Advertisement
WordPress Security Best Practices
WordPress Security Best Practices
WordPress Security Best Practices
WordPress Security Best Practices
WordPress Security Best Practices
WordPress Security Best Practices
WordPress Security Best Practices
WordPress Security Best Practices
WordPress Security Best Practices
WordPress Security Best Practices
WordPress Security Best Practices
WordPress Security Best Practices
WordPress Security Best Practices

Check these out next

Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007
Vaibhav Gupta
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
Samvel Gevorgyan
Web application attacks
Web application attacks
hruth
Secure Code Warrior - Unrestricted file upload
Secure Code Warrior - Unrestricted file upload
Secure Code Warrior
Secure Code Warrior - Authentication
Secure Code Warrior - Authentication
Secure Code Warrior
MS Innovation Day: A Lap Around Web Application Vulnerabilities by MVP Walter...
MS Innovation Day: A Lap Around Web Application Vulnerabilities by MVP Walter...
Quek Lilian
3. backup file artifacts - mazin ahmed
3. backup file artifacts - mazin ahmed
Rashid Khatmey
Starwest 2008
Starwest 2008
Caleb Sima
1 of 13

WordPress Security Best Practices

Mar. 26, 2019
Download to read offline
Technology

A short presentation on some best practices you should be using to improve your WordPress site's security.

Jason Yingling
Developer at Red8 Interactive
Advertisement
Advertisement
Advertisement

Recommended

Web tools pptWeb tools ppt
Web tools pptTamara Pia Agavi539 views7 slides
Web application Security toolsWeb application Security tools
Web application Security toolsNico Penaredondo1.9K views21 slides
Wordpress malware - What is it and how to protect your website.Wordpress malware - What is it and how to protect your website.
Wordpress malware - What is it and how to protect your website.Owen Cutajar586 views18 slides
A10 - Unvalidated Redirects and ForwardsA10 - Unvalidated Redirects and Forwards
A10 - Unvalidated Redirects and ForwardsShane Stanley5K views15 slides
Php security common 2011Php security common 2011
Php security common 201110n Software, LLC1.4K views39 slides
Become a Security NinjaBecome a Security Ninja
Become a Security NinjaPaul Gilzow740 views84 slides

More Related Content

Slideshows for you(20)

Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007
Vaibhav Gupta1.4K views
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
CROSS-SITE REQUEST FORGERY - IN-DEPTH ANALYSIS 2011
Samvel Gevorgyan3K views
Web application attacksWeb application attacks
Web application attacks
hruth56.2K views
Secure Code Warrior - Unrestricted file uploadSecure Code Warrior - Unrestricted file upload
Secure Code Warrior - Unrestricted file upload
Secure Code Warrior127 views
Secure Code Warrior - AuthenticationSecure Code Warrior - Authentication
Secure Code Warrior - Authentication
Secure Code Warrior347 views
MS Innovation Day: A Lap Around Web Application Vulnerabilities by MVP Walter...MS Innovation Day: A Lap Around Web Application Vulnerabilities by MVP Walter...
MS Innovation Day: A Lap Around Web Application Vulnerabilities by MVP Walter...
Quek Lilian511 views
3. backup file artifacts - mazin ahmed3. backup file artifacts - mazin ahmed
3. backup file artifacts - mazin ahmed
Rashid Khatmey239 views
Starwest 2008Starwest 2008
Starwest 2008
Caleb Sima797 views
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Brian Huff23K views
Joomla Security v3.0Joomla Security v3.0
Joomla Security v3.0
Ajay Lulia3.3K views
Owasp Top 10-2013Owasp Top 10-2013
Owasp Top 10-2013
n|u - The Open Security Community2.9K views
Security 101Security 101
Security 101
George V. Reilly2.1K views
Cyber pptCyber ppt
Cyber ppt
karthik menon1.8K views
T04505103106T04505103106
T04505103106
IJERA Editor236 views
Web Application SecurityWeb Application Security
Web Application Security
Jason Leveille555 views
Content Management System SecurityContent Management System Security
Content Management System Security
Samvel Gevorgyan1K views
A8 cross site request forgery (csrf) it 6873 presentationA8 cross site request forgery (csrf) it 6873 presentation
A8 cross site request forgery (csrf) it 6873 presentation
Albena Asenova-Belal2.2K views
Phpnw security-20111009Phpnw security-20111009
Phpnw security-20111009
Paul Lemon895 views
Web application security: Threats & CountermeasuresWeb application security: Threats & Countermeasures
Web application security: Threats & Countermeasures
Aung Thu Rha Hein7.3K views
Cross Site Request Forgery VulnerabilitiesCross Site Request Forgery Vulnerabilities
Cross Site Request Forgery Vulnerabilities
Marco Morana1.6K views

