SlideShare a Scribd company logo

Introduction to WordPress Security

Nile Flores
Nile Flores

Keeping your website secure is important. No one likes a site that has nasty code injections or has been defaced. In fact, WordPress Security is one of the issues that continually needs to be taught to WordPressers around the world because for some people, their website is their livelihood. I’m not here to make your head pop up with mind boggling hardening tricks. I’m hear to give you an introduction to WordPress Security. I might make you laugh, but security is a serious matter. I will be covering a couple methods to secure your WordPress website, and even a couple beginner tips on what to do if your site has been hacked. By the end of this session, I hope you find a security method that suits you, and are more aware of the importance of securing your WordPress website. Originally presented at WordCamp Philly 2015

Technology
1 of 27
Download to read offline
Introduction to WordPress Security By Nile Flores @blondishnet http://blondish.net
Objective ❏ Answer why security is important ❏ Basic WordPress security tips ❏ Some related general security tips that work hand-in-hand with WordPress security ❏ WordPress security plugin suggestions ❏ Resources to learn more about security
Why is WordPress security important? Your website may be your livelihood. Like getting insurance and putting an alarm on your home or car, implementing security techniques or “hardening” your site protects your investment.
Why you? It’s not about you. It’s not even about how much traffic you get. The hacks are usually with bots and done randomly.
Ways In ❏ Your Internet Service Provider/ includes Wifi ❏ Your Email ❏ Your Web Hosting Account ❏ Web Scripts/ Software (Yes, this includes WordPress)
Why do people hack? ❏ Make money ❏ Curiosity
So, how does WordPress get compromised? ❏ Brute Force through your login ❏ Theme files ❏ Plugin files ❏ WordPress core files ❏ FTP/ Cpanel/ Plesk ❏ Bot attack/ DDoS
Security is an ongoing process. Technology is always advancing, so you’re never going to be 100% secure.
HOWEVER… Remember that “insurance” part I mentioned?
#1 Piece of WordPress Security Advice ALWAYS keep your WordPress core, themes, and plugins up-to-date!
#2 Most Important Thing ALWAYS back up your website. Oh, and don’t just save the backup in one place. Store them in a couple places.
More WordPress Security Tips
Your Username Your username should never be “admin”
Your Password ❏ You should never use “password” for your password ❏ Use sites like LastPass.com to save passwords ❏ Use different passwords for different websites
Passwords (continued…) Try using a plugin that contains two-factor authentication. Clef Two-Factor Authentication is a cool one to use - http://bit.ly/1GK2OqB
WordPress Database Prefix Change your database prefix. (By default it’s wp_ )
Security Advice for Multiple Users ❏ Set their roles ❏ Don’t allow them full access to your web hosting account ❏ Remove users who are temporary tenants ❏ Don’t send their password from the WordPress admin panel
Themes ❏ Keep your theme up-to-date ❏ Consider child theming - http://bit.ly/1cjzSdt ❏ Vett your theme ❏ Remove themes that you’re not using
Plugins ❏ Keep your plugin up-to-date ❏ Vett your plugins before using ❏ Remove plugins that you’re not using
WordPress Security Plugins ❏ Brute Protect (included in Jetpack) - http: //bruteprotect.com/ ❏ iThemes Security - http://bit.ly/1cNkPpN ❏ Wordfence - http://bit.ly/1ikXHyS ❏ Sucuri Security - http://bit.ly/1He85sW
More WordPress Security Resources ❏ Codex (Hardening WordPress) - http://bit. ly/19fxUmu ❏ How to Secure Your WordPress Blog - http: //bit.ly/1dzTESE
Not code savvy? If you don’t know code and were hacked, don’t worry… there’s always someone out there that offers Hack cleanups, and also Security audit services.
Any Questions Nile Flores http://blondish.net Subscribe to my weekly newsletter! Twitter: @blondishnet Facebook: http://facebook.com/NileFlores SlideShare: http://slideshare.net/blondishnet All About WordPress group on Facebook

Recommended

Introduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedIntroduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedNile Flores
 
Teaching Your Clients How to Use WordPress
Teaching Your Clients How to Use WordPressTeaching Your Clients How to Use WordPress
Teaching Your Clients How to Use WordPressNile Flores
 
Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress SecurityNile Flores
 
Introduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedIntroduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedNile Flores
 
Creating a WordPress Website that Works from the Start
Creating a WordPress Website that Works from the StartCreating a WordPress Website that Works from the Start
Creating a WordPress Website that Works from the StartNile Flores
 
Basic Wordpress Session
Basic Wordpress SessionBasic Wordpress Session
Basic Wordpress SessionVipul Garg
 
Wordpress as a CMS
Wordpress as a CMSWordpress as a CMS
Wordpress as a CMSmarkirby
 
Staying Connected: Securing Your WordPress Website
Staying Connected: Securing Your WordPress WebsiteStaying Connected: Securing Your WordPress Website
Staying Connected: Securing Your WordPress WebsiteRaymund Mitchell
 

Recommended

Introduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedIntroduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedNile Flores
 
Teaching Your Clients How to Use WordPress
Teaching Your Clients How to Use WordPressTeaching Your Clients How to Use WordPress
Teaching Your Clients How to Use WordPressNile Flores
 
Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress SecurityNile Flores
 
Introduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedIntroduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedNile Flores
 
Creating a WordPress Website that Works from the Start
Creating a WordPress Website that Works from the StartCreating a WordPress Website that Works from the Start
Creating a WordPress Website that Works from the StartNile Flores
 
Basic Wordpress Session
Basic Wordpress SessionBasic Wordpress Session
Basic Wordpress SessionVipul Garg
 
Wordpress as a CMS
Wordpress as a CMSWordpress as a CMS
Wordpress as a CMSmarkirby
 
Staying Connected: Securing Your WordPress Website
Staying Connected: Securing Your WordPress WebsiteStaying Connected: Securing Your WordPress Website
Staying Connected: Securing Your WordPress WebsiteRaymund Mitchell
 
Getting Started with Wordpress
Getting Started with WordpressGetting Started with Wordpress
Getting Started with WordpressTom Semmes
 
Resources and lessons for using WordPress in your business
Resources and lessons for using WordPress in your businessResources and lessons for using WordPress in your business
Resources and lessons for using WordPress in your businessSteven Slack
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPressEunus Hosen
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPressCraig Bailey
 
WordPress for Beginners | WordCamp Birmingham
WordPress for Beginners | WordCamp BirminghamWordPress for Beginners | WordCamp Birmingham
WordPress for Beginners | WordCamp BirminghamBrian Krogsgard
 
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin Thomas
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin ThomasCtrl+F5 Bangalore 2017: Super charge you word press website by Justin Thomas
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin ThomasResellerClub
 
The Child Theme Dilemma (EN) - Milano Edition
The Child Theme Dilemma (EN) - Milano EditionThe Child Theme Dilemma (EN) - Milano Edition
The Child Theme Dilemma (EN) - Milano EditionTorsten Landsiedel
 
How to Clear WordPress Cache?
How to Clear WordPress Cache?How to Clear WordPress Cache?
How to Clear WordPress Cache?HTS Hosting
 
Web development
Web development Web development
Web development Nikhil Charde
 
Empathetc Development
Empathetc DevelopmentEmpathetc Development
Empathetc DevelopmentKyle Evans
 
WordPress Basics
WordPress BasicsWordPress Basics
WordPress BasicsKyrie Tompkins
 
WordCamp Denmark Keynote
WordCamp Denmark KeynoteWordCamp Denmark Keynote
WordCamp Denmark KeynoteFrederick Townes
 
WordCamp Netherlands Keynote
WordCamp Netherlands KeynoteWordCamp Netherlands Keynote
WordCamp Netherlands KeynoteFrederick Townes
 
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017Bhushan Jawle
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPressTanzeel Ahmad Mujahid
 
Word press 3 @ wordcamp
Word press 3 @ wordcampWord press 3 @ wordcamp
Word press 3 @ wordcampTris Hussey
 
Wp frameworks- WordCamp KTM #10
Wp frameworks- WordCamp KTM #10Wp frameworks- WordCamp KTM #10
Wp frameworks- WordCamp KTM #10Suman Maharjan
 
