SlideShare a Scribd company logo

WordPress Security Blitz

Download as ODP, PDF
Nevada Interpreters and Translators Association (NITA)
Nevada Interpreters and Translators Association (NITA)

The document discusses basic WordPress security strategies and plugins to consider. It recommends picking a reliable host, splitting domains and hosting, backing up sites regularly, keeping WordPress and plugins updated, restricting wp-admin access, using strong passwords, and installing security-focused plugins like Akismet, Bad Behavior, and WP Security Scan. Regular server log checks, non-standard database prefixes, avoiding the "admin" user, file permission management, and .htaccess restrictions are also advised. Testing backups, database cleanup, and security audits are suggested along with using a staging server and services like CloudFlare.

TechnologyDesign
1 of 33
Reno Tahoe WordCamp 2010 WordPress Security Blitz!
Why? Content, freshness, SEO, networking, design, stability, functionality, performance, scaling...
Why? Content, freshness, SEO, networking, design, stability, functionality, performance, scaling... ...and now security, too?
Why? ...can't we all just get along?
Why? To leverage your efforts building a thriving community!
Strategy A little bit of effort, some discipline, and LOTS of common sense
Basic Security ,[object Object]
Basic Security ,[object Object]
Split domain and hosting
Basic Security ,[object Object]
Split domain and hosting
Back up (and back up again!)
Basic Security ,[object Object]
Split domain and hosting
Back up (and back up again!)
Keep WP, plugins up-to-date
Basic Security ,[object Object]
Split domain and hosting
Back up (and back up again!)
Keep WP, plugins up-to-date
Move wp-config.php up/out
Basic Security ,[object Object]
Split domain and hosting
Back up (and back up again!)
Keep WP, plugins up-to-date
Move wp-config.php up/out
File permissions (755/644)
Basic Security ,[object Object]
Basic Security ,[object Object]
Regularly check server logs
Basic Security ,[object Object]
Regularly check server logs
Post-Logger (vi-logger.php)

Recommended

WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and Security
Think Media Inc.
 
Presentation to SAIT Students - Dec 2013
Presentation to SAIT Students - Dec 2013Presentation to SAIT Students - Dec 2013
Presentation to SAIT Students - Dec 2013
Think Media Inc.
 
Securing WordPress by Jeff Hoffman
Securing WordPress by Jeff HoffmanSecuring WordPress by Jeff Hoffman
Securing WordPress by Jeff Hoffman
Jeff Hoffman
 
Mysql Quick Start
Mysql Quick StartMysql Quick Start
Mysql Quick Start
Guo Albert
 
WordPress Security Updated - NYC Meetup 2009
WordPress Security Updated - NYC Meetup 2009WordPress Security Updated - NYC Meetup 2009
WordPress Security Updated - NYC Meetup 2009
Brad Williams
 
WordPress Security
WordPress SecurityWordPress Security
WordPress Security
Brad Williams
 
PHPをさわらず作る!デザイナーさんのためのWordPress【超!初級】
PHPをさわらず作る!デザイナーさんのためのWordPress【超!初級】PHPをさわらず作る!デザイナーさんのためのWordPress【超!初級】
PHPをさわらず作る!デザイナーさんのためのWordPress【超!初級】
Mami Kuroki
 
20 tips to Improving Your WordPress Site...for Beginners
20 tips to Improving Your WordPress Site...for Beginners20 tips to Improving Your WordPress Site...for Beginners
20 tips to Improving Your WordPress Site...for Beginners
TRB Design, Inc.
 

Recommended

WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and Security
Think Media Inc.
 
Presentation to SAIT Students - Dec 2013
Presentation to SAIT Students - Dec 2013Presentation to SAIT Students - Dec 2013
Presentation to SAIT Students - Dec 2013
Think Media Inc.
 
