WordPress Security<br />Carole Bonds<br />AgentEvolution<br />carole@agentevolution.com<br />
Why do I need to secure my site?<br />WordPress is a popular target for hackers<br />A hacked site is inaccessible<br />A ...
Securing Your Site (Beginners)<br />Keep WordPress& plugins updated<br />Caution: Turn off all plugins before updating Wor...
Securing Your Site (Beginners)<br />Add Security Plugins:<br />Login Lockdown<br />Secure WordPress<br />WP-Security Scan<...
Securing Your Site (Intermediate)<br />Change the wp_ table prefix<br />http://www.seoegghead.com/software/wordpress-table...
Securing Your Site (Advanced)<br />Disable directory views with .htaccess file<br />Options –Indexes<br />Verify and fix f...
Backing Up Your Site<br />Manual Backups<br />Download theme<br />Download plugins folder<br />Download uploads folder<br ...
Backing Up Your Site<br />Automated cPanel Backups<br />Yourdomainname.com/cpanel<br />Files->Backup Wizard<br />Automated...
Wordpress Database Backup (database only)
Automatic Wordpress Backup (content & database to S3) http://aws.amazon.com/s3/
BackupBuddy(premium plugin - content & database)</li></li></ul><li>Restoring Your Site<br />Manual Restore<br />Delete old...
Upcoming SlideShare
Loading in …5
×

Wordpress Security

1,105 views

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,105
On SlideShare
0
From Embeds
0
Number of Embeds
51
Actions
Shares
0
Downloads
10
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • GoDaddy aka SlowDaddyMediaTemple
  • WP-Table Renamer (single php file)
  • WP Security Scan to check Permissions.WordPress files should be 644. WordPress directories (the folders themselves) should 755. No file or directory should be given 777 permission.Unix/Linux Server Roles: User, Group, World0 --- no permission 1 --x execute2 -w- write 3 -wx write and execute 4 r-- read 5 r-x read and execute 6 rw- read and write 7 rwx read, write and execute
  • Wordpress Security

    1. 1. WordPress Security<br />Carole Bonds<br />AgentEvolution<br />carole@agentevolution.com<br />
    2. 2. Why do I need to secure my site?<br />WordPress is a popular target for hackers<br />A hacked site is inaccessible<br />A hacked site redirects to malware<br />A hacked site is expensive and time-consuming to clean<br />
    3. 3. Securing Your Site (Beginners)<br />Keep WordPress& plugins updated<br />Caution: Turn off all plugins before updating WordPress<br />Remove inactive and outdated plugins<br />Activate Akismet to stop spam<br />Choose the right hosting provider<br />
    4. 4. Securing Your Site (Beginners)<br />Add Security Plugins:<br />Login Lockdown<br />Secure WordPress<br />WP-Security Scan<br />Ultimate Security Check<br />WP-File Monitor<br />Exploit Scanner<br />Maximum Security Plugin<br />WP-Malwatch<br />WordPressAntiVirus<br />
    5. 5. Securing Your Site (Intermediate)<br />Change the wp_ table prefix<br />http://www.seoegghead.com/software/wordpress-table-rename.seo<br />Disable anonymous ftp in cPanel<br />Change “admin” name in wp_userstable using phpMyAdmin<br />Move your .htaccess file to wp-admin directory<br />Delete the wp-admin/install.php<br />Delete the readme.html<br />
    6. 6. Securing Your Site (Advanced)<br />Disable directory views with .htaccess file<br />Options –Indexes<br />Verify and fix file/folder permissions<br />Add secret keys to wp-config.php<br />http://api.wordpress.org/secret-key/1.1/<br />
    7. 7. Backing Up Your Site<br />Manual Backups<br />Download theme<br />Download plugins folder<br />Download uploads folder<br />Download wp-config.php <br />Export database sqlfile using phpMyAdmin<br />
    8. 8. Backing Up Your Site<br />Automated cPanel Backups<br />Yourdomainname.com/cpanel<br />Files->Backup Wizard<br />Automated Backups using Plugins<br /><ul><li>WP-DBManager (content & database)
    9. 9. Wordpress Database Backup (database only)
    10. 10. Automatic Wordpress Backup (content & database to S3) http://aws.amazon.com/s3/
    11. 11. BackupBuddy(premium plugin - content & database)</li></li></ul><li>Restoring Your Site<br />Manual Restore<br />Delete old WordPress files & directories (do not uninstall)<br />Upload new WordPress files from fresh WP zip file (do not install, just upload)<br />Upload your theme backup<br />Upload pluginsfolder backup<br />Upload uploads folder backup<br />Upload wp-config.php backup <br />Delete old tables in database but keep the database, then import backup sql file using phpMyAdmin<br />
    12. 12. Restoring Your Site<br />Automated cPanel Restore<br />cPanelFilesBackupsRestore<br />Automated Restore using Plugins<br /><ul><li>WP-DBManager (database restore)
    13. 13. Automatic WordPress Backup (content & database restore)
    14. 14. BackupBuddy (content & database restore)</li></li></ul><li>Happy Blogging With WordPress<br />Now that your site is secure and backed up, you can relax and enjoy your site.<br />Carole Bonds<br />AgentEvolution<br />carole@agentevolution.com<br />

    ×