SlideShare a Scribd company logo

Staying Connected: Securing Your WordPress Website

Raymund Mitchell
Raymund Mitchell

The popularity of WordPress has made it a tempting and lucrative target for hackers, crooks and assorted bad guys. With some common sense and a few, relatively easy to use tools, business owners who use WordPress can make their site more challenging for those looking to compromise vulnerable websites.

Internet
1 of 24
Download to read offline
STAYING CONNECTED: SecuringYour WordPress Website
About Me ● Designer / Developer /Consultant at SixFour Web Design ● SixFour Web Design specializes in helping Small Businesses and Non-Profits maximize their Web Presence ● We Believe “Even Small Businesses Deserve a Nice Website”
Some WordPress Background and what it means for Security ● Increasingly,WordPress powers the internet ● Over 20% of all websites are WordPress based and over 60% of websites that use a CMS use WordPress
Some WordPress Background and what it means for Security ● Increasingly,WordPress powers the internet ● Over 20% of all websites are WordPress based and over 60% of websites that use a CMS use WordPress* ● “There are no viruses for Mac's” ● That's because only pretentious, hipster designers use them (just kidding (not really)) ● It's ALMOST too easy to use ● One-Click-Installs, themes and plugins have democratized the internet. Ease of Use ≠ Set and Forget *W3techs monthly technology survey – http://w3techs.com/technologies/overview/content_management/all/
Why Do They Want To Hack My Little Site? ● Most times, it's not for the content or data on your site, but what your site can do – Drive by Downloads/Malicious Downloads – Email Spam – SEO Spam – Access your server for malicious tasks (botnets) – Hactivism - your politics are not mine
So,How Can I Protect My Site ● Practice good hygiene ● Take advantage of tools and best practices ● Don't put your head in the sand.Take Action! Do Something!
The Three Steps To Securing A WordPress Site ● Manage Site Owner Behaviors ● Don't be your worst enemy. Do things that make your site more secure ● Control User Behaviors ● Don't let others intentionally or unintentionally compromise your site ● Frustrate The Bad Guys ● Frustrate, because as long as you're connected to the internet, you can't guarantee you wont get hacked.
Managing Site Owner Behavior ● Skip the One-Click-Install ● It's not hard to do it from scratch - https://codex.wordpress.org/Installing_WordPress ● Keep WordPress Core and Plugins Updated ● Use a “Safe”Theme and Plugins, from the WordPress repository or from known vendors
Managing Site Owner Behavior ● Don't use admin or other easily guessed user names ● Make sure your own password is strong
Archer – Mole Hunt https://youtu.be/UduILWi2p6s
Managing Site Owner Behavior ● Don't use admin or other easily guessed user names ● Make sure your own password is strong ● Don't underpay for hosting ● Backup your website regularly- database and content and keep copies off-site ● Keep your computer's antivirus up to date
Controlling User Behavior ● Require the use of strong passwords ● Require complex passwords, especially if you allow people to sign up as subscribers, contributors, or members ● Given the chance, people would use "1" as their password ● Remove unnecessary users ● Do they still work here? ● Manage user roles appropriately ● Do they really need Admin access?
Frustrate The Bad Guys ● Limit brute force attacks ● Use two factor authentication ● Scan your site regularly for Malware ● Use the salts ● Use .htaccess to protect your site ● or, Use a security plugin
Security Plugins
Additional Resources ● Hardening WordPress ● http://codex.wordpress.org/Hardening_WordPress ● Reducing Comment Spam ● https://github.com/splorp/wordpress-comment- blacklist
Questions & Contact Info @sixfourweb on Twitter Connect with me on LinkedIn (bit.ly/raymitchell) – Let me know we met at #WCAVL Visit sixfourweb.com and unsuckywebsite.com

Recommended

Resources and lessons for using WordPress in your business
Resources and lessons for using WordPress in your businessResources and lessons for using WordPress in your business
Resources and lessons for using WordPress in your businessSteven Slack
 
Empathetc Development
Empathetc DevelopmentEmpathetc Development
Empathetc DevelopmentKyle Evans
 
WordCamp Mumbai 2017: How to get more involved with WordPress
WordCamp Mumbai 2017: How to get more involved with WordPressWordCamp Mumbai 2017: How to get more involved with WordPress
WordCamp Mumbai 2017: How to get more involved with WordPressRocío Valdivia
 
