Uploaded on

A 15-minute introduction to making your WordPress install more secure, and so leverage your efforts in building a great community.

A 15-minute introduction to making your WordPress install more secure, and so leverage your efforts in building a great community.

More in: Technology , Design
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
421
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
3
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Reno Tahoe WordCamp 2010 WordPress Security Blitz!
  • 2. Why? Content, freshness, SEO, networking, design, stability, functionality, performance, scaling...
  • 3. Why? Content, freshness, SEO, networking, design, stability, functionality, performance, scaling... ...and now security, too?
  • 4. Why? ...can't we all just get along?
  • 5. Why? To leverage your efforts building a thriving community!
  • 6. Strategy A little bit of effort, some discipline, and LOTS of common sense
  • 7. Basic Security
    • Pick a hoster wisely
  • 8. Basic Security
    • Pick a hoster wisely
    • 9. Split domain and hosting
  • 10. Basic Security
    • Pick a hoster wisely
    • 11. Split domain and hosting
    • 12. Back up (and back up again!)
  • 13. Basic Security
    • Pick a hoster wisely
    • 14. Split domain and hosting
    • 15. Back up (and back up again!)
    • 16. Keep WP, plugins up-to-date
  • 17. Basic Security
    • Pick a hoster wisely
    • 18. Split domain and hosting
    • 19. Back up (and back up again!)
    • 20. Keep WP, plugins up-to-date
    • 21. Move wp-config.php up/out
  • 22. Basic Security
    • Pick a hoster wisely
    • 23. Split domain and hosting
    • 24. Back up (and back up again!)
    • 25. Keep WP, plugins up-to-date
    • 26. Move wp-config.php up/out
    • 27. File permissions (755/644)
  • 28. Basic Security
    • .htaccess to restrict wp-admin
  • 29. Basic Security
    • .htaccess to restrict wp-admin
    • 30. Regularly check server logs
  • 31. Basic Security
    • .htaccess to restrict wp-admin
    • 32. Regularly check server logs
    • 33. Post-Logger (vi-logger.php)
  • 34. Basic Security
    • .htaccess to restrict wp-admin
    • 35. Regularly check server logs
    • 36. Post-Logger (vi-logger.php)
    • 37. DB table prefix: not “wp_”
  • 38. Basic Security
    • .htaccess to restrict wp-admin
    • 39. Regularly check server logs
    • 40. Post-Logger (vi-logger.php)
    • 41. DB table prefix: not “wp_”
    • 42. No user “admin”
  • 43. Basic Security
    • .htaccess to restrict wp-admin
    • 44. Regularly check server logs
    • 45. Post-Logger (vi-logger.php)
    • 46. DB table prefix: not “wp_”
    • 47. No user “admin”
    • 48. Use strong passwords!
  • 49. Plugins to consider:
    • Akismet
  • 50. Plugins to consider:
    • Akismet
    • 51. Bad Behavior
  • 52. Plugins to consider:
    • Akismet
    • 53. Bad Behavior
    • 54. http:BL (Project Honey Pot)
  • 55. Plugins to consider:
    • Akismet
    • 56. Bad Behavior
    • 57. http:BL (Project Honey Pot)
    • 58. WP Security Scan
  • 59. Plugins to consider:
  • 64. Plugins to consider:
    • Akismet
    • 65. Bad Behavior
    • 66. http:BL (Project Honey Pot)
    • 67. WP Security Scan
    • 68. AntiVirus
    • 69. ...but don't go wild on plugins!
  • 70. Also...
    • Check on your back-ups! (Do they really work?)
  • 71. Also...
    • Check on your back-ups! (Do they really work?)
    • 72. Check on your DB (e.g. drop old tables, optimize... Clean Options plugin)
  • 73. Also...
    • Check on your back-ups! (Do they really work?)
    • 74. Check on your DB (e.g. drop old tables, optimize...)
    • 75. Security audits (e.g. Acunetix)
  • 76. Also...
    • Check on your back-ups! (Do they really work?)
    • 77. Check on your DB (e.g. drop old tables, optimize...)
    • 78. Security audits (e.g. Acunetix)
    • 79. Your own computer
  • 80. Also...
    • Check on your back-ups! (Do they really work?)
    • 81. Check on your DB (e.g. drop old tables, optimize...)
    • 82. Security audits (e.g. Acunetix)
    • 83. Your own computer
    • 84. Use a staging server to test
  • 85. Also...
    • Check on your back-ups! (Do they really work?)
    • 86. Check on your DB (e.g. drop old tables, optimize...)
    • 87. Security audits (e.g. Acunetix)
    • 88. Your own computer
    • 89. Use a staging server to test
    • 90. External (e.g. CloudFlare)
  • 91. And finally... Support developers and designers!
  • 92. Questions?
  • 93. Contact information Álvaro Degives-Más: Alvaro at RenoLanguages.com