SlideShare a Scribd company logo
Beginners Security
WordCamp North Canton
Michele Butcher

CantSpeakGeek.com WPSecurityLock.com

@michele_butcher
Michele Butcher
WordPress Specialist, Site
Cleaner, and Trainer for WP
Security Lock
WordPress Evangelist for
InMotion Hosting
Geek behind Can’t Speak
Geek
Beginners and Intermediate
WordPress Instructor
Why is security
important?
Many do not think security is
important until it is too late.
Every single day hackers find new ways to get your
information.
Todays features are tomorrow’s vulnerabilities.
Stop them before they stop you
Why do hackers hack?
Make bank
build a zombie army
Share their nasty code with the world
Get your information
They are bored
They want to see if they can do it
But…Why are they
hacking me?
There is rarely ever a targeted hacking attack.
Typically all sites are considered targets. The big
and the small.
And how do they get in?
They guess your login information
Denial of Service Attack (DDoS)
Through a file in a theme, plugin, or anything
on your server where they found an exploit
Through your FTP and/or cPanel
configuration
Here is the only
scary thing I will say
in this talk
You are NEVER
100% secure
A test site or a site that might get
5 visitors a day can be hacked.
It happened to me and it can happen to you.
Don’t Let
Security
Make you like
this guy!
There are some
simple steps to keep
the hackers out
WordPress Security
Basics 101
Never ever never use “admin” as
a username or “password” as
password. NEVER!!!!
Any questions?
Adm1n and Pa55w0rd do not count either!
Always use SFTP
“S” is for safe!!!
Only give users the
access they need
Just because they want to be an admin does not
mean they should.
Guest bloggers should rarely every be anything
more than a contributor.
If it is a temporary login, delete
the user when the job is done
If they do have posts, you can convert them to different
users or make them a subscriber with limited access.
Set up file detection
Many security plugins like iThemes Security and
WordFence will alert you when files have been changed
Only keep the theme you are
using and one backup theme on
your site.
The more themes that are on a site, the more open
chances you have to a vulnerability
Only keep the plugins you
have active on your site.
An uninstalled plugin is not a potential vulnerability.
Use the plugins repo favorites option to keep a list of
your favorite plugins
Security Plugins
iThemes Security (Free and Pro version
Securi Firewall
WordFence Security
Jetpack with Brute Protect and Vault Press
Always make backups!
Backup Buddy, UpDraftPlus, BackWPUp
Always save to someplace OTHER than your
server
Save them to Dropbox, AWS, email, or your
local machine
Have them scheduled to be made daily or at
least weekly
Malware Scanning? Do I
need it?
If you suspect an issue scan your site!
Google Webmaster Tools
VirusTotal
iThemes Security Pro
Sucuri Scanner
What else can I do to
protect my site?
Update!
Update!
Update!
Update core. Update themes update plugins!
The biggest reasons of updates is typically security or feature
related.
The biggest source of nearly all hacks is due to lack of updating.
If you use Envato products
(ThemeForest and CodeCanyon)
always check the box in the
downloads to be notified of updates.
That is the only way you will know if any of their products
need to be updated.
This is why the RevSlider infection was so widespread. Many
did not even know the plugin was built into their theme.
Don't ever let your
site get too lonely.
That is when the zombies come. 

Nobody wants the zombies to come
If the unthinkable happens and
you do get hacked, it is not the
end of the world.
It can and will be fixed.
Who can clean my
hacked website?
Well I can!
And so can Securi and HackRepair
Great! Are there any other
ways I can be secure?
Always use complex
passwords
Never email
passwords
Never use the same
password twice
Use a Password Keeper
Last Pass
One Password
KeePass
If a login has a Two-
Factor Authentication,
USE IT!
Anti-virus!
Use it on all the things.
Yes, even a Mac!
Be conscious when
using public WiFi
Use a VPN if you use
Public WiFi
Torguard
Site Social
Hide My Ass
Update!
Update!
Update!
No one wants to lose their information
stored on their computer.
Back everything up
and back it up often!
Bitcasa
Carobinte
External Harddrives
Questions?
Thank you!!!
Michele Butcher
CantSpeakGeek.com WPSecurityLock.com
@michele_butcher

