Successfully reported this slideshow.

More Related Content

Viewers also liked

RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
IMMUNIO
10 Tips to Make WordPress Your Friend
Kerch McConlogue
Sucuri Webinar: How Caching Options Can Impact Your Website Speed
Sucuri
WP Security - Master Class #SMWLagos2014
sabinovates
10-ish Tips to Make WordPress Your Friend
Kerch McConlogue
WordPress Security 2014 - The Basics of Security
Tony Perez
Kludges and PHP. Why Should You Use a WAF?
Sucuri
Your Site vs. The World
Jason Cosper
Twitter Talk
Andre Nosalsky
javascript-gone-wild-withreferences-attributions-111003035611-php
Apoorvi Kapoor
Passwords: the weakest link in WordPress security
jessepollak
Passwords the weakest link in word press security
jessepollak
WordPress Security - Learning From Hacks
Tony Perez
Foundations of Security
Joe Robb
7 duplicate content myths that simply aren't true
WebMeUp
Autopilot
terryterrence

Similar to Security Isn't Scary and It's Not Rocket Science either.

Keep Your SIte Secure
Michele Butcher-Jones
Word press security 101 2018
Laura Hartwig
Security 101
Michele Butcher-Jones
WordPress Setup and Security - WordCamp, Charleston 2014
Michael Carnell
The Care and Feeding of Your WordPress Website - Hosting, Updates, Backups, S...
Cindy Cullen
Your WordPress Website Is/Not Hacked
Angela Bowman
WordPress End-User Security - Orange County WordCamp 2011
Dre Armeda
Security Presentation for Boulder WordPress Meetup
Angela Bowman
Presentation to SAIT Students - Dec 2013
Think Media Inc.
Secure All The Things!
Dougal Campbell
How To Lock Down And Secure Your Wordpress
Chelsea O'Brien
WordPress Security 101
Manifest Creative
Your WordPress Site is and is not Hacked - You don't know until you check
Angela Bowman
WordPress Site Management - Keeping Your Creation Happy, Healthy and Secure
Meagan Hanes
Protect Your WordPress From The Inside Out
SiteGround.com
WordPress Security Essential Tips & Tricks
Faraz Ahmed
Refresh WordPress Beginner Workshop
David Bisset
Google says you shouldn’t visit my church
Justin Jones
WordPress Security Essentials
Angela Bowman
Gaining (and Not Betraying) User Trust in WordPress eCommerce
Andrew Wikel

More from Michele Butcher-Jones

Elevating Customer Experiences
Michele Butcher-Jones
You Don't Have to be Crazy to Work Here! A Mental Health Check
Michele Butcher-Jones
WordPress London: Creating a 5 Star Customer Experience
Michele Butcher-Jones
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Michele Butcher-Jones
What To Do Post-Launch: How To Care For Your Brand New WordPress Site
Michele Butcher-Jones
My website is live now what?
Michele Butcher-Jones
WordCamp St Louis 2018 Contributing Without Coding
Michele Butcher-Jones
The Five Star Customer Service Experience
Michele Butcher-Jones
Demons in the Closet WordCamp Montreal 2016
Michele Butcher-Jones
Jetpack All The Things
Michele Butcher-Jones
So i have a website now what?
Michele Butcher-Jones
WordPress for beginners lesson 4 fall2015 JALC
Michele Butcher-Jones
Word press for beginners lesson 3 jalc fall 2015
Michele Butcher-Jones
Beginners WordPress JALC Lesson 2
Michele Butcher-Jones
WordPress For Beginners Lesson 1 JALC Fall 2015
Michele Butcher-Jones
Zero To WordPress Plubish
Michele Butcher-Jones
How to Contribute Without Code - WordCamp Miami 2015
Michele Butcher-Jones
WordCamp Nashville 2015 From Zero to WordPress Publish (Beginner's WordPress)
Michele Butcher-Jones
Beginning WordPress Security WordCamp North Canton 2015
Michele Butcher-Jones
WordCamp Minnepolis 2015: From Zero To WordPress Publish
Michele Butcher-Jones

Featured

What to Upload to SlideShare
SlideShare
Be A Great Product Leader (Amplify, Oct 2019)
Adam Nash
Trillion Dollar Coach Book (Bill Campbell)
Eric Schmidt
APIdays Paris 2019 - Innovation @ scale, APIs as Digital Factories' New Machi...
apidays
A few thoughts on work life-balance
Wim Vanderbauwhede
Is vc still a thing final
Mark Suster
The GaryVee Content Model
Gary Vaynerchuk
Mammalian Brain Chemistry Explains Everything
Loretta Breuning, PhD
Blockchain + AI + Crypto Economics Are We Creating a Code Tsunami?
Dinis Guarda
The AI Rush
Jean-Baptiste Dumont
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
Carol Smith
10 facts about jobs in the future
Pew Research Center's Internet & American Life Project
Harry Surden - Artificial Intelligence and Law Overview
Harry Surden
Inside Google's Numbers in 2017
Rand Fishkin
Pinot: Realtime Distributed OLAP datastore
Kishore Gopalakrishna
How to Become a Thought Leader in Your Niche
Leslie Samuel
Visual Design with Data
Seth Familian
Designing Teams for Emerging Challenges
Aaron Irizarry
UX, ethnography and possibilities: for Libraries, Museums and Archives
Ned Potter
Winners and Losers - All the (Russian) President's Men
Ian Bremmer