10 things Not To Do With WordPress
10 things Not To Do With WordPress10 things Not To Do With WordPress
10 things Not To Do With WordPressRicky Blacker
 
WordPress Site Management - Keeping Your Creation Happy, Healthy and Secure
WordPress Site Management - Keeping Your Creation Happy, Healthy and SecureWordPress Site Management - Keeping Your Creation Happy, Healthy and Secure
WordPress Site Management - Keeping Your Creation Happy, Healthy and SecureMeagan Hanes
 
10 Things Not To Do With WordPress
10 Things Not To Do With WordPress10 Things Not To Do With WordPress
10 Things Not To Do With WordPressWordPress Sydney
 
Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress SecurityNile Flores
 
Pitch Perfect: Agency Secrets to Winning More Business
Pitch Perfect: Agency Secrets to Winning More BusinessPitch Perfect: Agency Secrets to Winning More Business
Pitch Perfect: Agency Secrets to Winning More BusinessWP Engine
 

Recommended

Resources and lessons for using WordPress in your business
Resources and lessons for using WordPress in your businessResources and lessons for using WordPress in your business
Resources and lessons for using WordPress in your businessSteven Slack
 
Empathetc Development
Empathetc DevelopmentEmpathetc Development
Empathetc DevelopmentKyle Evans
 
WordCamp Mumbai 2017: How to get more involved with WordPress
WordCamp Mumbai 2017: How to get more involved with WordPressWordCamp Mumbai 2017: How to get more involved with WordPress
WordCamp Mumbai 2017: How to get more involved with WordPressRocío Valdivia
 
10 things Not To Do With WordPress
10 things Not To Do With WordPress10 things Not To Do With WordPress
10 things Not To Do With WordPressRicky Blacker
 
WordPress Site Management - Keeping Your Creation Happy, Healthy and Secure
WordPress Site Management - Keeping Your Creation Happy, Healthy and SecureWordPress Site Management - Keeping Your Creation Happy, Healthy and Secure
WordPress Site Management - Keeping Your Creation Happy, Healthy and SecureMeagan Hanes
 
10 Things Not To Do With WordPress
10 Things Not To Do With WordPress10 Things Not To Do With WordPress
10 Things Not To Do With WordPressWordPress Sydney
 
Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress SecurityNile Flores
 
Pitch Perfect: Agency Secrets to Winning More Business
Pitch Perfect: Agency Secrets to Winning More BusinessPitch Perfect: Agency Secrets to Winning More Business
Pitch Perfect: Agency Secrets to Winning More BusinessWP Engine
 
WordPress Melbourne June Meetup
WordPress Melbourne June MeetupWordPress Melbourne June Meetup
WordPress Melbourne June MeetupAaron Rutley
 
Client-friendly WordPress Websites
Client-friendly WordPress WebsitesClient-friendly WordPress Websites
Client-friendly WordPress WebsitesAaron Rutley
 
Don't lose revenue. Go viral with no downtime.
Don't lose revenue. Go viral with no downtime.Don't lose revenue. Go viral with no downtime.
Don't lose revenue. Go viral with no downtime.WP Engine
 
Building and future-proofing your WordPress sites with the Genesis Framework
Building and future-proofing your WordPress sites with the Genesis FrameworkBuilding and future-proofing your WordPress sites with the Genesis Framework
Building and future-proofing your WordPress sites with the Genesis FrameworkWP Engine
 
Top 10 WordPress Plugins
Top 10 WordPress PluginsTop 10 WordPress Plugins
Top 10 WordPress PluginsManny Sarmiento
 
Webinar - Accessibility: The journey.
Webinar - Accessibility: The journey.Webinar - Accessibility: The journey.
Webinar - Accessibility: The journey.WP Engine
 
Smart Development-Happy Clients
Smart Development-Happy ClientsSmart Development-Happy Clients
Smart Development-Happy ClientsAbhishek Rijal
 
How to set up a website
How to set up a websiteHow to set up a website
How to set up a websitejosephlyman15
 
WordPress Management & Marketing Tools
WordPress Management & Marketing ToolsWordPress Management & Marketing Tools
WordPress Management & Marketing ToolsWP Engine
 
Top 8 Tools To Optimize Your Work Day!
Top 8 Tools To Optimize Your Work Day!Top 8 Tools To Optimize Your Work Day!
Top 8 Tools To Optimize Your Work Day!Manny Sarmiento
 