Securing WordPress by Jeff Hoffman
Securing WordPress by Jeff HoffmanSecuring WordPress by Jeff Hoffman
Securing WordPress by Jeff Hoffman
Jeff Hoffman
 
Mysql Quick Start
Mysql Quick StartMysql Quick Start
Mysql Quick Start
Guo Albert
 
WordPress Security Updated - NYC Meetup 2009
WordPress Security Updated - NYC Meetup 2009WordPress Security Updated - NYC Meetup 2009
WordPress Security Updated - NYC Meetup 2009
Brad Williams
 
WordPress Security
WordPress SecurityWordPress Security
WordPress Security
Brad Williams
 
PHPをさわらず作る!デザイナーさんのためのWordPress【超!初級】
PHPをさわらず作る!デザイナーさんのためのWordPress【超!初級】PHPをさわらず作る!デザイナーさんのためのWordPress【超!初級】
PHPをさわらず作る!デザイナーさんのためのWordPress【超!初級】
Mami Kuroki
 
20 tips to Improving Your WordPress Site...for Beginners
20 tips to Improving Your WordPress Site...for Beginners20 tips to Improving Your WordPress Site...for Beginners
20 tips to Improving Your WordPress Site...for Beginners
TRB Design, Inc.
 
WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
Dre Armeda
 
High Performance WordPress
High Performance WordPressHigh Performance WordPress
High Performance WordPress
vnsavage
 
8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website
SiteGround.com
 
Word press security basics
Word press security basicsWord press security basics
Word press security basics
East Bay WordPress Meetup
 
VaultPress: A Plugin for your Backup needs
VaultPress: A Plugin for your Backup needsVaultPress: A Plugin for your Backup needs
VaultPress: A Plugin for your Backup needs
Jacklyn Stachurski
 
Battling the WSOD - A Tech Support Tale
Battling the WSOD - A Tech Support TaleBattling the WSOD - A Tech Support Tale
Battling the WSOD - A Tech Support Tale
Kayleigh Thorpe
 
WordCamp Finland 2015 - WordPress Security
WordCamp Finland 2015 - WordPress SecurityWordCamp Finland 2015 - WordPress Security
WordCamp Finland 2015 - WordPress Security
Tiia Rantanen
 
Speed up Your Joomla Site for Ultimate Performance
Speed up Your Joomla Site for Ultimate PerformanceSpeed up Your Joomla Site for Ultimate Performance
Speed up Your Joomla Site for Ultimate Performance
JoomlaDay Australia
 
Leveling Up at JavaScript
Leveling Up at JavaScriptLeveling Up at JavaScript
Leveling Up at JavaScript
Raymond Camden
 
Hidden Secrets For A Hack-Proof Joomla! Site
Hidden Secrets For A Hack-Proof Joomla! SiteHidden Secrets For A Hack-Proof Joomla! Site
Hidden Secrets For A Hack-Proof Joomla! Site
Daniel Kanchev
 
20 Tips to Improving WordPress Website - for Beginners-Aus-2017
20 Tips to Improving WordPress Website - for Beginners-Aus-201720 Tips to Improving WordPress Website - for Beginners-Aus-2017
20 Tips to Improving WordPress Website - for Beginners-Aus-2017
TRB Design, Inc.
 
WordPress security
WordPress securityWordPress security
WordPress security
akshat
 
Wordpress Security Tips
Wordpress Security TipsWordpress Security Tips
Wordpress Security Tips
Lalit Nama
 
WordPress Server Security
WordPress Server SecurityWordPress Server Security
WordPress Server Security
Peter Baylies
 
Securing your WordPress site in 5 easy pieces
Securing your WordPress site in 5 easy piecesSecuring your WordPress site in 5 easy pieces
Securing your WordPress site in 5 easy pieces
Kevin Koehler
 
Now That's What I Call WordPress Security 2010
Now That's What I Call WordPress Security 2010Now That's What I Call WordPress Security 2010
Now That's What I Call WordPress Security 2010
Brad Williams
 
Defeating Cross-Site Scripting with Content Security Policy
Defeating Cross-Site Scripting with Content Security PolicyDefeating Cross-Site Scripting with Content Security Policy
Defeating Cross-Site Scripting with Content Security Policy
Francois Marier
 
Managing WordPress
Managing WordPressManaging WordPress
Managing WordPress
Steven Watts
 
WordPress Speed Optimisation
WordPress Speed OptimisationWordPress Speed Optimisation
WordPress Speed Optimisation
Peter Bui
 
WordPress Security WordCamp OC 2013
WordPress Security WordCamp OC 2013WordPress Security WordCamp OC 2013
WordPress Security WordCamp OC 2013
Brad Williams
 