More Related Content

What's hot

RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching VulnerabilitiesRailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
IMMUNIO
 
Secrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla RevealedSecrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla Revealed
SiteGround.com
 
8 Most Popular Joomla Hacks & How To Avoid Them
8 Most Popular Joomla Hacks & How To Avoid Them8 Most Popular Joomla Hacks & How To Avoid Them
8 Most Popular Joomla Hacks & How To Avoid Them
SiteGround.com
 
8 Simple Ways to Hack Your Joomla
8 Simple Ways to Hack Your Joomla8 Simple Ways to Hack Your Joomla
8 Simple Ways to Hack Your Joomla
SiteGround.com
 
WordPress Plugins for Beginner Bloggers
WordPress Plugins for Beginner BloggersWordPress Plugins for Beginner Bloggers
WordPress Plugins for Beginner Bloggers
Eternal Spiral Books
 
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERSHOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
Elsner Technologies Pvt Ltd
 
Security 101
Security 101Security 101
Security 101
Michele Butcher-Jones
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites
Catch Themes
 
WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012
Angela Bowman
 
Improve WordPress Security How To
Improve WordPress Security How ToImprove WordPress Security How To
Improve WordPress Security How To
Vivekanand Arumanda
 
Security Isn't Scary and It's Not Rocket Science either.
Security Isn't Scary and It's Not Rocket Science either.Security Isn't Scary and It's Not Rocket Science either.
Security Isn't Scary and It's Not Rocket Science either.
Michele Butcher-Jones
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your Wordpress
Chelsea O'Brien
 
State of Web Security RailsConf 2016
State of Web Security RailsConf 2016State of Web Security RailsConf 2016
State of Web Security RailsConf 2016
IMMUNIO
 
Joomladay Netherlands - Security
Joomladay Netherlands - SecurityJoomladay Netherlands - Security
Joomladay Netherlands - Security
Wilco Jansen
 
Bảo Mật Website WordPress
Bảo Mật Website WordPressBảo Mật Website WordPress
Bảo Mật Website WordPress
Lê Quốc Toàn
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?
Sucuri
 
The Enemy On The Web
The Enemy On The WebThe Enemy On The Web
The Enemy On The Web
Bishan Singh
 
Sucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri
 
Basics for Securing WordPress
Basics for Securing WordPressBasics for Securing WordPress
Basics for Securing WordPress
miss604
 
Ten Easy Steps to Hackproof Your WordPress Install (Blogging While Brown 2013)
Ten Easy Steps to Hackproof Your WordPress Install (Blogging While Brown 2013)Ten Easy Steps to Hackproof Your WordPress Install (Blogging While Brown 2013)
Ten Easy Steps to Hackproof Your WordPress Install (Blogging While Brown 2013)
brandbuildsell
 

What's hot (20)

RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching VulnerabilitiesRailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
 
Secrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla RevealedSecrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla Revealed
 
8 Most Popular Joomla Hacks & How To Avoid Them
8 Most Popular Joomla Hacks & How To Avoid Them8 Most Popular Joomla Hacks & How To Avoid Them
8 Most Popular Joomla Hacks & How To Avoid Them
 
8 Simple Ways to Hack Your Joomla
8 Simple Ways to Hack Your Joomla8 Simple Ways to Hack Your Joomla
8 Simple Ways to Hack Your Joomla
 
WordPress Plugins for Beginner Bloggers
WordPress Plugins for Beginner BloggersWordPress Plugins for Beginner Bloggers
WordPress Plugins for Beginner Bloggers
 
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERSHOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
 
Security 101
Security 101Security 101
Security 101
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites
 
WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012
 
Improve WordPress Security How To
Improve WordPress Security How ToImprove WordPress Security How To
Improve WordPress Security How To
 
Security Isn't Scary and It's Not Rocket Science either.
Security Isn't Scary and It's Not Rocket Science either.Security Isn't Scary and It's Not Rocket Science either.
Security Isn't Scary and It's Not Rocket Science either.
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your Wordpress
 
State of Web Security RailsConf 2016
State of Web Security RailsConf 2016State of Web Security RailsConf 2016
State of Web Security RailsConf 2016
 
Joomladay Netherlands - Security
Joomladay Netherlands - SecurityJoomladay Netherlands - Security
Joomladay Netherlands - Security
 
Bảo Mật Website WordPress
Bảo Mật Website WordPressBảo Mật Website WordPress
Bảo Mật Website WordPress
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?
 