From simple html to Wordpress
From simple html to WordpressFrom simple html to Wordpress
From simple html to WordpressSteffen Muldbjerg
 
Wordpress CMS tutorial and guide manual
Wordpress CMS tutorial and guide manualWordpress CMS tutorial and guide manual
Wordpress CMS tutorial and guide manualRalph Francis Cue
 
Intro to WordPress Child Themes
Intro to WordPress Child ThemesIntro to WordPress Child Themes
Intro to WordPress Child Themesvegasgeek
 
PSD to WordPress
PSD to WordPressPSD to WordPress
PSD to WordPressNile Flores
 
Making Money Using WordPress
Making Money Using WordPressMaking Money Using WordPress
Making Money Using WordPressNile Flores
 

More Related Content

What's hot

Getting Started with Wordpress
Getting Started with WordpressGetting Started with Wordpress
Getting Started with WordpressTom Semmes
 
Resources and lessons for using WordPress in your business
Resources and lessons for using WordPress in your businessResources and lessons for using WordPress in your business
Resources and lessons for using WordPress in your businessSteven Slack
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPressEunus Hosen
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPressCraig Bailey
 
WordPress for Beginners | WordCamp Birmingham
WordPress for Beginners | WordCamp BirminghamWordPress for Beginners | WordCamp Birmingham
WordPress for Beginners | WordCamp BirminghamBrian Krogsgard
 
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin Thomas
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin ThomasCtrl+F5 Bangalore 2017: Super charge you word press website by Justin Thomas
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin ThomasResellerClub
 
The Child Theme Dilemma (EN) - Milano Edition
The Child Theme Dilemma (EN) - Milano EditionThe Child Theme Dilemma (EN) - Milano Edition
The Child Theme Dilemma (EN) - Milano EditionTorsten Landsiedel
 
How to Clear WordPress Cache?
How to Clear WordPress Cache?How to Clear WordPress Cache?
How to Clear WordPress Cache?HTS Hosting
 
Empathetc Development
Empathetc DevelopmentEmpathetc Development
Empathetc DevelopmentKyle Evans
 
WordCamp Netherlands Keynote
WordCamp Netherlands KeynoteWordCamp Netherlands Keynote
WordCamp Netherlands KeynoteFrederick Townes
 
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017Bhushan Jawle
 
Word press 3 @ wordcamp
Word press 3 @ wordcampWord press 3 @ wordcamp
Word press 3 @ wordcampTris Hussey
 
Wp frameworks- WordCamp KTM #10
Wp frameworks- WordCamp KTM #10Wp frameworks- WordCamp KTM #10
Wp frameworks- WordCamp KTM #10Suman Maharjan
 
From simple html to Wordpress
From simple html to WordpressFrom simple html to Wordpress
From simple html to WordpressSteffen Muldbjerg
 
Wordpress CMS tutorial and guide manual
Wordpress CMS tutorial and guide manualWordpress CMS tutorial and guide manual
Wordpress CMS tutorial and guide manualRalph Francis Cue
 
Intro to WordPress Child Themes
Intro to WordPress Child ThemesIntro to WordPress Child Themes
Intro to WordPress Child Themesvegasgeek
 

What's hot (20)

Getting Started with Wordpress
Getting Started with WordpressGetting Started with Wordpress
Getting Started with Wordpress
 
Resources and lessons for using WordPress in your business
Resources and lessons for using WordPress in your businessResources and lessons for using WordPress in your business
Resources and lessons for using WordPress in your business
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPress
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPress
 
WordPress for Beginners | WordCamp Birmingham
WordPress for Beginners | WordCamp BirminghamWordPress for Beginners | WordCamp Birmingham
WordPress for Beginners | WordCamp Birmingham
 
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin Thomas
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin ThomasCtrl+F5 Bangalore 2017: Super charge you word press website by Justin Thomas
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin Thomas
 
The Child Theme Dilemma (EN) - Milano Edition
The Child Theme Dilemma (EN) - Milano EditionThe Child Theme Dilemma (EN) - Milano Edition
The Child Theme Dilemma (EN) - Milano Edition
 
How to Clear WordPress Cache?
How to Clear WordPress Cache?How to Clear WordPress Cache?
How to Clear WordPress Cache?
 
