Your SlideShare is downloading. ×
0
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
WordPress Security & Backup
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

WordPress Security & Backup

3,061

Published on

WordPress is my favorite computer asset, but it's very vulnerable to attack from the bad clowns ;-) This presentation from WordCamp Atlanta 2012 is my system of handling WordPress security without …

WordPress is my favorite computer asset, but it's very vulnerable to attack from the bad clowns ;-) This presentation from WordCamp Atlanta 2012 is my system of handling WordPress security without getting too geeky.

Published in: Technology
2 Comments
3 Likes
Statistics
Notes
No Downloads
Views
Total Views
3,061
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
2
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Don’t Hack Me Bro’! Simple Backup & Security for WordPress This Presentation, more info and  links, can be found at: www.SaferPress.comRandy Barnes@rbarnesdotcomwww.rbarnes.comlinkedin.rbarnes.com
  • 2. I Love WordPress
  • 3. I Love WordPress too!
  • 4. WordPress is a OPEN SOURCE Content management system (CMS)   powered by PHP and MySQL !! ??
  • 5. PHP: Hypertext Preprocessor made more sense originally as: "Personal Home Page"• allows dynamically generated pages• server-side scripting language• embedded into an HTML document
  • 6. MySQL - RDBMSStructured Query Language Relational Database Management System  
  • 7. Apache HTTP Serverrunning ~66% of the web  over 100 Million web sites 
  • 8. Linux , Unix-like OperatingSystemLeading Server Operating System in the world!Runs 90% of Supercomputers!
  • 9. Free - Open SourceCommunity of DevelopersFREE - Huge numbers in useNot so user-friendlyFREEHackers Brier Patch
  • 10. Protect your investment otime oenergy omoney oreputation
  • 11. WordPress disaster recovery • very expensive problem • very high-level skill need for rebuilding  a hacked blog • deal with it in advance and the process  is far easier 
  • 12. A Real World Example
  • 13. Run this on yoursite in Google site:yourdomain
  • 14. OMG!
  • 15. START HERE
  • 16. Spam Comments -      Plugin - Akismet   need API Key - get at wordpress.com
  • 17. Only ~3,000 total visitsAnd 10,500+ spam comments!
  • 18. !!! Update UPDATE Update !!! WordPress core -> Theme update -> Plugins update-
  • 19. Hackers only need 2 pieces of info to take  control of your blog.  Dont give them the 1st one!
  • 20. B| %{ua6+M%~
  • 21. Tip #2: Use A Strong Password http://strongpasswordgenerator.com/  d2]8pTkYr=.x
  • 22. Tip #1: Change your Admin username    1. use phpMyAdmin in your host account cPanel  to edit the fields in the admin account, or..   2. make a new admin user in your WP dashboard,  and then delete the existing admin user 
  • 23. How to video at youtube.com/help4wp
  • 24. Three Strikes & Youre Out! Limit the number of login attempts with a useful plugin   
  • 25. congratulations     Level 1 Security achieved
  • 26. You want more?
  • 27. automated installers will put the same security keys in every blog, and all use the same table prefix "wp_"
  • 28. Change your locks!   replace the security keys with new code• open the wp-config.php file in a text or code  editor• copy/paste new keys generated at: https://api.wordpress.org/secret-key/1.1/salt 
  • 29. Next:  change the table prefixyour WordPress table prefix default is wp_ wp1_ wp2_ etc...
  • 30. That wp_  table prefix is rotten, and has to go. 
  • 31. This is minor surgery, and you  may feel some pressure ;-)  • Use phpMyAdmin from your host account  cPanel  • Text /Code Editor:   • go slow and follow a few simple steps..
  • 32. Hope for the best,Plan for the worst!
  • 33. Backup your blog
  • 34. •   WP-DB-Backup
  • 35. Get it All - Get it Right    backup your WP database   • automate it - daily: slow time of day • Get all the partsCheck your  table for new additions (some plugins or themes may add new tables that need to be selected and included in the backup] • email it  [to your gmail account]  
  • 36. also:  Watch Those Files    wp-File monitor: pluginhttp://wordpress.org/extend/plugins/wordpress-file-monitor/
  • 37. more security strategies            blank .html filescustom .htaccess fileslimit access to your IP addresssecuring the folders with addtl passwordsmore plugins
  • 38. Introducing...Manage your Assets Security System
  • 39. Introducing...Manage your Assets Security System MyASS
  • 40. Manage Your Assets Security System      1. Install WordPress Correctly 2. Cook your Spam 3. Kill your Admin 4. Strong Password 5. Updates as  available 6. Limit Login Attempts 7. Change Table Prefix & Keys 8. Backup Database  9. Backup File Structure10. Relax   & Blog 
  • 41. Happiness is a secure WordPress Blog Im a  blogger! Enjoy Atlanta!

×