The Enemy On The Web
The Enemy On The WebThe Enemy On The Web
The Enemy On The Web
 
Sucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best Performance
 
Basics for Securing WordPress
Basics for Securing WordPressBasics for Securing WordPress
Basics for Securing WordPress
 
Ten Easy Steps to Hackproof Your WordPress Install (Blogging While Brown 2013)
Ten Easy Steps to Hackproof Your WordPress Install (Blogging While Brown 2013)Ten Easy Steps to Hackproof Your WordPress Install (Blogging While Brown 2013)
Ten Easy Steps to Hackproof Your WordPress Install (Blogging While Brown 2013)
 

Viewers also liked

Positive interventions
Positive interventionsPositive interventions
Positive interventions
Steven E. Hudson
 
Presentation1
Presentation1Presentation1
Presentation1
Behraam101
 
Aashna Patodia
Aashna PatodiaAashna Patodia
Aashna Patodia
Aashna Patodia
 
Pass 4 Venice
Pass 4 VenicePass 4 Venice
Pass 4 Venice
pass4venice
 
Master of Business Economics_Certificate
Master of Business Economics_CertificateMaster of Business Economics_Certificate
Master of Business Economics_CertificateM. Aftab Akbar Dogar
 
Anoop Kumar M S_CV
Anoop Kumar M S_CVAnoop Kumar M S_CV
Anoop Kumar M S_CV
Anoop Kumar M S
 
Pressupost d'Afers Exteriors - GenCat 2015
Pressupost d'Afers Exteriors - GenCat 2015Pressupost d'Afers Exteriors - GenCat 2015
Pressupost d'Afers Exteriors - GenCat 2015
Miqui Mel
 
powertools
powertoolspowertools
Richard Beckman Une Vicepresidente De Medios De Comunicacion
Richard Beckman Une Vicepresidente De Medios De ComunicacionRichard Beckman Une Vicepresidente De Medios De Comunicacion
Richard Beckman Une Vicepresidente De Medios De Comunicacion
vonda9fowler3
 
RESUME_Subhadeep
RESUME_SubhadeepRESUME_Subhadeep
RESUME_Subhadeep
SUBHADEEP CHAKRABORTY
 
Instrumentos apoio combate_discriminaçao act
Instrumentos apoio combate_discriminaçao actInstrumentos apoio combate_discriminaçao act
Instrumentos apoio combate_discriminaçao act
celsosimoesmendes
 
Faites connaissance avec
Faites connaissance avecFaites connaissance avec
Faites connaissance avec
Anastasia Red'ko
 
Case studies in oa profit versus mission - simon inger - berlin may 2015 - ...
Case studies in oa   profit versus mission - simon inger - berlin may 2015 - ...Case studies in oa   profit versus mission - simon inger - berlin may 2015 - ...
Case studies in oa profit versus mission - simon inger - berlin may 2015 - ...
Simon Inger
 
Standard IT practices and Adapting change in the Standard Practices
Standard IT practices and Adapting change in the Standard  PracticesStandard IT practices and Adapting change in the Standard  Practices
Standard IT practices and Adapting change in the Standard Practices
nirmal chhetri
 
Integrated Township
Integrated TownshipIntegrated Township
Integrated Township
CreativeArchitectInteriors
 
Робототехника для прикладных программистов
Робототехника для прикладных программистовРобототехника для прикладных программистов
Робототехника для прикладных программистов
DotNetConf
 
Get well soon
Get well soonGet well soon
Get well soon
Jayakrishnan kichu
 

Viewers also liked (18)

Positive interventions
Positive interventionsPositive interventions
Positive interventions
 