Similar to WordPress Security Best Practices(20)

Recent cyber AttacksRecent cyber Attacks
Recent cyber Attacks
S.M. Towhidul Islam51 views
Secure webbrowsing 1Secure webbrowsing 1
Secure webbrowsing 1
UT, San Antonio553 views
CROSS SITE SCRIPTING.pptCROSS SITE SCRIPTING.ppt
CROSS SITE SCRIPTING.ppt
yashvirsingh484 views
Web application sec_3Web application sec_3
Web application sec_3
vhimsikal548 views
Types of Cyber AttacksTypes of Cyber Attacks
Types of Cyber Attacks
Rubal Sagwal467 views
Types of cyber attacksTypes of cyber attacks
Types of cyber attacks
krishh sivakrishna26.8K views
Intro to Web Application SecurityIntro to Web Application Security
Intro to Web Application Security
Rob Ragan6.6K views
Top 10 web server security flawsTop 10 web server security flaws
Top 10 web server security flaws
tobybear30878 views
XSS-Alert-Pentration testing toolXSS-Alert-Pentration testing tool
XSS-Alert-Pentration testing tool
Arjun Jain7.7K views
Cyber securityCyber security
Cyber security
Sakib Sami397 views
.NET Security Topics.NET Security Topics
.NET Security Topics
Shawn Gorrell879 views
Web SecurityWeb Security
Web Security
Rita Mehra176 views
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat Modelling
Priyanka Aash4.1K views
Hackers versus Developers and Secure Web ProgrammingHackers versus Developers and Secure Web Programming
Hackers versus Developers and Secure Web Programming
Akash Mahajan2K views
The most Common Website Security ThreatsThe most Common Website Security Threats
The most Common Website Security Threats
HTS Hosting13 views
Why You Need A Web Application FirewallWhy You Need A Web Application Firewall
Why You Need A Web Application Firewall
Port80 Software2.3K views
Cross Site ScriptingCross Site Scripting
Cross Site Scripting
Ali Mattash2.1K views
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture
Priyanka Aash2.5K views
CodeinjectionCodeinjection
Codeinjection
Nitish Kumar998 views
Web application security for java (XSS,Session Fixation)Web application security for java (XSS,Session Fixation)
Web application security for java (XSS,Session Fixation)
Ritesh Raushan1.6K views
Advertisement

More from Jason Yingling(14)

Installing WP-CLI locallyInstalling WP-CLI locally
Installing WP-CLI locally
Jason Yingling101 views
Getting Started with Gutenberg DevelopmentGetting Started with Gutenberg Development
Getting Started with Gutenberg Development
Jason Yingling392 views
Plugin developmentPlugin development
Plugin development
Jason Yingling103 views
Introducing CSS GridIntroducing CSS Grid
Introducing CSS Grid
Jason Yingling2.2K views
Customizing the WordPress CustomizerCustomizing the WordPress Customizer
Customizing the WordPress Customizer
Jason Yingling201 views
Battling Google PageSpeed InsightsBattling Google PageSpeed Insights
Battling Google PageSpeed Insights
Jason Yingling542 views
Putting the Develop in Development Putting the Develop in Development
Putting the Develop in Development
Jason Yingling327 views
Getting to Know Underscores Getting to Know Underscores
Getting to Know Underscores
Jason Yingling1.6K views
Speeding Up WordPress sitesSpeeding Up WordPress sites
Speeding Up WordPress sites
Jason Yingling5.2K views
Creating Dynamic Sidebars & Widgets in WordPressCreating Dynamic Sidebars & Widgets in WordPress
Creating Dynamic Sidebars & Widgets in WordPress
Jason Yingling4.4K views
WordPress Template hierarchyWordPress Template hierarchy
WordPress Template hierarchy
Jason Yingling666 views
Design todevelopDesign todevelop
Design todevelop
Jason Yingling365 views
Ithemes presentationIthemes presentation
Ithemes presentation
Jason Yingling13.5K views
Building Flexible Sites with Advanced Custom FieldsBuilding Flexible Sites with Advanced Custom Fields
Building Flexible Sites with Advanced Custom Fields
Jason Yingling434 views

Recently uploaded(20)