TMCC 2008 Translator Conference
TMCC 2008 Translator ConferenceTMCC 2008 Translator Conference
TMCC 2008 Translator Conference
Nevada Interpreters and Translators Association (NITA)
 
Tools for translators: some theory & background
Tools for translators: some theory & backgroundTools for translators: some theory & background
Tools for translators: some theory & background
Nevada Interpreters and Translators Association (NITA)
 

More Related Content

What's hot

High Performance WordPress
High Performance WordPressHigh Performance WordPress
High Performance WordPress
vnsavage
 
WordPress Speed Optimisation
WordPress Speed OptimisationWordPress Speed Optimisation
WordPress Speed Optimisation
Peter Bui
 

What's hot (20)

WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
 
High Performance WordPress
High Performance WordPressHigh Performance WordPress
High Performance WordPress
 
8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website
 
Word press security basics
Word press security basicsWord press security basics
Word press security basics
 
VaultPress: A Plugin for your Backup needs
VaultPress: A Plugin for your Backup needsVaultPress: A Plugin for your Backup needs
VaultPress: A Plugin for your Backup needs
 
Battling the WSOD - A Tech Support Tale
Battling the WSOD - A Tech Support TaleBattling the WSOD - A Tech Support Tale
Battling the WSOD - A Tech Support Tale
 
WordCamp Finland 2015 - WordPress Security
WordCamp Finland 2015 - WordPress SecurityWordCamp Finland 2015 - WordPress Security
WordCamp Finland 2015 - WordPress Security
 
Speed up Your Joomla Site for Ultimate Performance
Speed up Your Joomla Site for Ultimate PerformanceSpeed up Your Joomla Site for Ultimate Performance
Speed up Your Joomla Site for Ultimate Performance
 
Leveling Up at JavaScript
Leveling Up at JavaScriptLeveling Up at JavaScript
Leveling Up at JavaScript
 
Hidden Secrets For A Hack-Proof Joomla! Site
Hidden Secrets For A Hack-Proof Joomla! SiteHidden Secrets For A Hack-Proof Joomla! Site
Hidden Secrets For A Hack-Proof Joomla! Site
 
20 Tips to Improving WordPress Website - for Beginners-Aus-2017
20 Tips to Improving WordPress Website - for Beginners-Aus-201720 Tips to Improving WordPress Website - for Beginners-Aus-2017
20 Tips to Improving WordPress Website - for Beginners-Aus-2017
 
WordPress security
WordPress securityWordPress security
WordPress security
 
Wordpress Security Tips
Wordpress Security TipsWordpress Security Tips
Wordpress Security Tips
 
WordPress Server Security
WordPress Server SecurityWordPress Server Security
WordPress Server Security
 
Securing your WordPress site in 5 easy pieces
Securing your WordPress site in 5 easy piecesSecuring your WordPress site in 5 easy pieces
Securing your WordPress site in 5 easy pieces
 
Now That's What I Call WordPress Security 2010
Now That's What I Call WordPress Security 2010Now That's What I Call WordPress Security 2010
Now That's What I Call WordPress Security 2010
 
Defeating Cross-Site Scripting with Content Security Policy
Defeating Cross-Site Scripting with Content Security PolicyDefeating Cross-Site Scripting with Content Security Policy
Defeating Cross-Site Scripting with Content Security Policy
 
Managing WordPress
Managing WordPressManaging WordPress
Managing WordPress
 
WordPress Speed Optimisation
WordPress Speed OptimisationWordPress Speed Optimisation
WordPress Speed Optimisation
 
WordPress Security WordCamp OC 2013
WordPress Security WordCamp OC 2013WordPress Security WordCamp OC 2013
WordPress Security WordCamp OC 2013
 

Viewers also liked

Viewers also liked (7)

TMCC 2008 Translator Conference
TMCC 2008 Translator ConferenceTMCC 2008 Translator Conference
TMCC 2008 Translator Conference
 
Tools for translators: some theory & background
Tools for translators: some theory & backgroundTools for translators: some theory & background
Tools for translators: some theory & background
 
The impact of innovation on travel and tourism industries (World Travel Marke...
The impact of innovation on travel and tourism industries (World Travel Marke...The impact of innovation on travel and tourism industries (World Travel Marke...
The impact of innovation on travel and tourism industries (World Travel Marke...
 
