WordPress is my favorite computer asset, but it's very vulnerable to attack from the bad clowns ;-) This presentation from WordCamp Atlanta 2012 is my system of handling WordPress security without getting too geeky.
1. Don’t Hack Me Bro’!
Simple Backup & Security for WordPress
This Presentation, more info and
links, can be found at:
www.SaferPress.com
Randy Barnes
@rbarnesdotcom
www.rbarnes.com
linkedin.rbarnes.com
5. PHP: Hypertext Preprocessor
made more sense originally as:
"Personal Home Page"
• allows dynamically generated
pages
• server-side scripting language
• embedded into an HTML document
12. WordPress disaster recovery
• very expensive problem
• very high-level skill need for rebuilding
a hacked blog
• deal with it in advance and the process
is far easier
29. Tip #1: Change your Admin username
1. use phpMyAdmin in your host account cPanel
to edit the fields in the 'admin' account, or..
2. make a new admin user in your WP dashboard,
and then delete the existing 'admin' user
42. Change your locks!
replace the security keys
with new code
• open the wp-config.php file in a text or code
editor
• copy/paste new keys generated at:
https://api.wordpress.org/secret-key/1.1/salt
47. This is minor surgery, and you
may feel some pressure ;-)
• Use phpMyAdmin from your host account
cPanel
• Text /Code Editor:
• go slow and follow a few simple steps..
57. Get it All - Get it Right
backup your WP database
• automate it - daily: slow time of day
• Get all the parts
Check your table for new additions (some plugins or themes
may add new tables that need to be selected and included in
the backup]
• email it [to your gmail account]