SlideShare a Scribd company logo

Security Isn't Scary and It's Not Rocket Science either.

1 of 39
Download to read offline
Security isn't scary, and
it’s not rocket science
either.
Michele Butcher
!
CantSpeakGeek.com WPSecurityLock.com
!
@Michele_Butcher
!
Slides can be found at http://mlb.pw/k1mbf
Michele Butcher
• WordPress Consultant, Site
Cleaner, and Trainer for 

WP Security Lock
• WordPress Manager for
Megabytes Inc
• One Woman Wonder at 

Can’t Speak Geek
@michele_butcher
Why is security
important?
@michele_butcher
Every day hackers try
to find ways to get
your information.
@michele_butcher
Why do hackers hack?
• Make bank
• Build a zombie site army
• Share their nasty malware with the world
• Get your information
• They are bored
• They want to see if they can do it
@michele_butcher
Why are these people
attacking me?
Anymore, it is not people but bots attacking your site.
Hackers have programs that do the work for them.
!
Rarely is it people doing the hacking unless it is targeted.
Strong opinion sites are a good example.
@michele_butcher

Recommended

Passwords, Attacks, and Security oh my!
Passwords, Attacks, and Security oh my!Passwords, Attacks, and Security oh my!
Passwords, Attacks, and Security oh my!Michele Butcher-Jones
 
Passwords, Attacks, and Security oh My!
Passwords, Attacks, and Security oh My!Passwords, Attacks, and Security oh My!
Passwords, Attacks, and Security oh My!Michele Butcher-Jones
 
Passwords, Attakcks, and Security, oh my!
Passwords, Attakcks, and Security, oh my!Passwords, Attakcks, and Security, oh my!
Passwords, Attakcks, and Security, oh my!Michele Butcher
 
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015Michele Butcher-Jones
 
Sucuri Webinar: How to identify and clean a hacked Joomla! website
Sucuri Webinar: How to identify and clean a hacked Joomla! websiteSucuri Webinar: How to identify and clean a hacked Joomla! website
Sucuri Webinar: How to identify and clean a hacked Joomla! websiteSucuri
 
Sucuri Webinar: How to Clean a Hacked Magento Website
Sucuri Webinar: How to Clean a Hacked Magento WebsiteSucuri Webinar: How to Clean a Hacked Magento Website
Sucuri Webinar: How to Clean a Hacked Magento WebsiteSucuri
 
Sucuri Webinar: WAF (Firewall) and CDN Feature Benefit Guide
Sucuri Webinar: WAF (Firewall) and CDN Feature Benefit GuideSucuri Webinar: WAF (Firewall) and CDN Feature Benefit Guide
Sucuri Webinar: WAF (Firewall) and CDN Feature Benefit GuideSucuri
 

More Related Content

What's hot

Sucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri
 
GoSec 2015 - Protecting the web from within
GoSec 2015 - Protecting the web from withinGoSec 2015 - Protecting the web from within
GoSec 2015 - Protecting the web from withinIMMUNIO
 
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching VulnerabilitiesRailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching VulnerabilitiesIMMUNIO
 
10 Tips to Make WordPress Your Friend
10 Tips to Make WordPress Your Friend 10 Tips to Make WordPress Your Friend
10 Tips to Make WordPress Your Friend Kerch McConlogue
 
Sucuri Webinar: How Caching Options Can Impact Your Website Speed
Sucuri Webinar: How Caching Options Can Impact Your Website SpeedSucuri Webinar: How Caching Options Can Impact Your Website Speed
Sucuri Webinar: How Caching Options Can Impact Your Website SpeedSucuri
 
WP Security - Master Class #SMWLagos2014
WP Security - Master Class #SMWLagos2014WP Security - Master Class #SMWLagos2014
WP Security - Master Class #SMWLagos2014sabinovates
 
10-ish Tips to Make WordPress Your Friend
10-ish Tips to Make WordPress Your Friend10-ish Tips to Make WordPress Your Friend
10-ish Tips to Make WordPress Your FriendKerch McConlogue
 
WordPress Security 2014 - The Basics of Security
WordPress Security 2014 - The Basics of SecurityWordPress Security 2014 - The Basics of Security
WordPress Security 2014 - The Basics of SecurityTony Perez
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Sucuri
 