Web development
Web development Web development
Web development
 
Empathetc Development
Empathetc DevelopmentEmpathetc Development
Empathetc Development
 
WordPress Basics
WordPress BasicsWordPress Basics
WordPress Basics
 
WordCamp Denmark Keynote
WordCamp Denmark KeynoteWordCamp Denmark Keynote
WordCamp Denmark Keynote
 
WordCamp Netherlands Keynote
WordCamp Netherlands KeynoteWordCamp Netherlands Keynote
WordCamp Netherlands Keynote
 
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPress
 
Word press 3 @ wordcamp
Word press 3 @ wordcampWord press 3 @ wordcamp
Word press 3 @ wordcamp
 
Wp frameworks- WordCamp KTM #10
Wp frameworks- WordCamp KTM #10Wp frameworks- WordCamp KTM #10
Wp frameworks- WordCamp KTM #10
 
From simple html to Wordpress
From simple html to WordpressFrom simple html to Wordpress
From simple html to Wordpress
 
Wordpress CMS tutorial and guide manual
Wordpress CMS tutorial and guide manualWordpress CMS tutorial and guide manual
Wordpress CMS tutorial and guide manual
 
Intro to WordPress Child Themes
Intro to WordPress Child ThemesIntro to WordPress Child Themes
Intro to WordPress Child Themes
 

Viewers also liked

PSD to WordPress
PSD to WordPressPSD to WordPress
PSD to WordPressNile Flores
 
Making Money Using WordPress
Making Money Using WordPressMaking Money Using WordPress
Making Money Using WordPressNile Flores
 
How Blogging Can Benefit Your Business
How Blogging Can Benefit Your BusinessHow Blogging Can Benefit Your Business
How Blogging Can Benefit Your BusinessNile Flores
 
WordPress Custom Post Types
WordPress Custom Post TypesWordPress Custom Post Types
WordPress Custom Post TypesNile Flores
 
How to Make the Most out of Yoast SEO
How to Make the Most out of Yoast SEOHow to Make the Most out of Yoast SEO
How to Make the Most out of Yoast SEONile Flores
 
Design and Development Techniques for Accessibility: WordCamp Tampa 2015
Design and Development Techniques for Accessibility: WordCamp Tampa 2015Design and Development Techniques for Accessibility: WordCamp Tampa 2015
Design and Development Techniques for Accessibility: WordCamp Tampa 2015Robert Jolly
 
Miglioriamo le performance di wordpress
Miglioriamo le performance di wordpress Miglioriamo le performance di wordpress
Miglioriamo le performance di wordpress GGDBologna
 
Using Curated Content in WordPress - Why and How
Using Curated Content in WordPress - Why and HowUsing Curated Content in WordPress - Why and How
Using Curated Content in WordPress - Why and HowAdam W. Warner
 
Creating and Managing Content on Your WordPress Site
Creating and Managing Content on Your WordPress SiteCreating and Managing Content on Your WordPress Site
Creating and Managing Content on Your WordPress SiteKelly Henderson
 
Power Up Your Non-Profit Website With WordPress
Power Up Your Non-Profit Website With WordPressPower Up Your Non-Profit Website With WordPress
Power Up Your Non-Profit Website With WordPressRaymund Mitchell
 
Build your website before you install wordpress.
Build your website before you install wordpress.Build your website before you install wordpress.
Build your website before you install wordpress.Russell Aaron
 
Reno-Tahoe WordCamp 2011 - WordPress End User Security - Dre Armeda
Reno-Tahoe WordCamp 2011 - WordPress End User Security - Dre ArmedaReno-Tahoe WordCamp 2011 - WordPress End User Security - Dre Armeda
Reno-Tahoe WordCamp 2011 - WordPress End User Security - Dre ArmedaDre Armeda
 
WordCamp Nashville: Clean Code for WordPress
WordCamp Nashville: Clean Code for WordPressWordCamp Nashville: Clean Code for WordPress
WordCamp Nashville: Clean Code for WordPressmtoppa
 
Categories, Tags, Custom Post Types! Oh My!
Categories, Tags, Custom Post Types! Oh My!Categories, Tags, Custom Post Types! Oh My!
Categories, Tags, Custom Post Types! Oh My!sprclldr
 
A house with no walls: Creating a site structure for the future
A house with no walls: Creating a site structure for the futureA house with no walls: Creating a site structure for the future
A house with no walls: Creating a site structure for the futureGizmo Creative Factory, Inc.
 