Open Source Creativity
Open Source CreativityOpen Source Creativity
Open Source Creativity
 
Reuters: Pictures of the Year 2016 (Part 2)
Reuters: Pictures of the Year 2016 (Part 2)Reuters: Pictures of the Year 2016 (Part 2)
Reuters: Pictures of the Year 2016 (Part 2)
 
The Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post FormatsThe Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post Formats
 
The Outcome Economy
The Outcome EconomyThe Outcome Economy
The Outcome Economy
 

Similar to WordPress Security Blitz

Consistent Development Environment with Vagrant and Chef
Consistent Development Environment with Vagrant and ChefConsistent Development Environment with Vagrant and Chef
Consistent Development Environment with Vagrant and Chef
Gerald Villorente
 

Similar to WordPress Security Blitz (20)

Consistent Development Environment with Vagrant and Chef
Consistent Development Environment with Vagrant and ChefConsistent Development Environment with Vagrant and Chef
Consistent Development Environment with Vagrant and Chef
 
Joomla Day Austin Part 4
Joomla Day Austin Part 4Joomla Day Austin Part 4
Joomla Day Austin Part 4
 
Joomla Extreme Performance
Joomla Extreme PerformanceJoomla Extreme Performance
Joomla Extreme Performance
 
Learn you some Ansible for great good!
Learn you some Ansible for great good!Learn you some Ansible for great good!
Learn you some Ansible for great good!
 
WordPress Optimization & Security - LAC 2013, London
WordPress Optimization & Security - LAC 2013, LondonWordPress Optimization & Security - LAC 2013, London
WordPress Optimization & Security - LAC 2013, London
 
40 WordPress Tips: Security, Engagement, SEO & Performance - SMX Sydney 2013
40 WordPress Tips: Security, Engagement, SEO & Performance - SMX Sydney 201340 WordPress Tips: Security, Engagement, SEO & Performance - SMX Sydney 2013
40 WordPress Tips: Security, Engagement, SEO & Performance - SMX Sydney 2013
 
Word press, the automated way
Word press, the automated wayWord press, the automated way
Word press, the automated way
 
Up and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web DesignUp and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web Design
 
WordPress Fav Plugins & Security
WordPress Fav Plugins & SecurityWordPress Fav Plugins & Security
WordPress Fav Plugins & Security
 
Continuous Deployment: The Dirty Details
Continuous Deployment: The Dirty DetailsContinuous Deployment: The Dirty Details
Continuous Deployment: The Dirty Details
 
WordPress 3.0 at DC PHP
WordPress 3.0 at DC PHPWordPress 3.0 at DC PHP
WordPress 3.0 at DC PHP
 
NDC 2011 - Let me introduce my Moncai
NDC 2011 - Let me introduce my MoncaiNDC 2011 - Let me introduce my Moncai
NDC 2011 - Let me introduce my Moncai
 
Jared Whitlock Open Source In The Enterprise Plone @ Novell
Jared Whitlock Open Source In The Enterprise Plone @ NovellJared Whitlock Open Source In The Enterprise Plone @ Novell
Jared Whitlock Open Source In The Enterprise Plone @ Novell
 
The Ember.js Framework - Everything You Need To Know
The Ember.js Framework - Everything You Need To KnowThe Ember.js Framework - Everything You Need To Know
The Ember.js Framework - Everything You Need To Know
 
Advanced WordPress: Session II
Advanced WordPress: Session IIAdvanced WordPress: Session II
Advanced WordPress: Session II
 
WordPress Plugins You Cannot Live Without
WordPress Plugins You Cannot Live WithoutWordPress Plugins You Cannot Live Without
WordPress Plugins You Cannot Live Without
 
Optimizing wp
Optimizing wpOptimizing wp
Optimizing wp
 
Building appliances
Building appliancesBuilding appliances
Building appliances
 
Making Sense out of Amazon ECS
Making Sense out of Amazon ECSMaking Sense out of Amazon ECS
Making Sense out of Amazon ECS
 
Improving The Performance of Your Web App
Improving The Performance of Your Web AppImproving The Performance of Your Web App
Improving The Performance of Your Web App
 

Recently uploaded

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 

Recently uploaded (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

WordPress Security Blitz