Webinar: On-Page SEO Tips and Tricks
Webinar: On-Page SEO Tips and TricksWebinar: On-Page SEO Tips and Tricks
Webinar: On-Page SEO Tips and TricksWP Engine
 
Introduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedIntroduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedNile Flores
 
WordPress security & sanitation for beginners
WordPress security & sanitation for beginnersWordPress security & sanitation for beginners
WordPress security & sanitation for beginnersD'nelle Dowis
 
WordPress Best Practices / Sh*t You Shouldn't Do
WordPress Best Practices / Sh*t You Shouldn't DoWordPress Best Practices / Sh*t You Shouldn't Do
WordPress Best Practices / Sh*t You Shouldn't DoKai Armstrong
 
Teaching Your Clients How to Use WordPress
Teaching Your Clients How to Use WordPressTeaching Your Clients How to Use WordPress
Teaching Your Clients How to Use WordPressNile Flores
 
Security Webinar: Harden the Heart of Your WordPress SiteSe
Security Webinar: Harden the Heart of Your WordPress SiteSeSecurity Webinar: Harden the Heart of Your WordPress SiteSe
Security Webinar: Harden the Heart of Your WordPress SiteSeWP Engine
 
Webinar: You Are Too Cheap!
Webinar: You Are Too Cheap! Webinar: You Are Too Cheap!
Webinar: You Are Too Cheap! WP Engine
 
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017Bhushan Jawle
 
wp cli- don’t fear the command line
wp cli- don’t fear the command linewp cli- don’t fear the command line
wp cli- don’t fear the command lineDwayne McDaniel
 
WordPress Developer tools
WordPress Developer toolsWordPress Developer tools
WordPress Developer toolsSudar Muthu
 
SEO goes Local
SEO goes LocalSEO goes Local
SEO goes LocalRich Owings
 
The Goldilocks Zone: Finding the Perfect Length for Blog Posts
The Goldilocks Zone: Finding the Perfect Length for Blog PostsThe Goldilocks Zone: Finding the Perfect Length for Blog Posts
The Goldilocks Zone: Finding the Perfect Length for Blog PostsSarah Giavedoni
 

More Related Content

What's hot

WordPress Melbourne June Meetup
WordPress Melbourne June MeetupWordPress Melbourne June Meetup
WordPress Melbourne June MeetupAaron Rutley
 
Client-friendly WordPress Websites
Client-friendly WordPress WebsitesClient-friendly WordPress Websites
Client-friendly WordPress WebsitesAaron Rutley
 
Don't lose revenue. Go viral with no downtime.
Don't lose revenue. Go viral with no downtime.Don't lose revenue. Go viral with no downtime.
Don't lose revenue. Go viral with no downtime.WP Engine
 
Building and future-proofing your WordPress sites with the Genesis Framework
Building and future-proofing your WordPress sites with the Genesis FrameworkBuilding and future-proofing your WordPress sites with the Genesis Framework
Building and future-proofing your WordPress sites with the Genesis FrameworkWP Engine
 
Top 10 WordPress Plugins
Top 10 WordPress PluginsTop 10 WordPress Plugins
Top 10 WordPress PluginsManny Sarmiento
 
Webinar - Accessibility: The journey.
Webinar - Accessibility: The journey.Webinar - Accessibility: The journey.
Webinar - Accessibility: The journey.WP Engine
 
Smart Development-Happy Clients
Smart Development-Happy ClientsSmart Development-Happy Clients
Smart Development-Happy ClientsAbhishek Rijal
 
How to set up a website
How to set up a websiteHow to set up a website
How to set up a websitejosephlyman15
 
WordPress Management & Marketing Tools
WordPress Management & Marketing ToolsWordPress Management & Marketing Tools
WordPress Management & Marketing ToolsWP Engine
 
Top 8 Tools To Optimize Your Work Day!
Top 8 Tools To Optimize Your Work Day!Top 8 Tools To Optimize Your Work Day!
Top 8 Tools To Optimize Your Work Day!Manny Sarmiento
 
Webinar: On-Page SEO Tips and Tricks
Webinar: On-Page SEO Tips and TricksWebinar: On-Page SEO Tips and Tricks
Webinar: On-Page SEO Tips and TricksWP Engine
 
Introduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedIntroduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedNile Flores
 
WordPress security & sanitation for beginners
WordPress security & sanitation for beginnersWordPress security & sanitation for beginners
WordPress security & sanitation for beginnersD'nelle Dowis
 