Your Site vs. The World
Your Site vs. The WorldYour Site vs. The World
Your Site vs. The WorldJason Cosper
 
javascript-gone-wild-withreferences-attributions-111003035611-php
javascript-gone-wild-withreferences-attributions-111003035611-phpjavascript-gone-wild-withreferences-attributions-111003035611-php
javascript-gone-wild-withreferences-attributions-111003035611-phpApoorvi Kapoor
 
Passwords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityPasswords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityjessepollak
 
Passwords the weakest link in word press security
Passwords  the weakest link in word press securityPasswords  the weakest link in word press security
Passwords the weakest link in word press securityjessepollak
 
WordPress Security - Learning From Hacks
WordPress Security - Learning From HacksWordPress Security - Learning From Hacks
WordPress Security - Learning From HacksTony Perez
 
Foundations of Security
Foundations of SecurityFoundations of Security
Foundations of SecurityJoe Robb
 
7 duplicate content myths that simply aren't true
7 duplicate content myths that simply aren't true7 duplicate content myths that simply aren't true
7 duplicate content myths that simply aren't trueWebMeUp
 

What's hot (18)

Sucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best Performance
 
GoSec 2015 - Protecting the web from within
GoSec 2015 - Protecting the web from withinGoSec 2015 - Protecting the web from within
GoSec 2015 - Protecting the web from within
 
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching VulnerabilitiesRailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
 
10 Tips to Make WordPress Your Friend
10 Tips to Make WordPress Your Friend 10 Tips to Make WordPress Your Friend
10 Tips to Make WordPress Your Friend
 
Sucuri Webinar: How Caching Options Can Impact Your Website Speed
Sucuri Webinar: How Caching Options Can Impact Your Website SpeedSucuri Webinar: How Caching Options Can Impact Your Website Speed
Sucuri Webinar: How Caching Options Can Impact Your Website Speed
 
WP Security - Master Class #SMWLagos2014
WP Security - Master Class #SMWLagos2014WP Security - Master Class #SMWLagos2014
WP Security - Master Class #SMWLagos2014
 
10-ish Tips to Make WordPress Your Friend
10-ish Tips to Make WordPress Your Friend10-ish Tips to Make WordPress Your Friend
10-ish Tips to Make WordPress Your Friend
 
WordPress Security 2014 - The Basics of Security
WordPress Security 2014 - The Basics of SecurityWordPress Security 2014 - The Basics of Security
WordPress Security 2014 - The Basics of Security
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?
 
Your Site vs. The World
Your Site vs. The WorldYour Site vs. The World
Your Site vs. The World
 
Twitter Talk
Twitter TalkTwitter Talk
Twitter Talk
 
javascript-gone-wild-withreferences-attributions-111003035611-php
javascript-gone-wild-withreferences-attributions-111003035611-phpjavascript-gone-wild-withreferences-attributions-111003035611-php
javascript-gone-wild-withreferences-attributions-111003035611-php
 
Passwords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityPasswords: the weakest link in WordPress security
Passwords: the weakest link in WordPress security
 
Passwords the weakest link in word press security
Passwords  the weakest link in word press securityPasswords  the weakest link in word press security
Passwords the weakest link in word press security
 
WordPress Security - Learning From Hacks
WordPress Security - Learning From HacksWordPress Security - Learning From Hacks
WordPress Security - Learning From Hacks
 
Foundations of Security
Foundations of SecurityFoundations of Security
Foundations of Security
 
7 duplicate content myths that simply aren't true
7 duplicate content myths that simply aren't true7 duplicate content myths that simply aren't true
7 duplicate content myths that simply aren't true
 
Autopilot
AutopilotAutopilot
Autopilot
 

Similar to Security Isn't Scary and It's Not Rocket Science either.

