27. the zombie army is attackers’
response to our better defenses
as wordpress becomes a better target
the incentives for breaking it rise
@brennenbyrne#wcchi
33. the old way of doing this meant:
!
1. typing your password
2. getting a text with a bunch of numbers
3. typing in the bunch of numbers
!
(google authenticator)
@brennenbyrne#wcchi
36. @brennenbyrne
s = safe
ss = safe safe
ssl = safe safe lock
it actually stands for “secure socket layer”
#wcchi
37. @brennenbyrne
s = safe
ss = safe safe
ssl = safe safe lock
it actually stands for “secure socket layer”
#wcchi
38. @brennenbyrne
s = safe
ss = safe safe
ssl = safe safe lock
*it actually stands for “secure socket layer”
#wcchi
39. @brennenbyrne
s = safe
ss = safe safe
ssl = safe safe lock
*it actually stands for “secure socket layer”
#wcchi
40. without ssl, everything is public
@brennenbyrne
only do stuff you wouldn’t
mind standing on a table
and yelling about in a
coffee shop
i.e. no passwords or credit cards
#wcchi
49. use two factor for admin
@brennenbyrne
otherwise
install bruteprotect and cloak
read wordpress security checklist
getclef.com/wordpress-security-checklist
#wcchi