WordPress Best Practices / Sh*t You Shouldn't Do
WordPress Best Practices / Sh*t You Shouldn't DoWordPress Best Practices / Sh*t You Shouldn't Do
WordPress Best Practices / Sh*t You Shouldn't DoKai Armstrong
 
Teaching Your Clients How to Use WordPress
Teaching Your Clients How to Use WordPressTeaching Your Clients How to Use WordPress
Teaching Your Clients How to Use WordPressNile Flores
 
Security Webinar: Harden the Heart of Your WordPress SiteSe
Security Webinar: Harden the Heart of Your WordPress SiteSeSecurity Webinar: Harden the Heart of Your WordPress SiteSe
Security Webinar: Harden the Heart of Your WordPress SiteSeWP Engine
 
Webinar: You Are Too Cheap!
Webinar: You Are Too Cheap! Webinar: You Are Too Cheap!
Webinar: You Are Too Cheap! WP Engine
 
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017Bhushan Jawle
 
wp cli- don’t fear the command line
wp cli- don’t fear the command linewp cli- don’t fear the command line
wp cli- don’t fear the command lineDwayne McDaniel
 
WordPress Developer tools
WordPress Developer toolsWordPress Developer tools
WordPress Developer toolsSudar Muthu
 

What's hot (20)

WordPress Melbourne June Meetup
WordPress Melbourne June MeetupWordPress Melbourne June Meetup
WordPress Melbourne June Meetup
 
Client-friendly WordPress Websites
Client-friendly WordPress WebsitesClient-friendly WordPress Websites
Client-friendly WordPress Websites
 
Don't lose revenue. Go viral with no downtime.
Don't lose revenue. Go viral with no downtime.Don't lose revenue. Go viral with no downtime.
Don't lose revenue. Go viral with no downtime.
 
Building and future-proofing your WordPress sites with the Genesis Framework
Building and future-proofing your WordPress sites with the Genesis FrameworkBuilding and future-proofing your WordPress sites with the Genesis Framework
Building and future-proofing your WordPress sites with the Genesis Framework
 
Top 10 WordPress Plugins
Top 10 WordPress PluginsTop 10 WordPress Plugins
Top 10 WordPress Plugins
 
Webinar - Accessibility: The journey.
Webinar - Accessibility: The journey.Webinar - Accessibility: The journey.
Webinar - Accessibility: The journey.
 
Smart Development-Happy Clients
Smart Development-Happy ClientsSmart Development-Happy Clients
Smart Development-Happy Clients
 
How to set up a website
How to set up a websiteHow to set up a website
How to set up a website
 
WordPress Management & Marketing Tools
WordPress Management & Marketing ToolsWordPress Management & Marketing Tools
WordPress Management & Marketing Tools
 
Top 8 Tools To Optimize Your Work Day!
Top 8 Tools To Optimize Your Work Day!Top 8 Tools To Optimize Your Work Day!
Top 8 Tools To Optimize Your Work Day!
 
Webinar: On-Page SEO Tips and Tricks
Webinar: On-Page SEO Tips and TricksWebinar: On-Page SEO Tips and Tricks
Webinar: On-Page SEO Tips and Tricks
 
Introduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedIntroduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website Speed
 
WordPress security & sanitation for beginners
WordPress security & sanitation for beginnersWordPress security & sanitation for beginners
WordPress security & sanitation for beginners
 
WordPress Best Practices / Sh*t You Shouldn't Do
WordPress Best Practices / Sh*t You Shouldn't DoWordPress Best Practices / Sh*t You Shouldn't Do
WordPress Best Practices / Sh*t You Shouldn't Do
 
Teaching Your Clients How to Use WordPress
Teaching Your Clients How to Use WordPressTeaching Your Clients How to Use WordPress
Teaching Your Clients How to Use WordPress
 
Security Webinar: Harden the Heart of Your WordPress SiteSe
Security Webinar: Harden the Heart of Your WordPress SiteSeSecurity Webinar: Harden the Heart of Your WordPress SiteSe
Security Webinar: Harden the Heart of Your WordPress SiteSe
 
Webinar: You Are Too Cheap!
Webinar: You Are Too Cheap! Webinar: You Are Too Cheap!
Webinar: You Are Too Cheap!
 