Beginning WordPress Security WordCamp North Canton 2015
Beginning WordPress Security WordCamp North Canton 2015Beginning WordPress Security WordCamp North Canton 2015
Beginning WordPress Security WordCamp North Canton 2015Michele Butcher-Jones
 
Your Site Has Been Hacked, Now What?
Your Site Has Been Hacked, Now What?Your Site Has Been Hacked, Now What?
Your Site Has Been Hacked, Now What?Michele Butcher-Jones
 
Strategies for securing your banks & enterprises (from someone who robs bank...
 Strategies for securing your banks & enterprises (from someone who robs bank... Strategies for securing your banks & enterprises (from someone who robs bank...
Strategies for securing your banks & enterprises (from someone who robs bank...ITCamp
 
If i wake evil 360
If i wake evil   360If i wake evil   360
If i wake evil 360John Strand
 
Word camp pune 2013 security
Word camp pune 2013   securityWord camp pune 2013   security
Word camp pune 2013 securityGaurav Singh
 
Thoughts on Defensive Development for Sitecore
Thoughts on Defensive Development for SitecoreThoughts on Defensive Development for Sitecore
Thoughts on Defensive Development for SitecorePINT Inc
 
Sucuri Webinar: Website Security Primer for Digital Marketers
Sucuri Webinar: Website Security Primer for Digital MarketersSucuri Webinar: Website Security Primer for Digital Marketers
Sucuri Webinar: Website Security Primer for Digital MarketersSucuri
 
Passwords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityPasswords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityjessepollak
 
WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security EssentialsAngela Bowman
 
WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012Angela Bowman
 
All Day DevOps: Calling Out A Terrible On-Call System
All Day DevOps: Calling Out A Terrible On-Call SystemAll Day DevOps: Calling Out A Terrible On-Call System
All Day DevOps: Calling Out A Terrible On-Call SystemMolly Struve
 
Sucuri Webinar: Preventing Cross-Site Contamination for Beginners
Sucuri Webinar: Preventing Cross-Site Contamination for BeginnersSucuri Webinar: Preventing Cross-Site Contamination for Beginners
Sucuri Webinar: Preventing Cross-Site Contamination for BeginnersSucuri
 
How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014Primary Image Ltd
 

Similar to Security Isn't Scary and It's Not Rocket Science either. (20)

So i have a website now what?
So i have a website now what?So i have a website now what?
So i have a website now what?
 
Keep Your SIte Secure
Keep Your SIte SecureKeep Your SIte Secure
Keep Your SIte Secure
 
Beginning WordPress Security WordCamp North Canton 2015
Beginning WordPress Security WordCamp North Canton 2015Beginning WordPress Security WordCamp North Canton 2015
Beginning WordPress Security WordCamp North Canton 2015
 
Your Site Has Been Hacked, Now What?
Your Site Has Been Hacked, Now What?Your Site Has Been Hacked, Now What?
Your Site Has Been Hacked, Now What?
 
I Have My WordPress Site Now What?
I Have My WordPress Site Now What?I Have My WordPress Site Now What?
I Have My WordPress Site Now What?
 
Strategies for securing your banks & enterprises (from someone who robs bank...
 Strategies for securing your banks & enterprises (from someone who robs bank... Strategies for securing your banks & enterprises (from someone who robs bank...
Strategies for securing your banks & enterprises (from someone who robs bank...
 
If i wake evil 360
If i wake evil   360If i wake evil   360
If i wake evil 360
 
Cyber security
Cyber securityCyber security
Cyber security
 
Word camp pune 2013 security
Word camp pune 2013   securityWord camp pune 2013   security
Word camp pune 2013 security
 
Thoughts on Defensive Development for Sitecore
Thoughts on Defensive Development for SitecoreThoughts on Defensive Development for Sitecore
Thoughts on Defensive Development for Sitecore
 
Zero To WordPress Plubish
Zero To WordPress PlubishZero To WordPress Plubish
Zero To WordPress Plubish
 
Sucuri Webinar: Website Security Primer for Digital Marketers
Sucuri Webinar: Website Security Primer for Digital MarketersSucuri Webinar: Website Security Primer for Digital Marketers
Sucuri Webinar: Website Security Primer for Digital Marketers
 
Passwords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityPasswords: the weakest link in WordPress security
Passwords: the weakest link in WordPress security
 
WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security Essentials
 
Website security
Website securityWebsite security
Website security
 
WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012
 
From Zero To WordPress
From Zero To WordPressFrom Zero To WordPress
From Zero To WordPress
 
All Day DevOps: Calling Out A Terrible On-Call System
All Day DevOps: Calling Out A Terrible On-Call SystemAll Day DevOps: Calling Out A Terrible On-Call System
All Day DevOps: Calling Out A Terrible On-Call System
 
