Your SlideShare is downloading. ×

10 Ways to Secure WordPress

909

Published on

Learn 10 easy ways to make your WordPress site secure.

Learn 10 easy ways to make your WordPress site secure.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
909
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
20
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Transcript

    • 1. Fort Collins WordPress MeetupOctober 30, 2012
    • 2. Jeremy GreenWordPress Developer at Endo CreativeOrganizer of the Fort CollinsWordPress Meetup@greenhornet79endocreative.com
    • 3. 10 Ways toSecure WordPress
    • 4. What is a hack?Taking advantage of aknown weakness
    • 5. Why?• link spam• spam• spread malware/virus• criminal activity
    • 6. Is WordPress secure?• No such thing as 100% secure• Updated regularly to address security issues• Do your part
    • 7. Websites are a Responsibility• Easy, but complicated• You control how secure your site is• Ongoing attention and upkeep is a minimal requirement
    • 8. 1. Use Strong Passwords• Use password generators• Keep track using 1Password or LastPass• This includes site, database, FTP, etc.• strongpasswordgenerator.com
    • 9. 2. Update, Update, Update!• Keep WordPress up to date• Keep plugins up to date• Easy to do from the Dashboard
    • 10. 3. Solid Backup Plan• Backup before updating• Restore from backup if hacked• WPB2D, Backup Buddy, VaultPress
    • 11. 4. Don’t use “admin”• Gives hackers a leg up• Use a different username• Delete if it exists
    • 12. 5. Delete unused files• Delete unused themes• Delete unused plugins• Can be a security risk, even if deactivated
    • 13. 6. Limit permissions• Give users minimal required access• set file permissions at 644 and folders at 755• http://codex.wordpress.org/Changing_File_Permissions
    • 14. 7. Choose quality hosting• Don’t use cheap, shared hosting• Bluehost, DreamHost, Laughing Squid• WPEngine, ZippyKid• http://wordpress.org/hosting/
    • 15. 8. Change Table Prefix• Default is wp_• Use something unique
    • 16. 9. Access site through SFTP• FTP doesn’t encrypt data• Ask your host to setup SFTP• Hackers can’t sniff credentials
    • 17. 10. Check plugin stats• Number of downloads• When was it last updated• Plugin rating
    • 18. Resources• http://codex.wordpress.org/Hardening_WordPress• http://codex.wordpress.org/Changing_File_Permissions• http://blog.sucuri.net/• http://codex.wordpress.org/FAQ_My_site_was_hacked
    • 19. Resources• Sucuri.net• VaultPress• Backup Buddy• WordPress Backup to Dropbox• WPEngine• 1Password• LastPass• LoginLockdown
    • 20. Questions?

    ×