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
 
wp cli- don’t fear the command line
wp cli- don’t fear the command linewp cli- don’t fear the command line
wp cli- don’t fear the command line
 
WordPress Developer tools
WordPress Developer toolsWordPress Developer tools
WordPress Developer tools
 

Viewers also liked

The Goldilocks Zone: Finding the Perfect Length for Blog Posts
The Goldilocks Zone: Finding the Perfect Length for Blog PostsThe Goldilocks Zone: Finding the Perfect Length for Blog Posts
The Goldilocks Zone: Finding the Perfect Length for Blog PostsSarah Giavedoni
 
Creating a Promo Video using Your iPad and Editing with iMovie for iPad
Creating a Promo Video using Your iPad and Editing with iMovie for iPadCreating a Promo Video using Your iPad and Editing with iMovie for iPad
Creating a Promo Video using Your iPad and Editing with iMovie for iPadNew Tricks
 
WordCamp Asheville 2015 - Connections
WordCamp Asheville 2015 - ConnectionsWordCamp Asheville 2015 - Connections
WordCamp Asheville 2015 - ConnectionsCarrie Dils
 
WordCamp Birmingham 2014: SEO Workshop: Best Practices for Better Website Tra...
WordCamp Birmingham 2014: SEO Workshop: Best Practices for Better Website Tra...WordCamp Birmingham 2014: SEO Workshop: Best Practices for Better Website Tra...
WordCamp Birmingham 2014: SEO Workshop: Best Practices for Better Website Tra...Mickey Mellen
 
Building Accessible Websites in WordPress - Birmingham WordCamp 2014
Building Accessible Websites in WordPress - Birmingham WordCamp 2014Building Accessible Websites in WordPress - Birmingham WordCamp 2014
Building Accessible Websites in WordPress - Birmingham WordCamp 2014Nancy Thanki
 
Sanitizing, Validating and Escaping in WordPress Themes and Plugins
Sanitizing, Validating and Escaping in WordPress Themes and PluginsSanitizing, Validating and Escaping in WordPress Themes and Plugins
Sanitizing, Validating and Escaping in WordPress Themes and PluginsMicah Wood
 
Typography and User Experience in Web Design
Typography and User Experience in Web DesignTypography and User Experience in Web Design
Typography and User Experience in Web DesignSara Cannon
 
Why we publish -- WordCamp Birmingham 2014
Why we publish -- WordCamp Birmingham 2014Why we publish -- WordCamp Birmingham 2014
Why we publish -- WordCamp Birmingham 2014Brian Krogsgard
 
Accessible Websites: What are they and why should I care?
Accessible Websites: What are they and why should I care?Accessible Websites: What are they and why should I care?
Accessible Websites: What are they and why should I care?Nancy Thanki
 
Demystifying Accessible Websites - WCUS 2015
Demystifying Accessible Websites - WCUS 2015Demystifying Accessible Websites - WCUS 2015
Demystifying Accessible Websites - WCUS 2015Nancy Thanki
 
Let's Encrypt! Wait. Why? How? - WC Pune
Let's Encrypt! Wait. Why? How? - WC PuneLet's Encrypt! Wait. Why? How? - WC Pune
Let's Encrypt! Wait. Why? How? - WC PuneNancy Thanki
 
The GPL: What It Means (And What It Doesn't) - WC Udaipur
The GPL: What It Means (And What It Doesn't) - WC UdaipurThe GPL: What It Means (And What It Doesn't) - WC Udaipur
The GPL: What It Means (And What It Doesn't) - WC UdaipurNancy Thanki
 
Website Design with UX in Mind
Website Design with UX in MindWebsite Design with UX in Mind
Website Design with UX in MindMelissa Eggleston
 
WordCamp Seattle 2011 Presentation
WordCamp Seattle 2011 PresentationWordCamp Seattle 2011 Presentation
WordCamp Seattle 2011 PresentationBobWP.com
 
Design and Development Techniques for Accessibility: WordCamp Tampa 2015
Design and Development Techniques for Accessibility: WordCamp Tampa 2015Design and Development Techniques for Accessibility: WordCamp Tampa 2015
Design and Development Techniques for Accessibility: WordCamp Tampa 2015Robert Jolly
 
WorryProof WordPress - Backup Strategies for Your Web Site
WorryProof WordPress - Backup Strategies for Your Web SiteWorryProof WordPress - Backup Strategies for Your Web Site
WorryProof WordPress - Backup Strategies for Your Web SiteNathan Ingram
 