Sucuri Webinar: Preventing Cross-Site Contamination for Beginners
Sucuri Webinar: Preventing Cross-Site Contamination for BeginnersSucuri Webinar: Preventing Cross-Site Contamination for Beginners
Sucuri Webinar: Preventing Cross-Site Contamination for Beginners
 
How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014
 

More from Michele Butcher-Jones

Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
Onboarding Clients Does Not have to take a Miracle to get all the things! - W...Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
Onboarding Clients Does Not have to take a Miracle to get all the things! - W...Michele Butcher-Jones
 
You Don't Have to be Crazy to Work Here! A Mental Health Check
You Don't Have to be Crazy to Work Here! A Mental Health CheckYou Don't Have to be Crazy to Work Here! A Mental Health Check
You Don't Have to be Crazy to Work Here! A Mental Health CheckMichele Butcher-Jones
 
WordPress London: Creating a 5 Star Customer Experience
WordPress London: Creating a 5 Star Customer ExperienceWordPress London: Creating a 5 Star Customer Experience
WordPress London: Creating a 5 Star Customer ExperienceMichele Butcher-Jones
 
Demons in the Closet - Handling your mental health while working remotely and...
Demons in the Closet - Handling your mental health while working remotely and...Demons in the Closet - Handling your mental health while working remotely and...
Demons in the Closet - Handling your mental health while working remotely and...Michele Butcher-Jones
 
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...Michele Butcher-Jones
 
What To Do Post-Launch: How To Care For Your Brand New WordPress Site
What To Do Post-Launch: How To Care For Your Brand New WordPress SiteWhat To Do Post-Launch: How To Care For Your Brand New WordPress Site
What To Do Post-Launch: How To Care For Your Brand New WordPress SiteMichele Butcher-Jones
 
WordCamp St Louis 2018 Contributing Without Coding
WordCamp St Louis 2018 Contributing Without CodingWordCamp St Louis 2018 Contributing Without Coding
WordCamp St Louis 2018 Contributing Without CodingMichele Butcher-Jones
 
Contributing to WordPress without Coding
Contributing to WordPress without CodingContributing to WordPress without Coding
Contributing to WordPress without CodingMichele Butcher-Jones
 
The Five Star Customer Service Experience
The Five Star Customer Service ExperienceThe Five Star Customer Service Experience
The Five Star Customer Service ExperienceMichele Butcher-Jones
 
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...Michele Butcher-Jones
 
Demons in the Closet WordCamp Montreal 2016
Demons in the Closet WordCamp Montreal 2016Demons in the Closet WordCamp Montreal 2016
Demons in the Closet WordCamp Montreal 2016Michele Butcher-Jones
 
WordPress for beginners lesson 4 fall2015 JALC
WordPress for beginners lesson 4 fall2015 JALCWordPress for beginners lesson 4 fall2015 JALC
WordPress for beginners lesson 4 fall2015 JALCMichele Butcher-Jones
 
Word press for beginners lesson 3 jalc fall 2015
Word press for beginners lesson 3 jalc fall 2015Word press for beginners lesson 3 jalc fall 2015
Word press for beginners lesson 3 jalc fall 2015Michele Butcher-Jones
 
WordPress For Beginners Lesson 1 JALC Fall 2015
WordPress For Beginners Lesson 1 JALC Fall 2015WordPress For Beginners Lesson 1 JALC Fall 2015
WordPress For Beginners Lesson 1 JALC Fall 2015Michele Butcher-Jones
 

More from Michele Butcher-Jones (20)

Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
Onboarding Clients Does Not have to take a Miracle to get all the things! - W...Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
 
Elevating Customer Experiences
Elevating Customer ExperiencesElevating Customer Experiences
Elevating Customer Experiences
 
You Don't Have to be Crazy to Work Here! A Mental Health Check
You Don't Have to be Crazy to Work Here! A Mental Health CheckYou Don't Have to be Crazy to Work Here! A Mental Health Check
You Don't Have to be Crazy to Work Here! A Mental Health Check
 
WordPress London: Creating a 5 Star Customer Experience
WordPress London: Creating a 5 Star Customer ExperienceWordPress London: Creating a 5 Star Customer Experience
WordPress London: Creating a 5 Star Customer Experience
 
Demons in the Closet - Handling your mental health while working remotely and...
Demons in the Closet - Handling your mental health while working remotely and...Demons in the Closet - Handling your mental health while working remotely and...
Demons in the Closet - Handling your mental health while working remotely and...
 
