WordPress security
Upcoming SlideShare
Loading in...5
×
 

WordPress security

on

  • 722 views

An introduction to WordPress Security

An introduction to WordPress Security

Statistics

Views

Total Views
722
Views on SlideShare
722
Embed Views
0

Actions

Likes
0
Downloads
8
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

WordPress security WordPress security Presentation Transcript

  • blogVAULThttp://blogvault.net
  • WordPress Security Akshat Choudhary Founder, blogVault blogVAULT
  • Why?Sites get Hacked! blogVAULT
  • Why will some one hack a Site? Fun and Profit blogVAULT
  • Fun: Because they can blogVAULT
  • Profit: To make moneySEOAffiliate ScamRedirect to a different sitePolitical defacementUse host for hacks blogVAULT
  • How?Vulnerabilities! blogVAULT
  • Where?Wordpress Core Plugins Themes blogVAULT
  • How do I know if I have been hacked? blogVAULT
  • Browser warning blogVAULT
  • Google Search Warning blogVAULT
  • Sucuri SiteCheck - Free Tool blogVAULT
  • Inspect FileshtaccessJavascript FilesUnknown PHP filesExisting PHP files blogVAULT
  • What to do when my site gets hacked? blogVAULT
  • Recover from Backup Most reliable method blogVAULT
  • Use SucuriNot foolproof, costs money blogVAULT
  • Talk to an expertDifficult Job. Dont take lightly. blogVAULT
  • Change Password blogVAULT
  • Change Authentication keys Removes existing sessions. blogVAULT
  • Prevention is better than Cure blogVAULT
  • Update Wordpress / Plugins / Themes blogVAULT
  • Change Database Prefix Prevent SQL Injection attacks blogVAULT
  • Disable File Editordefine(DISALLOW_FILE_EDIT, true); blogVAULT
  • Make Folders / Files Readonly blogVAULT
  • Prevent File ExecutionAddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi blogVAULT
  • Use SSL / Google Authenticator blogVAULT
  • Set Authentication Keysdefine(AUTH_KEY, put your unique phrase here);define(SECURE_AUTH_KEY, put your unique phrase here);define(LOGGED_IN_KEY, put your unique phrase here);define(NONCE_KEY, put your unique phrase here);define(AUTH_SALT, put your unique phrase here);define(SECURE_AUTH_SALT, put your unique phrase here);define(LOGGED_IN_SALT, put your unique phrase here);define(NONCE_SALT, put your unique phrase here); blogVAULT
  • Security by Obscurityremove admin user / hide wordpress version / ... blogVAULT
  • Automatic Backups e.g. use blogVAULT blogVAULT
  • What makes a good backup solution?Complete - Database + FilesOffsite - Local backup is as good as noneRegular BackupHistory of backupTest the RestoreSecure Backup blogVAULT
  • Thank you blogVAULT http://blogvault.net We are Hiring!