Related Books

Free with a 14 day trial from Scribd

See all
The Impulse Economy: Understanding Mobile Shoppers and What Makes Them Buy Gary Schwartz
(4.5/5)
Free
Tubes: A Journey to the Center of the Internet Andrew Blum
(4/5)
Free
Emergence: The Connected Lives of Ants, Brains, Cities, and Software Steven Johnson
(4.5/5)
Free
World Wide Mind: The Coming Integration of Humanity, Machines, and the Internet Michael Chorost
(4/5)
Free
An Army of Davids: How Markets and Technology Empower Ordinary People to Beat Big Media, Big Government, and Other Goliaths Glenn Reynolds
(4/5)
Free
In the Plex: How Google Thinks, Works, and Shapes Our Lives Steven Levy
(4.5/5)
Free
Hamlet's BlackBerry: A Practical Philosophy for Building a Good Life in the Digital Age William Powers
(4/5)
Free
The Thank You Economy Gary Vaynerchuk
(4/5)
Free
Talking Back to Facebook: The Common Sense Guide to Raising Kids in the Digital Age James P. Steyer
(4.5/5)
Free
The Nature of the Future: Dispatches from the Socialstructed World Marina Gorbis
(4/5)
Free
Public Parts: How Sharing in the Digital Age Improves the Way We Work and Live Jeff Jarvis
(3.5/5)
Free
Socialnomics: How Social Media Transforms the Way We Live and Do Business Erik Qualman
(4/5)
Free
The End of Business As Usual: Rewire the Way You Work to Succeed in the Consumer Revolution Brian Solis
(5/5)
Free
Blog Schmog: The Truth About What Blogs Can (and Can't) Do for Your Business Robert W. Bly
(4/5)
Free
Google's PageRank and Beyond: The Science of Search Engine Rankings Amy N. Langville
(3/5)
Free
Digital Vertigo: How Today's Online Social Revolution Is Dividing, Diminishing, and Disorienting Us Andrew Keen
(3/5)
Free

Related Audiobooks

Free with a 14 day trial from Scribd

See all
Platform: Get Noticed in a Noisy World Michael Hyatt
(4.5/5)
Free
Ten Arguments for Deleting Your Social Media Accounts Right Now Jaron Lanier
(4/5)
Free
Stop Checking Your Likes: Shake Off the Need for Approval and Live an Incredible Life Susie Moore
(4/5)
Free
So You Want to Start a Podcast: Finding Your Voice, Telling Your Story, and Building a Community that Will Listen Findaway
(4.5/5)
Free
This Machine Kills Secrets: How Wikileakers, Cypherpunks, and Hacktivists Aim to Free the World's Information Andy Greenberg
(4/5)
Free
The Dark Net: Inside the Digital Underworld Jamie Bartlett
(4/5)
Free
Who Owns the Future? Jaron Lanier
(4/5)
Free
Kill All Normies: Online Culture Wars From 4Chan And Tumblr To Trump And The Alt-Right Angela Nagle
(4/5)
Free
Cryptography: The Key to Digital Security, How It Works, and Why It Matters Keith Martin
(4/5)
Free
Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous Gabriella Coleman
(4/5)
Free
Cyberwar: How Russian Hackers and Trolls Helped Elect a President—What We Don't, Can't, and Do Know Kathleen Hall Jamieson
(3/5)
Free
Exploding Data: Reclaiming Our Cyber Security in the Digital Age Michael Chertoff
(4.5/5)
Free
Internet Riches: The Simple Money-Making Secrets of Online Millionaires Scott Fox
(4/5)
Free
Blockchain Revolution: How the Technology Behind Bitcoin Is Changing Money, Business, and the World Don Tapscott
(4/5)
Free
The Secret Life: Three True Stories of the Digital Age Andrew O'Hagan
(4/5)
Free
Leading in the Digital World: How to Foster Creativity, Collaboration, and Inclusivity Amit S. Mukherjee
(0/5)
Free

Security Isn't Scary and It's Not Rocket Science either.