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
 
What To Do Post-Launch: How To Care For Your Brand New WordPress Site
What To Do Post-Launch: How To Care For Your Brand New WordPress SiteWhat To Do Post-Launch: How To Care For Your Brand New WordPress Site
What To Do Post-Launch: How To Care For Your Brand New WordPress Site
 
The Five Star Customer Experience
The Five Star Customer ExperienceThe Five Star Customer Experience
The Five Star Customer Experience
 
Taming the Demons in the Closet
Taming the Demons in the ClosetTaming the Demons in the Closet
Taming the Demons in the Closet
 
My website is live now what?
My website is live now what?My website is live now what?
My website is live now what?
 
WordCamp St Louis 2018 Contributing Without Coding
WordCamp St Louis 2018 Contributing Without CodingWordCamp St Louis 2018 Contributing Without Coding
WordCamp St Louis 2018 Contributing Without Coding
 
Contributing to WordPress without Coding
Contributing to WordPress without CodingContributing to WordPress without Coding
Contributing to WordPress without Coding
 
The Five Star Customer Service Experience
The Five Star Customer Service ExperienceThe Five Star Customer Service Experience
The Five Star Customer Service Experience
 
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
 
Demons in the Closet WordCamp Montreal 2016
Demons in the Closet WordCamp Montreal 2016Demons in the Closet WordCamp Montreal 2016
Demons in the Closet WordCamp Montreal 2016
 
Jetpack All The Things
Jetpack All The ThingsJetpack All The Things
Jetpack All The Things
 
WordPress for beginners lesson 4 fall2015 JALC
WordPress for beginners lesson 4 fall2015 JALCWordPress for beginners lesson 4 fall2015 JALC
WordPress for beginners lesson 4 fall2015 JALC
 
Word press for beginners lesson 3 jalc fall 2015
Word press for beginners lesson 3 jalc fall 2015Word press for beginners lesson 3 jalc fall 2015
Word press for beginners lesson 3 jalc fall 2015
 
Beginners WordPress JALC Lesson 2
Beginners WordPress JALC Lesson 2Beginners WordPress JALC Lesson 2
Beginners WordPress JALC Lesson 2
 
WordPress For Beginners Lesson 1 JALC Fall 2015
WordPress For Beginners Lesson 1 JALC Fall 2015WordPress For Beginners Lesson 1 JALC Fall 2015
WordPress For Beginners Lesson 1 JALC Fall 2015
 

Recently uploaded

DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 
Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023Damar Juniarto
 
Biometrics Technology Intresting PPT
Biometrics Technology Intresting PPTBiometrics Technology Intresting PPT
Biometrics Technology Intresting PPTPraveenKumarThota7
 
Model Jaringan network jaringan komputer.pdf
Model Jaringan network jaringan komputer.pdfModel Jaringan network jaringan komputer.pdf
Model Jaringan network jaringan komputer.pdfgalfinprihardiputra0
 
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...Prometix Pty Ltd
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 

Recently uploaded (6)

DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023
 
Biometrics Technology Intresting PPT
Biometrics Technology Intresting PPTBiometrics Technology Intresting PPT
Biometrics Technology Intresting PPT
 
Model Jaringan network jaringan komputer.pdf
Model Jaringan network jaringan komputer.pdfModel Jaringan network jaringan komputer.pdf
Model Jaringan network jaringan komputer.pdf
 
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 

Security Isn't Scary and It's Not Rocket Science either.