Work, Life, Blog Balance
Work, Life, Blog BalanceWork, Life, Blog Balance
Work, Life, Blog BalanceAlicia Murray
 
WordPress Community: Choose your own adventure
WordPress Community: Choose your own adventureWordPress Community: Choose your own adventure
WordPress Community: Choose your own adventureAndrea Middleton
 

Viewers also liked (20)

PSD to WordPress
PSD to WordPressPSD to WordPress
PSD to WordPress
 
Making Money Using WordPress
Making Money Using WordPressMaking Money Using WordPress
Making Money Using WordPress
 
How Blogging Can Benefit Your Business
How Blogging Can Benefit Your BusinessHow Blogging Can Benefit Your Business
How Blogging Can Benefit Your Business
 
WordPress Custom Post Types
WordPress Custom Post TypesWordPress Custom Post Types
WordPress Custom Post Types
 
How to Make the Most out of Yoast SEO
How to Make the Most out of Yoast SEOHow to Make the Most out of Yoast SEO
How to Make the Most out of Yoast SEO
 
Design and Development Techniques for Accessibility: WordCamp Tampa 2015
Design and Development Techniques for Accessibility: WordCamp Tampa 2015Design and Development Techniques for Accessibility: WordCamp Tampa 2015
Design and Development Techniques for Accessibility: WordCamp Tampa 2015
 
Miglioriamo le performance di wordpress
Miglioriamo le performance di wordpress Miglioriamo le performance di wordpress
Miglioriamo le performance di wordpress
 
Using Curated Content in WordPress - Why and How
Using Curated Content in WordPress - Why and HowUsing Curated Content in WordPress - Why and How
Using Curated Content in WordPress - Why and How
 
Wordpress para seus Clientes
Wordpress para seus ClientesWordpress para seus Clientes
Wordpress para seus Clientes
 
Creating and Managing Content on Your WordPress Site
Creating and Managing Content on Your WordPress SiteCreating and Managing Content on Your WordPress Site
Creating and Managing Content on Your WordPress Site
 
Cain & Obenland — Episode 4
Cain & Obenland — Episode 4Cain & Obenland — Episode 4
Cain & Obenland — Episode 4
 
Power Up Your Non-Profit Website With WordPress
Power Up Your Non-Profit Website With WordPressPower Up Your Non-Profit Website With WordPress
Power Up Your Non-Profit Website With WordPress
 
Social SEO For Business
Social SEO For BusinessSocial SEO For Business
Social SEO For Business
 
Build your website before you install wordpress.
Build your website before you install wordpress.Build your website before you install wordpress.
Build your website before you install wordpress.
 
Reno-Tahoe WordCamp 2011 - WordPress End User Security - Dre Armeda
Reno-Tahoe WordCamp 2011 - WordPress End User Security - Dre ArmedaReno-Tahoe WordCamp 2011 - WordPress End User Security - Dre Armeda
Reno-Tahoe WordCamp 2011 - WordPress End User Security - Dre Armeda
 
WordCamp Nashville: Clean Code for WordPress
WordCamp Nashville: Clean Code for WordPressWordCamp Nashville: Clean Code for WordPress
WordCamp Nashville: Clean Code for WordPress
 
Categories, Tags, Custom Post Types! Oh My!
Categories, Tags, Custom Post Types! Oh My!Categories, Tags, Custom Post Types! Oh My!
Categories, Tags, Custom Post Types! Oh My!
 
