wp- learn-plugin- security/releases/download/1.0.0/wp-learn- plugin-security.1.0.0.zip Then, let everyone know in the chat where you’re joining us from… Hello! ○ My name is Jonathan Bossenger ○ From Cape Town, South Africa ○ Ex-developer turned code instructor ○ Sponsored contributor at Automattic ○ @jon_bossenger in Twitter
  3. 3. Learn.WordPress.org Let's code! WordPress Plugin Security Jonathan Bossenger
  4. 4. Announcements ○ Welcome, and Happy New Year! ○ Thanks to Thelma for co-hosting! ○ We are presenting in focus mode, but please feel free to enable your video. ○ You are welcome to ask questions. ○ You are welcome to post questions in the chat, or unmute to ask questions.
  5. 5. Announcements ○ Make sure your local install is ready ○ https://github.com/jonathanbossenger/wp-learn-plugin- security/releases/download/1.0.0/wp-learn-plugin-security.1.0.0.zip ○ If I am going too fast, please let me know! ○ We will be posting this session to https://wordpress.tv/ afterwards ○ For more WordPress focused content please visit https://learn.wordpress.org/
  6. 6. Learning Outcomes 1. All about plugin security • Sanitizing inputs • Data validation • Escaping outputs • Preventing invalid requests • Preventing unauthenticated users
  7. 7. Objectives 1 1. Setup and review the insecure plugin 2. Sanitize any incoming data 3. Validate any incoming data 4. Escape any data being rendered to the browser 5. Secure any form submissions or Ajax requests 6. Ensure any admin actions can only be performed by an admin 7
  8. 8. 8 Let’s code.
  9. 9. Resources ○ https://github.com/jonathanbossenger/wp-learn-plugin-security/releases/download/1.0.0/wp-learn- plugin-security.1.0.0.zip ○ https://developer.wordpress.org/plugins/security/ ○ https://developer.wordpress.org/apis/security/

Notes de l'éditeur

  • TITLE SLIDE: Make a copy of this presentation to your Google Drive, and edit to replace with your details.

×