Your SlideShare is downloading. ×
  • Like
10 Ways to Secure WordPress
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

10 Ways to Secure WordPress

  • 854 views
Published

Learn 10 easy ways to make your WordPress site secure.

Learn 10 easy ways to make your WordPress site secure.

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
854
On SlideShare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
18
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n

Transcript

  • 1. Fort Collins WordPress MeetupOctober 30, 2012
  • 2. Jeremy GreenWordPress Developer at Endo CreativeOrganizer of the Fort CollinsWordPress Meetup@greenhornet79endocreative.com
  • 3. 10 Ways toSecure WordPress
  • 4. What is a hack?Taking advantage of aknown weakness
  • 5. Why?• link spam• spam• spread malware/virus• criminal activity
  • 6. Is WordPress secure?• No such thing as 100% secure• Updated regularly to address security issues• Do your part
  • 7. Websites are a Responsibility• Easy, but complicated• You control how secure your site is• Ongoing attention and upkeep is a minimal requirement
  • 8. 1. Use Strong Passwords• Use password generators• Keep track using 1Password or LastPass• This includes site, database, FTP, etc.• strongpasswordgenerator.com
  • 9. 2. Update, Update, Update!• Keep WordPress up to date• Keep plugins up to date• Easy to do from the Dashboard
  • 10. 3. Solid Backup Plan• Backup before updating• Restore from backup if hacked• WPB2D, Backup Buddy, VaultPress
  • 11. 4. Don’t use “admin”• Gives hackers a leg up• Use a different username• Delete if it exists
  • 12. 5. Delete unused files• Delete unused themes• Delete unused plugins• Can be a security risk, even if deactivated
  • 13. 6. Limit permissions• Give users minimal required access• set file permissions at 644 and folders at 755• http://codex.wordpress.org/Changing_File_Permissions
  • 14. 7. Choose quality hosting• Don’t use cheap, shared hosting• Bluehost, DreamHost, Laughing Squid• WPEngine, ZippyKid• http://wordpress.org/hosting/
  • 15. 8. Change Table Prefix• Default is wp_• Use something unique
  • 16. 9. Access site through SFTP• FTP doesn’t encrypt data• Ask your host to setup SFTP• Hackers can’t sniff credentials
  • 17. 10. Check plugin stats• Number of downloads• When was it last updated• Plugin rating
  • 18. Resources• http://codex.wordpress.org/Hardening_WordPress• http://codex.wordpress.org/Changing_File_Permissions• http://blog.sucuri.net/• http://codex.wordpress.org/FAQ_My_site_was_hacked
  • 19. Resources• Sucuri.net• VaultPress• Backup Buddy• WordPress Backup to Dropbox• WPEngine• 1Password• LastPass• LoginLockdown
  • 20. Questions?