A house with no walls: Creating a site structure for the future
A house with no walls: Creating a site structure for the futureA house with no walls: Creating a site structure for the future
A house with no walls: Creating a site structure for the future
 
Work, Life, Blog Balance
Work, Life, Blog BalanceWork, Life, Blog Balance
Work, Life, Blog Balance
 
WordPress Community: Choose your own adventure
WordPress Community: Choose your own adventureWordPress Community: Choose your own adventure
WordPress Community: Choose your own adventure
 

Similar to Introduction to WordPress Security

WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User SecurityDre Armeda
 
Word press security checklist
Word press security checklistWord press security checklist
Word press security checklistSanjay Dabhoya
 
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKEDWORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKEDStuartJDavidson.com
 
WordPress Security Basics
WordPress Security BasicsWordPress Security Basics
WordPress Security BasicsRyan Plas
 
WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)Michael Carnell
 
Word press security 101 2018
Word press security 101 2018 Word press security 101 2018
Word press security 101 2018 Laura Hartwig
 
Securing your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupSecuring your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupOyster Bay Marauders LLC
 
Security, more important than ever!
Security, more important than ever!Security, more important than ever!
Security, more important than ever!Marko Heijnen
 
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITERUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITEAcodez IT Solutions
 
Simple Ways to Secure and Maintain Your WordPress Website
Simple Ways to Secure and Maintain Your WordPress WebsiteSimple Ways to Secure and Maintain Your WordPress Website
Simple Ways to Secure and Maintain Your WordPress WebsiteRich Plakas
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutSiteGround.com
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressChelsea O'Brien
 
WordPress Security Best Practices 2019 Update
WordPress Security Best Practices 2019 UpdateWordPress Security Best Practices 2019 Update
WordPress Security Best Practices 2019 UpdateZero Point Development
 
WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013Thor Kristiansen
 
Word press beirut 9th meetup march
Word press beirut 9th meetup marchWord press beirut 9th meetup march
Word press beirut 9th meetup marchFadi Nicolas Zahhar
 
Responsible [digital] Home Ownership
Responsible [digital] Home OwnershipResponsible [digital] Home Ownership
Responsible [digital] Home OwnershipDenise (Dee) Teal
 
WordPress Security - Kulpreet Singh
WordPress Security - Kulpreet SinghWordPress Security - Kulpreet Singh
WordPress Security - Kulpreet Singhguest4fe370
 

Similar to Introduction to WordPress Security (20)

WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
 
Word press security checklist
Word press security checklistWord press security checklist
Word press security checklist
 
Secure wordpress
Secure wordpressSecure wordpress
Secure wordpress
 
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKEDWORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
 
WordPress security
WordPress securityWordPress security
WordPress security
 
WordPress Security Basics
WordPress Security BasicsWordPress Security Basics
WordPress Security Basics
 
WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)
 
I Have My WordPress Site Now What?
I Have My WordPress Site Now What?I Have My WordPress Site Now What?
I Have My WordPress Site Now What?
 
Word press security 101 2018
Word press security 101 2018 Word press security 101 2018
Word press security 101 2018
 
Securing your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupSecuring your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP Meetup
 
Security, more important than ever!
Security, more important than ever!Security, more important than ever!
Security, more important than ever!
 
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITERUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
 
Simple Ways to Secure and Maintain Your WordPress Website
Simple Ways to Secure and Maintain Your WordPress WebsiteSimple Ways to Secure and Maintain Your WordPress Website
Simple Ways to Secure and Maintain Your WordPress Website
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your Wordpress
 
WordPress Security Best Practices 2019 Update
WordPress Security Best Practices 2019 UpdateWordPress Security Best Practices 2019 Update
WordPress Security Best Practices 2019 Update
 
WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013
 
Word press beirut 9th meetup march
Word press beirut 9th meetup marchWord press beirut 9th meetup march
Word press beirut 9th meetup march
 
Responsible [digital] Home Ownership
Responsible [digital] Home OwnershipResponsible [digital] Home Ownership
Responsible [digital] Home Ownership
 
WordPress Security - Kulpreet Singh
WordPress Security - Kulpreet SinghWordPress Security - Kulpreet Singh
WordPress Security - Kulpreet Singh
 

More from Nile Flores

Practical SEO for WordPress Bloggers
Practical SEO for WordPress BloggersPractical SEO for WordPress Bloggers
Practical SEO for WordPress BloggersNile Flores
 
Make Money with WordPress for Bloggers
Make Money with WordPress for BloggersMake Money with WordPress for Bloggers
Make Money with WordPress for BloggersNile Flores
 
Social Media 101 for WordPress
Social Media 101 for WordPressSocial Media 101 for WordPress
Social Media 101 for WordPressNile Flores
 