  1. 1. Security isn't scary, and it’s not rocket science either. Michele Butcher ! CantSpeakGeek.com WPSecurityLock.com ! @Michele_Butcher ! Slides can be found at http://mlb.pw/k1mbf
  2. 2. Michele Butcher • WordPress Consultant, Site Cleaner, and Trainer for 
 WP Security Lock • WordPress Manager for Megabytes Inc • One Woman Wonder at 
 Can’t Speak Geek @michele_butcher
  3. 3. Why is security important? @michele_butcher
  4. 4. Every day hackers try to find ways to get your information. @michele_butcher
  5. 5. Why do hackers hack? • Make bank • Build a zombie site army • Share their nasty malware with the world • Get your information • They are bored • They want to see if they can do it @michele_butcher
  6. 6. Why are these people attacking me? Anymore, it is not people but bots attacking your site. Hackers have programs that do the work for them. ! Rarely is it people doing the hacking unless it is targeted. Strong opinion sites are a good example. @michele_butcher
  7. 7. How do they get in? • Guess your login. If you know it so can someone else. (Brute force attack or man in the middle) • Denial of Service attack (DDoS) flood your site with more traffic than it can handle • Through a theme, file or plugin • Through your FTP or CPanel. (Files set to read, write,execute. Brute force, anonymous login, shared hosting infection) @michele_butcher
  8. 8. And now for the only thing scary that I am going to say. @michele_butcher
  9. 9. You are NEVER 100% secure @michele_butcher
  10. 10. Even a test site or a knitting site with only 2 visitors can be hacked. It can happen to your site. @michele_butcher
  11. 11. Don’t let security make you like this guy. @michele_butcher
  12. 12. But there are ways to keep the hacker attackers out! @michele_butcher
  13. 13. WordPress Security Basics @michele_butcher
  14. 14. Never ever ever use admin as user name or password as password. Never! @michele_butcher
  15. 15. ALWAYS change your prefix name from wp_ Let it be anything other than wp_ fdhsfjkhs_ is always good I typically do not even look at what I am typing anymore when I make the WP prefix. The random the better. @michele_butcher
  16. 16. If you do have to let others into your dashboard or FTP… • Use SFTP Always! • Only give them access to what they NEED not what they want • If it is only a temporary login, delete their login when they have completed their job. • Set up a file change detection notification to know what they are changing in your site. @michele_butcher
  17. 17. What about security plugins? @michele_butcher
  18. 18. iThemes Security Great all encompassing best practices WordPress security plugin. Two versions a free and a premium. ! http://ithemes.com/security @michele_butcher
  19. 19. Brute Protect If you are mainly worried about DDoS attacks, Brute Protect has you covered. ! http://bruteprotect.com @michele_butcher
  20. 20. Who can scan my site for malware? Google Webmaster Tools http://google.com/webmaster ! VirusTotal https://virustotal.com ! iThemes Security Pro htttp://ithemes.com/security @michele_butcher
  21. 21. Need an extra eye on your site? CloudFlare has a free and premium version. http://cloudflare.com @michele_butcher
  22. 22. Update! Update! Update! Update core, update plugins, update themes, update content, update everything and update often! ! The biggest source of nearly all hacks as once something is patched, it is trivial to get into the old stuff. @michele_butcher
  23. 23. Have a minimalist approach to plugins and themes. • Only have the plugins you are using at that time on your site. You can always upload them again later. • Only have your theme you are using on your site. • If something is not active, delete it. @michele_butcher
  24. 24. Back up your site! ! Somewhere, anywhere, just have a backup copy. BackupBuddy from iThemes is a great choice. iThemes Security will do a database backup for you. ! http://ithemes.com/backupbuddy @michele_butcher
  25. 25. Always back up to someplace OTHER than your server. If the server gets hacked, so does your backup. @michele_butcher
  26. 26. Don’t let your site get lonely. Lonely sites can turn into zombie sites and nobody wants a zombie @michele_butcher
  27. 27. If your website get hacked it is not the end of the world. ! It can and will be fixed. @michele_butcher
  28. 28. Who cleans hacked websites? Well I do over at WP Security Lock ~Smile~ ! http://wpsecuritylock.com I apologize… had to do one shameful plug. @michele_butcher
  29. 29. What are other ways I can be more secure? @michele_butcher
  30. 30. ALWAYS use complex passwords. ALWAYS! For everything! “password” is never a good password! @michele_butcher
  31. 31. Never email passwords to anyone. Including yourself. ! Use a different password for each and every thing you log into. ! Use something like LastPass or 1Password to share passwords with others. @michele_butcher
  32. 32. If the login has a Two-Factor authentication, use it! @michele_butcher
  33. 33. Anti-virus Protect your unit! Yes I even have an anti-virus on my Mac! AVG and Avast have free versions as well as paid. Kaspersky is great with Windows and Macs. @michele_butcher
  34. 34. Be conscious when using public WiFi. @michele_butcher
  35. 35. Use a VPN when connecting out in the wild. torguard.com @michele_butcher
  36. 36. Update! Update! Update! Let me say this again
  37. 37. Back up everything and back it up often. If you fear you might lose information, save it in more than one spot. Bitcasa, Carbonite, and external hard drives are great options of backing up data. @michele_butcher
  38. 38. Questions? @michele_butcher
  39. 39. Thank you for attending! Slides can be found at http://mlb.pw/k1mbf Michele Butcher @michele_butcher http://wpsecuritylock.com http://cantspeakgeek.com

×