Presentation1
Presentation1Presentation1
Presentation1
 
Aashna Patodia
Aashna PatodiaAashna Patodia
Aashna Patodia
 
Pass 4 Venice
Pass 4 VenicePass 4 Venice
Pass 4 Venice
 
Master of Business Economics_Certificate
Master of Business Economics_CertificateMaster of Business Economics_Certificate
Master of Business Economics_Certificate
 
Anoop Kumar M S_CV
Anoop Kumar M S_CVAnoop Kumar M S_CV
Anoop Kumar M S_CV
 
Pressupost d'Afers Exteriors - GenCat 2015
Pressupost d'Afers Exteriors - GenCat 2015Pressupost d'Afers Exteriors - GenCat 2015
Pressupost d'Afers Exteriors - GenCat 2015
 
powertools
powertoolspowertools
powertools
 
Chave
ChaveChave
Chave
 
Richard Beckman Une Vicepresidente De Medios De Comunicacion
Richard Beckman Une Vicepresidente De Medios De ComunicacionRichard Beckman Une Vicepresidente De Medios De Comunicacion
Richard Beckman Une Vicepresidente De Medios De Comunicacion
 
RESUME_Subhadeep
RESUME_SubhadeepRESUME_Subhadeep
RESUME_Subhadeep
 
Instrumentos apoio combate_discriminaçao act
Instrumentos apoio combate_discriminaçao actInstrumentos apoio combate_discriminaçao act
Instrumentos apoio combate_discriminaçao act
 
Faites connaissance avec
Faites connaissance avecFaites connaissance avec
Faites connaissance avec
 
Case studies in oa profit versus mission - simon inger - berlin may 2015 - ...
Case studies in oa   profit versus mission - simon inger - berlin may 2015 - ...Case studies in oa   profit versus mission - simon inger - berlin may 2015 - ...
Case studies in oa profit versus mission - simon inger - berlin may 2015 - ...
 
Standard IT practices and Adapting change in the Standard Practices
Standard IT practices and Adapting change in the Standard  PracticesStandard IT practices and Adapting change in the Standard  Practices
Standard IT practices and Adapting change in the Standard Practices
 
Integrated Township
Integrated TownshipIntegrated Township
Integrated Township
 
Робототехника для прикладных программистов
Робототехника для прикладных программистовРобототехника для прикладных программистов
Робототехника для прикладных программистов
 
Get well soon
Get well soonGet well soon
Get well soon
 

Similar to Beginning WordPress Security WordCamp North Canton 2015

I Have My WordPress Site Now What?
I Have My WordPress Site Now What?I Have My WordPress Site Now What?
I Have My WordPress Site Now What?
Michele Butcher-Jones
 
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKEDWORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
StuartJDavidson.com
 
Word press security 101
Word press security 101  Word press security 101
Word press security 101
Kojac801
 
A Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdfA Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdf
Host It Smart
 
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITERUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
Acodez IT Solutions
 
Security, more important than ever!
Security, more important than ever!Security, more important than ever!
Security, more important than ever!
Marko Heijnen
 
WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
Dre Armeda
 
WordPress Site Management - Keeping Your Creation Happy, Healthy and Secure
WordPress Site Management - Keeping Your Creation Happy, Healthy and SecureWordPress Site Management - Keeping Your Creation Happy, Healthy and Secure
WordPress Site Management - Keeping Your Creation Happy, Healthy and Secure
Meagan Hanes
 
WordPress security
WordPress securityWordPress security
WordPress security
Shelley Magnezi
 
Internet security
Internet securityInternet security
Internet security
rfukunaga
 
So i have a website now what?
So i have a website now what?So i have a website now what?
So i have a website now what?
Michele Butcher-Jones
 
Higher Order WordPress Security
Higher Order WordPress SecurityHigher Order WordPress Security
Higher Order WordPress Security
Dougal Campbell
 
Locking Down Your WordPress Site
Locking Down Your WordPress SiteLocking Down Your WordPress Site
Locking Down Your WordPress Site
Frank Corso
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
SiteGround.com
 
WordPress Security Essential Tips & Tricks
WordPress Security Essential Tips & TricksWordPress Security Essential Tips & Tricks
WordPress Security Essential Tips & Tricks
Faraz Ahmed
 