  • 1. Security isn't scary, and it’s not rocket science either. Michele Butcher ! CantSpeakGeek.com WPSecurityLock.com ! @Michele_Butcher ! Slides can be found at http://mlb.pw/k1mbf
  • 2. Michele Butcher • WordPress Consultant, Site Cleaner, and Trainer for 
 WP Security Lock • WordPress Manager for Megabytes Inc • One Woman Wonder at 
 Can’t Speak Geek @michele_butcher
  • 4. Every day hackers try to find ways to get your information. @michele_butcher
  • 5. Why do hackers hack? • Make bank • Build a zombie site army • Share their nasty malware with the world • Get your information • They are bored • They want to see if they can do it @michele_butcher
  • 6. Why are these people attacking me? Anymore, it is not people but bots attacking your site. Hackers have programs that do the work for them. ! Rarely is it people doing the hacking unless it is targeted. Strong opinion sites are a good example. @michele_butcher
  • 7. How do they get in? • Guess your login. If you know it so can someone else. (Brute force attack or man in the middle) • Denial of Service attack (DDoS) flood your site with more traffic than it can handle • Through a theme, file or plugin • Through your FTP or CPanel. (Files set to read, write,execute. Brute force, anonymous login, shared hosting infection) @michele_butcher
  • 8. And now for the only thing scary that I am going to say. @michele_butcher
  • 9. You are NEVER 100% secure @michele_butcher
  • 10. Even a test site or a knitting site with only 2 visitors can be hacked. It can happen to your site. @michele_butcher
  • 11. Don’t let security make you like this guy. @michele_butcher
  • 12. But there are ways to keep the hacker attackers out! @michele_butcher
  • 14. Never ever ever use admin as user name or password as password. Never! @michele_butcher
  • 15. ALWAYS change your prefix name from wp_ Let it be anything other than wp_ fdhsfjkhs_ is always good I typically do not even look at what I am typing anymore when I make the WP prefix. The random the better. @michele_butcher
  • 16. If you do have to let others into your dashboard or FTP… • Use SFTP Always! • Only give them access to what they NEED not what they want • If it is only a temporary login, delete their login when they have completed their job. • Set up a file change detection notification to know what they are changing in your site. @michele_butcher
  • 18. iThemes Security Great all encompassing best practices WordPress security plugin. Two versions a free and a premium. ! http://ithemes.com/security @michele_butcher
  • 19. Brute Protect If you are mainly worried about DDoS attacks, Brute Protect has you covered. ! http://bruteprotect.com @michele_butcher
  • 20. Who can scan my site for malware? Google Webmaster Tools http://google.com/webmaster ! VirusTotal https://virustotal.com ! iThemes Security Pro htttp://ithemes.com/security @michele_butcher
  • 21. Need an extra eye on your site? CloudFlare has a free and premium version. http://cloudflare.com @michele_butcher
  • 22. Update! Update! Update! Update core, update plugins, update themes, update content, update everything and update often! ! The biggest source of nearly all hacks as once something is patched, it is trivial to get into the old stuff. @michele_butcher
  • 23. Have a minimalist approach to plugins and themes. • Only have the plugins you are using at that time on your site. You can always upload them again later. • Only have your theme you are using on your site. • If something is not active, delete it. @michele_butcher
  • 24. Back up your site! ! Somewhere, anywhere, just have a backup copy. BackupBuddy from iThemes is a great choice. iThemes Security will do a database backup for you. ! http://ithemes.com/backupbuddy @michele_butcher
  • 25. Always back up to someplace OTHER than your server. If the server gets hacked, so does your backup. @michele_butcher
  • 26. Don’t let your site get lonely. Lonely sites can turn into zombie sites and nobody wants a zombie @michele_butcher
  • 27. If your website get hacked it is not the end of the world. ! It can and will be fixed. @michele_butcher
  • 28. Who cleans hacked websites? Well I do over at WP Security Lock ~Smile~ ! http://wpsecuritylock.com I apologize… had to do one shameful plug. @michele_butcher
  • 29. What are other ways I can be more secure? @michele_butcher
  • 30. ALWAYS use complex passwords. ALWAYS! For everything! “password” is never a good password! @michele_butcher
  • 31. Never email passwords to anyone. Including yourself. ! Use a different password for each and every thing you log into. ! Use something like LastPass or 1Password to share passwords with others. @michele_butcher
  • 32. If the login has a Two-Factor authentication, use it! @michele_butcher
  • 33. Anti-virus Protect your unit! Yes I even have an anti-virus on my Mac! AVG and Avast have free versions as well as paid. Kaspersky is great with Windows and Macs. @michele_butcher
  • 34. Be conscious when using public WiFi. @michele_butcher
  • 35. Use a VPN when connecting out in the wild. torguard.com @michele_butcher
  • 37. Back up everything and back it up often. If you fear you might lose information, save it in more than one spot. Bitcasa, Carbonite, and external hard drives are great options of backing up data. @michele_butcher
  • 39. Thank you for attending! Slides can be found at http://mlb.pw/k1mbf Michele Butcher @michele_butcher http://wpsecuritylock.com http://cantspeakgeek.com