Debugging common errors in WordPress by Steve Mortiboy
Debugging common errors in WordPress by Steve MortiboyDebugging common errors in WordPress by Steve Mortiboy
Debugging common errors in WordPress by Steve MortiboySteve Mortiboy
 
A Plugin For That presentation
A Plugin For That presentationA Plugin For That presentation
A Plugin For That presentationmarnafriedman
 

Viewers also liked (20)

SEO goes Local
SEO goes LocalSEO goes Local
SEO goes Local
 
The Goldilocks Zone: Finding the Perfect Length for Blog Posts
The Goldilocks Zone: Finding the Perfect Length for Blog PostsThe Goldilocks Zone: Finding the Perfect Length for Blog Posts
The Goldilocks Zone: Finding the Perfect Length for Blog Posts
 
Creating a Promo Video using Your iPad and Editing with iMovie for iPad
Creating a Promo Video using Your iPad and Editing with iMovie for iPadCreating a Promo Video using Your iPad and Editing with iMovie for iPad
Creating a Promo Video using Your iPad and Editing with iMovie for iPad
 
WordCamp Asheville 2015 - Connections
WordCamp Asheville 2015 - ConnectionsWordCamp Asheville 2015 - Connections
WordCamp Asheville 2015 - Connections
 
WordCamp Birmingham 2014: SEO Workshop: Best Practices for Better Website Tra...
WordCamp Birmingham 2014: SEO Workshop: Best Practices for Better Website Tra...WordCamp Birmingham 2014: SEO Workshop: Best Practices for Better Website Tra...
WordCamp Birmingham 2014: SEO Workshop: Best Practices for Better Website Tra...
 
Building Accessible Websites in WordPress - Birmingham WordCamp 2014
Building Accessible Websites in WordPress - Birmingham WordCamp 2014Building Accessible Websites in WordPress - Birmingham WordCamp 2014
Building Accessible Websites in WordPress - Birmingham WordCamp 2014
 
Sanitizing, Validating and Escaping in WordPress Themes and Plugins
Sanitizing, Validating and Escaping in WordPress Themes and PluginsSanitizing, Validating and Escaping in WordPress Themes and Plugins
Sanitizing, Validating and Escaping in WordPress Themes and Plugins
 
Typography and User Experience in Web Design
Typography and User Experience in Web DesignTypography and User Experience in Web Design
Typography and User Experience in Web Design
 
Why we publish -- WordCamp Birmingham 2014
Why we publish -- WordCamp Birmingham 2014Why we publish -- WordCamp Birmingham 2014
Why we publish -- WordCamp Birmingham 2014
 
Accessible Websites: What are they and why should I care?
Accessible Websites: What are they and why should I care?Accessible Websites: What are they and why should I care?
Accessible Websites: What are they and why should I care?
 
Demystifying Accessible Websites - WCUS 2015
Demystifying Accessible Websites - WCUS 2015Demystifying Accessible Websites - WCUS 2015
Demystifying Accessible Websites - WCUS 2015
 
Let's Encrypt! Wait. Why? How? - WC Pune
Let's Encrypt! Wait. Why? How? - WC PuneLet's Encrypt! Wait. Why? How? - WC Pune
Let's Encrypt! Wait. Why? How? - WC Pune
 
The GPL: What It Means (And What It Doesn't) - WC Udaipur
The GPL: What It Means (And What It Doesn't) - WC UdaipurThe GPL: What It Means (And What It Doesn't) - WC Udaipur
The GPL: What It Means (And What It Doesn't) - WC Udaipur
 
Website Design with UX in Mind
Website Design with UX in MindWebsite Design with UX in Mind
Website Design with UX in Mind
 
WordCamp Seattle 2011 Presentation
WordCamp Seattle 2011 PresentationWordCamp Seattle 2011 Presentation
WordCamp Seattle 2011 Presentation
 
Design and Development Techniques for Accessibility: WordCamp Tampa 2015
Design and Development Techniques for Accessibility: WordCamp Tampa 2015Design and Development Techniques for Accessibility: WordCamp Tampa 2015
Design and Development Techniques for Accessibility: WordCamp Tampa 2015
 
WorryProof WordPress - Backup Strategies for Your Web Site
WorryProof WordPress - Backup Strategies for Your Web SiteWorryProof WordPress - Backup Strategies for Your Web Site
WorryProof WordPress - Backup Strategies for Your Web Site
 