Understanding word press security wwc-4-7-17
Understanding word press security wwc-4-7-17Understanding word press security wwc-4-7-17
Understanding word press security wwc-4-7-17
Nicholas Batik
 
Types of Security Threats WordPress Websites Face: Part-1
Types of Security Threats WordPress Websites Face: Part-1Types of Security Threats WordPress Websites Face: Part-1
Types of Security Threats WordPress Websites Face: Part-1
WPWhiteBoard
 
Securing Your Joomla website
Securing Your Joomla websiteSecuring Your Joomla website
Securing Your Joomla website
Mike Carson
 
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Michele Butcher-Jones
 
Website security
Website securityWebsite security
Website security
Akhilesh Kant
 

Similar to Beginning WordPress Security WordCamp North Canton 2015 (20)

I Have My WordPress Site Now What?
I Have My WordPress Site Now What?I Have My WordPress Site Now What?
I Have My WordPress Site Now What?
 
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKEDWORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
 
Word press security 101
Word press security 101  Word press security 101
Word press security 101
 
A Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdfA Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdf
 
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITERUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
 
Security, more important than ever!
Security, more important than ever!Security, more important than ever!
Security, more important than ever!
 
WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
 
WordPress Site Management - Keeping Your Creation Happy, Healthy and Secure
WordPress Site Management - Keeping Your Creation Happy, Healthy and SecureWordPress Site Management - Keeping Your Creation Happy, Healthy and Secure
WordPress Site Management - Keeping Your Creation Happy, Healthy and Secure
 
WordPress security
WordPress securityWordPress security
WordPress security
 
Internet security
Internet securityInternet security
Internet security
 
So i have a website now what?
So i have a website now what?So i have a website now what?
So i have a website now what?
 
Higher Order WordPress Security
Higher Order WordPress SecurityHigher Order WordPress Security
Higher Order WordPress Security
 
Locking Down Your WordPress Site
Locking Down Your WordPress SiteLocking Down Your WordPress Site
Locking Down Your WordPress Site
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
 
WordPress Security Essential Tips & Tricks
WordPress Security Essential Tips & TricksWordPress Security Essential Tips & Tricks
WordPress Security Essential Tips & Tricks
 
Understanding word press security wwc-4-7-17
Understanding word press security wwc-4-7-17Understanding word press security wwc-4-7-17
Understanding word press security wwc-4-7-17
 
Types of Security Threats WordPress Websites Face: Part-1
Types of Security Threats WordPress Websites Face: Part-1Types of Security Threats WordPress Websites Face: Part-1
Types of Security Threats WordPress Websites Face: Part-1
 
Securing Your Joomla website
Securing Your Joomla websiteSecuring Your Joomla website
Securing Your Joomla website
 
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
 
Website security
Website securityWebsite security
Website security
 

More from Michele Butcher-Jones

Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
Onboarding Clients Does Not have to take a Miracle to get all the things! - W...Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
Michele Butcher-Jones
 
The Importance of Maintenance
The Importance of MaintenanceThe Importance of Maintenance
The Importance of Maintenance
Michele Butcher-Jones
 
Elevating Customer Experiences
Elevating Customer ExperiencesElevating Customer Experiences
Elevating Customer Experiences
Michele Butcher-Jones
 
You Don't Have to be Crazy to Work Here! A Mental Health Check
You Don't Have to be Crazy to Work Here! A Mental Health CheckYou Don't Have to be Crazy to Work Here! A Mental Health Check
You Don't Have to be Crazy to Work Here! A Mental Health Check
Michele Butcher-Jones
 
WordPress London: Creating a 5 Star Customer Experience
WordPress London: Creating a 5 Star Customer ExperienceWordPress London: Creating a 5 Star Customer Experience
WordPress London: Creating a 5 Star Customer Experience
Michele Butcher-Jones
 
Demons in the Closet - Handling your mental health while working remotely and...
Demons in the Closet - Handling your mental health while working remotely and...Demons in the Closet - Handling your mental health while working remotely and...
Demons in the Closet - Handling your mental health while working remotely and...
Michele Butcher-Jones
 