Google Quality Guidelines 101 for WordPress Bloggers
Google Quality Guidelines 101 for WordPress BloggersGoogle Quality Guidelines 101 for WordPress Bloggers
Google Quality Guidelines 101 for WordPress BloggersNile Flores
 
Troubleshooting WordPress
Troubleshooting WordPressTroubleshooting WordPress
Troubleshooting WordPressNile Flores
 
How You Can Contribute to WordPress
How You Can Contribute to WordPressHow You Can Contribute to WordPress
How You Can Contribute to WordPressNile Flores
 
Basic Plugin Recommendations to get your WordPress Website Started
Basic Plugin Recommendations to get your WordPress Website StartedBasic Plugin Recommendations to get your WordPress Website Started
Basic Plugin Recommendations to get your WordPress Website StartedNile Flores
 
Podcasting for WordPress
Podcasting for WordPressPodcasting for WordPress
Podcasting for WordPressNile Flores
 
WordPress SEO: Getting Back to the Basics
WordPress SEO: Getting Back to the BasicsWordPress SEO: Getting Back to the Basics
WordPress SEO: Getting Back to the BasicsNile Flores
 
Typography for WordPress
Typography for WordPressTypography for WordPress
Typography for WordPressNile Flores
 
WordPress for business
WordPress for businessWordPress for business
WordPress for businessNile Flores
 
Avoiding Bloggers Block
Avoiding Bloggers BlockAvoiding Bloggers Block
Avoiding Bloggers BlockNile Flores
 
Introduction to Wordpress Theme Development
Introduction to Wordpress Theme Development Introduction to Wordpress Theme Development
Introduction to Wordpress Theme Development Nile Flores
 
Rocking Out Your Site With WordPress
Rocking Out Your Site With WordPressRocking Out Your Site With WordPress
Rocking Out Your Site With WordPressNile Flores
 
Setting Up your WordPress Site like a Pro
Setting Up your WordPress Site like a ProSetting Up your WordPress Site like a Pro
Setting Up your WordPress Site like a ProNile Flores
 
WordPress Tools and Tips for any Niche
WordPress Tools and Tips for any NicheWordPress Tools and Tips for any Niche
WordPress Tools and Tips for any NicheNile Flores
 

More from Nile Flores (16)

Practical SEO for WordPress Bloggers
Practical SEO for WordPress BloggersPractical SEO for WordPress Bloggers
Practical SEO for WordPress Bloggers
 
Make Money with WordPress for Bloggers
Make Money with WordPress for BloggersMake Money with WordPress for Bloggers
Make Money with WordPress for Bloggers
 
Social Media 101 for WordPress
Social Media 101 for WordPressSocial Media 101 for WordPress
Social Media 101 for WordPress
 
Google Quality Guidelines 101 for WordPress Bloggers
Google Quality Guidelines 101 for WordPress BloggersGoogle Quality Guidelines 101 for WordPress Bloggers
Google Quality Guidelines 101 for WordPress Bloggers
 
Troubleshooting WordPress
Troubleshooting WordPressTroubleshooting WordPress
Troubleshooting WordPress
 
How You Can Contribute to WordPress
How You Can Contribute to WordPressHow You Can Contribute to WordPress
How You Can Contribute to WordPress
 
Basic Plugin Recommendations to get your WordPress Website Started
Basic Plugin Recommendations to get your WordPress Website StartedBasic Plugin Recommendations to get your WordPress Website Started
Basic Plugin Recommendations to get your WordPress Website Started
 
Podcasting for WordPress
Podcasting for WordPressPodcasting for WordPress
Podcasting for WordPress
 
WordPress SEO: Getting Back to the Basics
WordPress SEO: Getting Back to the BasicsWordPress SEO: Getting Back to the Basics
WordPress SEO: Getting Back to the Basics
 
Typography for WordPress
Typography for WordPressTypography for WordPress
Typography for WordPress
 
WordPress for business
WordPress for businessWordPress for business
WordPress for business
 
Avoiding Bloggers Block
Avoiding Bloggers BlockAvoiding Bloggers Block
Avoiding Bloggers Block
 