Debugging common errors in WordPress by Steve Mortiboy
Debugging common errors in WordPress by Steve MortiboyDebugging common errors in WordPress by Steve Mortiboy
Debugging common errors in WordPress by Steve Mortiboy
 
A Plugin For That presentation
A Plugin For That presentationA Plugin For That presentation
A Plugin For That presentation
 
Caching 101 - WordCamp OC
Caching 101 - WordCamp OCCaching 101 - WordCamp OC
Caching 101 - WordCamp OC
 

Similar to Staying Connected: Securing Your WordPress Website

Why WordPress Works
Why WordPress WorksWhy WordPress Works
Why WordPress Worksbekee
 
Word press beirut 9th meetup march
Word press beirut 9th meetup marchWord press beirut 9th meetup march
Word press beirut 9th meetup marchFadi Nicolas Zahhar
 
How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014Primary Image Ltd
 
Securing your WordPress powered Website
Securing your WordPress powered WebsiteSecuring your WordPress powered Website
Securing your WordPress powered WebsitePratik Jagdishwala
 
Care and feeding of your website
Care and feeding of your websiteCare and feeding of your website
Care and feeding of your websiteShawn DeWolfe
 
ResellerClub Ctrl+F5 - WordPress Security session
ResellerClub Ctrl+F5 - WordPress Security sessionResellerClub Ctrl+F5 - WordPress Security session
ResellerClub Ctrl+F5 - WordPress Security sessionPratik Jagdishwala
 
WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012Angela Bowman
 
WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security EssentialsAngela Bowman
 
Seravo.com: WordPress Security 101
Seravo.com: WordPress Security 101Seravo.com: WordPress Security 101
Seravo.com: WordPress Security 101Seravo
 
Websites for Hackers
Websites for HackersWebsites for Hackers
Websites for HackersChris Antes
 
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017Otto Kekäläinen
 
Securing your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupSecuring your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupOyster Bay Marauders LLC
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites Catch Themes
 
WordPress Security 101: Practical Techniques & Best Practices
WordPress Security 101: Practical Techniques & Best PracticesWordPress Security 101: Practical Techniques & Best Practices
WordPress Security 101: Practical Techniques & Best PracticesJonathan Hall
 
Word press security checklist
Word press security checklistWord press security checklist
Word press security checklistSanjay Dabhoya
 
Responsible [digital] Home Ownership
Responsible [digital] Home OwnershipResponsible [digital] Home Ownership
Responsible [digital] Home OwnershipDenise (Dee) Teal
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressChelsea O'Brien
 
Secrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla RevealedSecrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla RevealedSiteGround.com
 
Protect Your Site: Security Tips For WordPress (GoDaddy "The Campfire" Hangout)
Protect Your Site: Security Tips For WordPress (GoDaddy "The Campfire" Hangout)Protect Your Site: Security Tips For WordPress (GoDaddy "The Campfire" Hangout)
Protect Your Site: Security Tips For WordPress (GoDaddy "The Campfire" Hangout)Joshua McNary
 

Similar to Staying Connected: Securing Your WordPress Website (20)

Why WordPress Works
Why WordPress WorksWhy WordPress Works
Why WordPress Works
 
Word press beirut 9th meetup march
Word press beirut 9th meetup marchWord press beirut 9th meetup march
Word press beirut 9th meetup march
 
How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014
 
Securing your WordPress powered Website
Securing your WordPress powered WebsiteSecuring your WordPress powered Website
Securing your WordPress powered Website
 
Care and feeding of your website
Care and feeding of your websiteCare and feeding of your website
Care and feeding of your website
 
ResellerClub Ctrl+F5 - WordPress Security session
ResellerClub Ctrl+F5 - WordPress Security sessionResellerClub Ctrl+F5 - WordPress Security session
ResellerClub Ctrl+F5 - WordPress Security session
 
Secure wordpress
Secure wordpressSecure wordpress
Secure wordpress
 
WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012
 
WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security Essentials
 
Seravo.com: WordPress Security 101
Seravo.com: WordPress Security 101Seravo.com: WordPress Security 101
Seravo.com: WordPress Security 101
 
Websites for Hackers
Websites for HackersWebsites for Hackers
Websites for Hackers
 
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
 
Securing your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupSecuring your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP Meetup
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites
 
WordPress Security 101: Practical Techniques & Best Practices
WordPress Security 101: Practical Techniques & Best PracticesWordPress Security 101: Practical Techniques & Best Practices
WordPress Security 101: Practical Techniques & Best Practices
 