Digital Wallet Develpoment.pdfDigital Wallet Develpoment.pdf
Digital Wallet Develpoment.pdf
Block Coders0 views
TenT-Day04.pptxTenT-Day04.pptx
TenT-Day04.pptx
JohanMyburgh150 views
Video Coding Enhancements for HTTP Adaptive Streaming Using Machine LearningVideo Coding Enhancements for HTTP Adaptive Streaming Using Machine Learning
Video Coding Enhancements for HTTP Adaptive Streaming Using Machine Learning
Alpen-Adria-Universität0 views
From Project to Product: Leaders, Here's What It Means to YouFrom Project to Product: Leaders, Here's What It Means to You
From Project to Product: Leaders, Here's What It Means to You
Cprime0 views
Ch 2.pdfCh 2.pdf
Ch 2.pdf
MuhammadAsif10690 views
Webinar: Bancada de eletrônica profissionalWebinar: Bancada de eletrônica profissional
Webinar: Bancada de eletrônica profissional
Embarcados0 views
DR Guide Process.pdfDR Guide Process.pdf
DR Guide Process.pdf
blackmambaettijean0 views
TenT-Day08.pptxTenT-Day08.pptx
TenT-Day08.pptx
JohanMyburgh150 views
GAME TFT.pdfGAME TFT.pdf
GAME TFT.pdf
AnhTuan7928960 views
GCP LBGCP LB
GCP LB
Rachmat Hidayat0 views
Low code platforms in insurance industry - omnepresent technologies.pdfLow code platforms in insurance industry - omnepresent technologies.pdf
Low code platforms in insurance industry - omnepresent technologies.pdf
OmnePresentTechnolog10 views
Presentation.pptxPresentation.pptx
Presentation.pptx
AyeshaIndunil0 views
TenT-Day09.pptxTenT-Day09.pptx
TenT-Day09.pptx
JohanMyburgh150 views
Invaluable insight of Mix panel !Invaluable insight of Mix panel !
Invaluable insight of Mix panel !
AlexHill8766650 views
Causal Repair of Learning-Enabled Cyber-physical SystemsCausal Repair of Learning-Enabled Cyber-physical Systems
Causal Repair of Learning-Enabled Cyber-physical Systems
Ivan Ruchkin0 views
TenT-Day05.pptxTenT-Day05.pptx
TenT-Day05.pptx
JohanMyburgh150 views
ArTIFICIAL INTELLIGENCE(AI).pptxArTIFICIAL INTELLIGENCE(AI).pptx
ArTIFICIAL INTELLIGENCE(AI).pptx
RedValentine0 views
New Productivity features for Document UnderstandingNew Productivity features for Document Understanding
New Productivity features for Document Understanding
DianaGray100 views
Mega MUG - Marketo and Integration - June 2023Mega MUG - Marketo and Integration - June 2023
Mega MUG - Marketo and Integration - June 2023
Stephanie Tyagita0 views
Real-Time Text and WebRTC @ Kamailio World 2023Real-Time Text and WebRTC @ Kamailio World 2023
Real-Time Text and WebRTC @ Kamailio World 2023
Lorenzo Miniero0 views
Advertisement

WordPress Security Best Practices

  1. BEST PRACTICES FOR WORDPRESS SECURITYJason Yingling (@jason_yingling)
  2. COMMON ATTACKS Cross Site Scripting (XSS) Attackers can inject malicious scripts into a page that can be used to steal data from users. Common Cause(s) Bad / outdated plugins Non-sanitized code
 Not validating input data
  3. COMMON ATTACKS Brute-force Attacks Attackers run scripts to try to crack logins by trying known user and password combos. Common Cause(s) Weak passwords Unlimited login attempts Tip
 https://haveibeenpwned.com/
  4. COMMON ATTACKS SQL Injections Attackers inject SQL into the site’s database, typically through plugin vulnerabilities, allowing them access to the database to do as they please. Common Cause(s) Bad / outdated plugins Non-sanitized code
 Not validating input data
  5. COMMON ATTACKS DDOS Multiple systems are used to target a single site causing it to overload and go down Common Cause(s) Lack of firewalls
  6. PROTECT YOUR LOGIN Don’t use admin username Use strong passwords Hide the login page Two Factor Authentication Limit Login Attempts Plugins iThemes Security WordFence Limit Login Attempts reloaded Pro Tip Use site specific emails: example+domain@gmail.com
  7. KEEP THINGS UP TO DATE Keep WordPress core updated Keep plugins and themes updated Use the latest version of PHP Pro-tip Used managed WordPress hosting
  8. PICK GOOD PLUGINS Trusted sources Recent updates Active installs Check the support forums More Picking Good WordPress Plugins
  9. TAKE FREQUENT BACKUPS Database and file system backups Test backups from time to time Store the backups off server
  10. USE A FIREWALL Protect against known attacks Helps with DDoS mitigation Services Cloudflare Sucuri
  11. USEFUL PLUGINS iThemes Security WordFence Limit Login Attempts Reloaded
  12. SECURITY RESOURCES Kinsta WordPress Security Guide Wordfence - How to Prevent Cross Site Scripting Attacks wpbeginner - The Ultimate WordPress Security Guide WordPress Security: An Introduction to Hardening WordPress
  13. SECURITY QUESTIONS QUESTIONS Twitter: @jason_yingling Email: jason@jasonyingling.me
Advertisement