WordPress Security      Four Steps to Protect Your Website
Why Bother?• Hackers do illegal stuff with your site, and  you may be liable. Phishing, Spam• Protect your hard-won SEO re...
4 Essential Steps  1.   Backup  2.   Protect / Tweak  3.   Monitor  4.   Analyze
Backups - No excuses •   Use the cPanel backup wizard weekly •   Automate with DBC Backup •   Backup to the cloud with WP ...
Protect✓   Ze’s Admin Update Notification         http://wordpress.org/extend/plugins/zes-admin-update-notification/✓   Bull...
Protect✓   TAC - Theme Authenticity Checker        http://wordpress.org/extend/plugins/tac/✓   Limit Login Attempts       ...
Tweak• File Permissions and location  •   command line: chmod 640 wp-config.php  •   Use cPanel File Manager  •   put wp-co...
Monitor• You can visually inspect your page every  day, but why not automate it?!• ChangeDetection.com - FREE• http://site...
Analyze• Google Analyticator / Google Webmaster      Tools  •    http://wordpress.org/extend/plugins/google-analyticator/•...
Sustainable Websites• Take responsibility for their presence on  the internet, their affect on people, and on  the earth• ...
SustainableWebsites.com • Secured cPanel servers • Easy backups • Automatic WordPress installation via   Fantastico • Auto...
Credits & etcPhotos used with permission by Creative Commons License:http://creativecommons.org/licenses/by/2.0/deed.enPla...
Upcoming SlideShare
Loading in …5
×

WordPress Security

1,501 views
1,464 views

Published on

WordPress Security is important! An ounce of prevention is worth a pound of cure. Learn four critical steps to protect your WordPress web site.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,501
On SlideShare
0
From Embeds
0
Number of Embeds
445
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • http://www.wptavern.com/top-5-wordpress-security-tips-you-most-likely-dont-follow\n
  • \n
  • Google Analytics is free and can tell you lots about what people are looking at on your site.\nGoogle Webmaster tools can alert you \n\n
  • \n
  • \n
  • \n
  • WordPress Security

    1. 1. WordPress Security Four Steps to Protect Your Website
    2. 2. Why Bother?• Hackers do illegal stuff with your site, and you may be liable. Phishing, Spam• Protect your hard-won SEO reputation• Protect yourself, your customers, and site visitors
    3. 3. 4 Essential Steps 1. Backup 2. Protect / Tweak 3. Monitor 4. Analyze
    4. 4. Backups - No excuses • Use the cPanel backup wizard weekly • Automate with DBC Backup • Backup to the cloud with WP S3 Backups • Schedule depends on amount of content
    5. 5. Protect✓ Ze’s Admin Update Notification http://wordpress.org/extend/plugins/zes-admin-update-notification/✓ Bulletproof Security http://wordpress.org/extend/plugins/bulletproof-security/✓ Hash Checker http://wordpress.org/extend/plugins/hashchecker/
    6. 6. Protect✓ TAC - Theme Authenticity Checker http://wordpress.org/extend/plugins/tac/✓ Limit Login Attempts http://wordpress.org/extend/plugins/login-lockdown/✓ Secure WordPress http://wordpress.org/extend/plugins/secure-wordpress/
    7. 7. Tweak• File Permissions and location • command line: chmod 640 wp-config.php • Use cPanel File Manager • put wp-config.php one level above public_html (so it’s not publicly accessible)• Delete ‘admin’ user, use your own name• Change table prefix, something other than wp_ • Use phpMyAdmin in cPanel and this article: http://bit.ly/wp-prefix
    8. 8. Monitor• You can visually inspect your page every day, but why not automate it?!• ChangeDetection.com - FREE• http://site24x7.com/monitor-webpage- defacement.html
    9. 9. Analyze• Google Analyticator / Google Webmaster Tools • http://wordpress.org/extend/plugins/google-analyticator/• Firefox User Agent Tool • https://addons.mozilla.org/en-US/firefox/addon/59/ • Safari: Develop Menu, User Agent: use one from http://www.useragentstring.com/• Check log files for suspicious activity • cPanel - awstats
    10. 10. Sustainable Websites• Take responsibility for their presence on the internet, their affect on people, and on the earth• Don’t waste energy with spam• Don’t waste people’s time with spam links• Don’t install malware on people’s computers
    11. 11. SustainableWebsites.com • Secured cPanel servers • Easy backups • Automatic WordPress installation via Fantastico • Automatic notification of out-of-date scripts • Energy Efficient, Green Powered
    12. 12. Credits & etcPhotos used with permission by Creative Commons License:http://creativecommons.org/licenses/by/2.0/deed.enPlaymobil: http://www.flickr.com/photos/nedrichards/56919158/Wind turbines: iStockPhoto.comThanks WordPress community!Ross Chapman, Luke Fretwell, Mani Sheriar, Maiya Holliday, more customersThese slides may go out of date but the four steps have less likelihood of doing so. Evenso, following these steps may not guarantee your site against hacking and there is noimplied warrantee to the fitness of the information in this document for your uniquesetup. Stay up to date on security via more sources than just this slideshow.© Sustainable Websites LLCCreative Commons Licensehttp://SustainableWebsites.com/contact+1-888-755-843693 S Jackson St #58069Seattle WA 98103

    ×