Introduction to Wordpress Theme Development
Introduction to Wordpress Theme Development Introduction to Wordpress Theme Development
Introduction to Wordpress Theme Development
 
Rocking Out Your Site With WordPress
Rocking Out Your Site With WordPressRocking Out Your Site With WordPress
Rocking Out Your Site With WordPress
 
Setting Up your WordPress Site like a Pro
Setting Up your WordPress Site like a ProSetting Up your WordPress Site like a Pro
Setting Up your WordPress Site like a Pro
 
WordPress Tools and Tips for any Niche
WordPress Tools and Tips for any NicheWordPress Tools and Tips for any Niche
WordPress Tools and Tips for any Niche
 

Recently uploaded

"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 

Recently uploaded (20)

"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 

Introduction to WordPress Security

  • 1. Introduction to WordPress Security By Nile Flores @blondishnet http://blondish.net
  • 2. Objective ❏ Answer why security is important ❏ Basic WordPress security tips ❏ Some related general security tips that work hand-in-hand with WordPress security ❏ WordPress security plugin suggestions ❏ Resources to learn more about security
  • 3.
  • 4.
  • 5.
  • 6.
  • 7. Why is WordPress security important? Your website may be your livelihood. Like getting insurance and putting an alarm on your home or car, implementing security techniques or “hardening” your site protects your investment.
  • 8. Why you? It’s not about you. It’s not even about how much traffic you get. The hacks are usually with bots and done randomly.
  • 9. Ways In ❏ Your Internet Service Provider/ includes Wifi ❏ Your Email ❏ Your Web Hosting Account ❏ Web Scripts/ Software (Yes, this includes WordPress)
  • 10. Why do people hack? ❏ Make money ❏ Curiosity
  • 11. So, how does WordPress get compromised? ❏ Brute Force through your login ❏ Theme files ❏ Plugin files ❏ WordPress core files ❏ FTP/ Cpanel/ Plesk ❏ Bot attack/ DDoS
  • 12. Security is an ongoing process. Technology is always advancing, so you’re never going to be 100% secure.
  • 14. #1 Piece of WordPress Security Advice ALWAYS keep your WordPress core, themes, and plugins up-to-date!
  • 15. #2 Most Important Thing ALWAYS back up your website. Oh, and don’t just save the backup in one place. Store them in a couple places.
  • 17. Your Username Your username should never be “admin”
  • 18. Your Password ❏ You should never use “password” for your password ❏ Use sites like LastPass.com to save passwords ❏ Use different passwords for different websites
  • 19. Passwords (continued…) Try using a plugin that contains two-factor authentication. Clef Two-Factor Authentication is a cool one to use - http://bit.ly/1GK2OqB
  • 20. WordPress Database Prefix Change your database prefix. (By default it’s wp_ )
  • 21. Security Advice for Multiple Users ❏ Set their roles ❏ Don’t allow them full access to your web hosting account ❏ Remove users who are temporary tenants ❏ Don’t send their password from the WordPress admin panel
  • 22. Themes ❏ Keep your theme up-to-date ❏ Consider child theming - http://bit.ly/1cjzSdt ❏ Vett your theme ❏ Remove themes that you’re not using
  • 23. Plugins ❏ Keep your plugin up-to-date ❏ Vett your plugins before using ❏ Remove plugins that you’re not using
  • 24. WordPress Security Plugins ❏ Brute Protect (included in Jetpack) - http: //bruteprotect.com/ ❏ iThemes Security - http://bit.ly/1cNkPpN ❏ Wordfence - http://bit.ly/1ikXHyS ❏ Sucuri Security - http://bit.ly/1He85sW
  • 25. More WordPress Security Resources ❏ Codex (Hardening WordPress) - http://bit. ly/19fxUmu ❏ How to Secure Your WordPress Blog - http: //bit.ly/1dzTESE
  • 26. Not code savvy? If you don’t know code and were hacked, don’t worry… there’s always someone out there that offers Hack cleanups, and also Security audit services.
  • 27. Any Questions Nile Flores http://blondish.net Subscribe to my weekly newsletter! Twitter: @blondishnet Facebook: http://facebook.com/NileFlores SlideShare: http://slideshare.net/blondishnet All About WordPress group on Facebook