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Michele Butcher-Jones
 
What To Do Post-Launch: How To Care For Your Brand New WordPress Site
What To Do Post-Launch: How To Care For Your Brand New WordPress SiteWhat To Do Post-Launch: How To Care For Your Brand New WordPress Site
What To Do Post-Launch: How To Care For Your Brand New WordPress Site
Michele Butcher-Jones
 
The Five Star Customer Experience
The Five Star Customer ExperienceThe Five Star Customer Experience
The Five Star Customer Experience
Michele Butcher-Jones
 
Taming the Demons in the Closet
Taming the Demons in the ClosetTaming the Demons in the Closet
Taming the Demons in the Closet
Michele Butcher-Jones
 
My website is live now what?
My website is live now what?My website is live now what?
My website is live now what?
Michele Butcher-Jones
 
WordCamp St Louis 2018 Contributing Without Coding
WordCamp St Louis 2018 Contributing Without CodingWordCamp St Louis 2018 Contributing Without Coding
WordCamp St Louis 2018 Contributing Without Coding
Michele Butcher-Jones
 
Contributing to WordPress without Coding
Contributing to WordPress without CodingContributing to WordPress without Coding
Contributing to WordPress without Coding
Michele Butcher-Jones
 
The Five Star Customer Service Experience
The Five Star Customer Service ExperienceThe Five Star Customer Service Experience
The Five Star Customer Service Experience
Michele Butcher-Jones
 
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
Michele Butcher-Jones
 
Demons in the Closet WordCamp Montreal 2016
Demons in the Closet WordCamp Montreal 2016Demons in the Closet WordCamp Montreal 2016
Demons in the Closet WordCamp Montreal 2016
Michele Butcher-Jones
 
Jetpack All The Things
Jetpack All The ThingsJetpack All The Things
Jetpack All The Things
Michele Butcher-Jones
 
WordPress for beginners lesson 4 fall2015 JALC
WordPress for beginners lesson 4 fall2015 JALCWordPress for beginners lesson 4 fall2015 JALC
WordPress for beginners lesson 4 fall2015 JALC
Michele Butcher-Jones
 
Word press for beginners lesson 3 jalc fall 2015
Word press for beginners lesson 3 jalc fall 2015Word press for beginners lesson 3 jalc fall 2015
Word press for beginners lesson 3 jalc fall 2015
Michele Butcher-Jones
 
Beginners WordPress JALC Lesson 2
Beginners WordPress JALC Lesson 2Beginners WordPress JALC Lesson 2
Beginners WordPress JALC Lesson 2
Michele Butcher-Jones
 

More from Michele Butcher-Jones (20)

Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
Onboarding Clients Does Not have to take a Miracle to get all the things! - W...Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
 
The Importance of Maintenance
The Importance of MaintenanceThe Importance of Maintenance
The Importance of Maintenance
 
Elevating Customer Experiences
Elevating Customer ExperiencesElevating Customer Experiences
Elevating Customer Experiences
 
You Don't Have to be Crazy to Work Here! A Mental Health Check
You Don't Have to be Crazy to Work Here! A Mental Health CheckYou Don't Have to be Crazy to Work Here! A Mental Health Check
You Don't Have to be Crazy to Work Here! A Mental Health Check
 
WordPress London: Creating a 5 Star Customer Experience
WordPress London: Creating a 5 Star Customer ExperienceWordPress London: Creating a 5 Star Customer Experience
WordPress London: Creating a 5 Star Customer Experience
 
Demons in the Closet - Handling your mental health while working remotely and...
Demons in the Closet - Handling your mental health while working remotely and...Demons in the Closet - Handling your mental health while working remotely and...
Demons in the Closet - Handling your mental health while working remotely and...
 
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
 
What To Do Post-Launch: How To Care For Your Brand New WordPress Site
What To Do Post-Launch: How To Care For Your Brand New WordPress SiteWhat To Do Post-Launch: How To Care For Your Brand New WordPress Site
What To Do Post-Launch: How To Care For Your Brand New WordPress Site
 
The Five Star Customer Experience
The Five Star Customer ExperienceThe Five Star Customer Experience
The Five Star Customer Experience
 
Taming the Demons in the Closet
Taming the Demons in the ClosetTaming the Demons in the Closet
Taming the Demons in the Closet
 
My website is live now what?
My website is live now what?My website is live now what?
My website is live now what?
 
