Your SlideShare is downloading. ×
10 Ways to Secure WordPress
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

10 Ways to Secure WordPress

885
views

Published on

Learn 10 easy ways to make your WordPress site secure.

Learn 10 easy ways to make your WordPress site secure.

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
885
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
20
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Transcript

    • 1. Fort Collins WordPress MeetupOctober 30, 2012
    • 2. Jeremy GreenWordPress Developer at Endo CreativeOrganizer of the Fort CollinsWordPress Meetup@greenhornet79endocreative.com
    • 3. 10 Ways toSecure WordPress
    • 4. What is a hack?Taking advantage of aknown weakness
    • 5. Why?• link spam• spam• spread malware/virus• criminal activity
    • 6. Is WordPress secure?• No such thing as 100% secure• Updated regularly to address security issues• Do your part
    • 7. Websites are a Responsibility• Easy, but complicated• You control how secure your site is• Ongoing attention and upkeep is a minimal requirement
    • 8. 1. Use Strong Passwords• Use password generators• Keep track using 1Password or LastPass• This includes site, database, FTP, etc.• strongpasswordgenerator.com
    • 9. 2. Update, Update, Update!• Keep WordPress up to date• Keep plugins up to date• Easy to do from the Dashboard
    • 10. 3. Solid Backup Plan• Backup before updating• Restore from backup if hacked• WPB2D, Backup Buddy, VaultPress
    • 11. 4. Don’t use “admin”• Gives hackers a leg up• Use a different username• Delete if it exists
    • 12. 5. Delete unused files• Delete unused themes• Delete unused plugins• Can be a security risk, even if deactivated
    • 13. 6. Limit permissions• Give users minimal required access• set file permissions at 644 and folders at 755• http://codex.wordpress.org/Changing_File_Permissions
    • 14. 7. Choose quality hosting• Don’t use cheap, shared hosting• Bluehost, DreamHost, Laughing Squid• WPEngine, ZippyKid• http://wordpress.org/hosting/
    • 15. 8. Change Table Prefix• Default is wp_• Use something unique
    • 16. 9. Access site through SFTP• FTP doesn’t encrypt data• Ask your host to setup SFTP• Hackers can’t sniff credentials
    • 17. 10. Check plugin stats• Number of downloads• When was it last updated• Plugin rating
    • 18. Resources• http://codex.wordpress.org/Hardening_WordPress• http://codex.wordpress.org/Changing_File_Permissions• http://blog.sucuri.net/• http://codex.wordpress.org/FAQ_My_site_was_hacked
    • 19. Resources• Sucuri.net• VaultPress• Backup Buddy• WordPress Backup to Dropbox• WPEngine• 1Password• LastPass• LoginLockdown
    • 20. Questions?