Word press security checklist
Word press security checklistWord press security checklist
Word press security checklist
 
Responsible [digital] Home Ownership
Responsible [digital] Home OwnershipResponsible [digital] Home Ownership
Responsible [digital] Home Ownership
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your Wordpress
 
Secrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla RevealedSecrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla Revealed
 
Protect Your Site: Security Tips For WordPress (GoDaddy "The Campfire" Hangout)
Protect Your Site: Security Tips For WordPress (GoDaddy "The Campfire" Hangout)Protect Your Site: Security Tips For WordPress (GoDaddy "The Campfire" Hangout)
Protect Your Site: Security Tips For WordPress (GoDaddy "The Campfire" Hangout)
 

Recently uploaded

Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Lucknow
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一3sw2qly1
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 

Recently uploaded (20)

Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Person
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 

Staying Connected: Securing Your WordPress Website

  • 2. About Me ● Designer / Developer /Consultant at SixFour Web Design ● SixFour Web Design specializes in helping Small Businesses and Non-Profits maximize their Web Presence ● We Believe “Even Small Businesses Deserve a Nice Website”
  • 3. Some WordPress Background and what it means for Security ● Increasingly,WordPress powers the internet ● Over 20% of all websites are WordPress based and over 60% of websites that use a CMS use WordPress
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11. Some WordPress Background and what it means for Security ● Increasingly,WordPress powers the internet ● Over 20% of all websites are WordPress based and over 60% of websites that use a CMS use WordPress* ● “There are no viruses for Mac's” ● That's because only pretentious, hipster designers use them (just kidding (not really)) ● It's ALMOST too easy to use ● One-Click-Installs, themes and plugins have democratized the internet. Ease of Use ≠ Set and Forget *W3techs monthly technology survey – http://w3techs.com/technologies/overview/content_management/all/
  • 12. Why Do They Want To Hack My Little Site? ● Most times, it's not for the content or data on your site, but what your site can do – Drive by Downloads/Malicious Downloads – Email Spam – SEO Spam – Access your server for malicious tasks (botnets) – Hactivism - your politics are not mine
  • 13.
  • 14. So,How Can I Protect My Site ● Practice good hygiene ● Take advantage of tools and best practices ● Don't put your head in the sand.Take Action! Do Something!
  • 15. The Three Steps To Securing A WordPress Site ● Manage Site Owner Behaviors ● Don't be your worst enemy. Do things that make your site more secure ● Control User Behaviors ● Don't let others intentionally or unintentionally compromise your site ● Frustrate The Bad Guys ● Frustrate, because as long as you're connected to the internet, you can't guarantee you wont get hacked.
  • 16. Managing Site Owner Behavior ● Skip the One-Click-Install ● It's not hard to do it from scratch - https://codex.wordpress.org/Installing_WordPress ● Keep WordPress Core and Plugins Updated ● Use a “Safe”Theme and Plugins, from the WordPress repository or from known vendors
  • 17. Managing Site Owner Behavior ● Don't use admin or other easily guessed user names ● Make sure your own password is strong
  • 18. Archer – Mole Hunt https://youtu.be/UduILWi2p6s
  • 19. Managing Site Owner Behavior ● Don't use admin or other easily guessed user names ● Make sure your own password is strong ● Don't underpay for hosting ● Backup your website regularly- database and content and keep copies off-site ● Keep your computer's antivirus up to date
  • 20. Controlling User Behavior ● Require the use of strong passwords ● Require complex passwords, especially if you allow people to sign up as subscribers, contributors, or members ● Given the chance, people would use "1" as their password ● Remove unnecessary users ● Do they still work here? ● Manage user roles appropriately ● Do they really need Admin access?
  • 21. Frustrate The Bad Guys ● Limit brute force attacks ● Use two factor authentication ● Scan your site regularly for Malware ● Use the salts ● Use .htaccess to protect your site ● or, Use a security plugin
  • 23. Additional Resources ● Hardening WordPress ● http://codex.wordpress.org/Hardening_WordPress ● Reducing Comment Spam ● https://github.com/splorp/wordpress-comment- blacklist
  • 24. Questions & Contact Info @sixfourweb on Twitter Connect with me on LinkedIn (bit.ly/raymitchell) – Let me know we met at #WCAVL Visit sixfourweb.com and unsuckywebsite.com