WordCamp St Louis 2018 Contributing Without Coding
WordCamp St Louis 2018 Contributing Without CodingWordCamp St Louis 2018 Contributing Without Coding
WordCamp St Louis 2018 Contributing Without Coding
 
Contributing to WordPress without Coding
Contributing to WordPress without CodingContributing to WordPress without Coding
Contributing to WordPress without Coding
 
The Five Star Customer Service Experience
The Five Star Customer Service ExperienceThe Five Star Customer Service Experience
The Five Star Customer Service Experience
 
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
 
Demons in the Closet WordCamp Montreal 2016
Demons in the Closet WordCamp Montreal 2016Demons in the Closet WordCamp Montreal 2016
Demons in the Closet WordCamp Montreal 2016
 
Jetpack All The Things
Jetpack All The ThingsJetpack All The Things
Jetpack All The Things
 
WordPress for beginners lesson 4 fall2015 JALC
WordPress for beginners lesson 4 fall2015 JALCWordPress for beginners lesson 4 fall2015 JALC
WordPress for beginners lesson 4 fall2015 JALC
 
Word press for beginners lesson 3 jalc fall 2015
Word press for beginners lesson 3 jalc fall 2015Word press for beginners lesson 3 jalc fall 2015
Word press for beginners lesson 3 jalc fall 2015
 
Beginners WordPress JALC Lesson 2
Beginners WordPress JALC Lesson 2Beginners WordPress JALC Lesson 2
Beginners WordPress JALC Lesson 2
 

Recently uploaded

Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
Laura Szabó
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
fovkoyb
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
Paul Walk
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
zoowe
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
uehowe
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
davidjhones387
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
cuobya
 
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
cuobya
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
ysasp1
 
Understanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdfUnderstanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdf
SEO Article Boost
 
Explore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories SecretlyExplore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories Secretly
Trending Blogers
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
wolfsoftcompanyco
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
hackersuli
 
Design Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptxDesign Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptx
saathvikreddy2003
 
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
zyfovom
 
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
vmemo1
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
Toptal Tech
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
cuobya
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
uehowe
 
Azure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdfAzure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdf
AanSulistiyo
 

Recently uploaded (20)

Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
 
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
 
Understanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdfUnderstanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdf
 
Explore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories SecretlyExplore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories Secretly
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
 
Design Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptxDesign Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptx
 
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
 
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
 
Azure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdfAzure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdf
 

Beginning WordPress Security WordCamp North Canton 2015

  • 1. Beginners Security WordCamp North Canton Michele Butcher
 CantSpeakGeek.com WPSecurityLock.com
 @michele_butcher
  • 2. Michele Butcher WordPress Specialist, Site Cleaner, and Trainer for WP Security Lock WordPress Evangelist for InMotion Hosting Geek behind Can’t Speak Geek Beginners and Intermediate WordPress Instructor
  • 4. Many do not think security is important until it is too late. Every single day hackers find new ways to get your information. Todays features are tomorrow’s vulnerabilities. Stop them before they stop you
  • 5. Why do hackers hack? Make bank build a zombie army Share their nasty code with the world Get your information They are bored They want to see if they can do it
  • 6. But…Why are they hacking me? There is rarely ever a targeted hacking attack. Typically all sites are considered targets. The big and the small.
  • 7. And how do they get in? They guess your login information Denial of Service Attack (DDoS) Through a file in a theme, plugin, or anything on your server where they found an exploit Through your FTP and/or cPanel configuration
  • 8. Here is the only scary thing I will say in this talk
  • 10. A test site or a site that might get 5 visitors a day can be hacked. It happened to me and it can happen to you.
  • 12. There are some simple steps to keep the hackers out
  • 14. Never ever never use “admin” as a username or “password” as password. NEVER!!!! Any questions? Adm1n and Pa55w0rd do not count either!
  • 15. Always use SFTP “S” is for safe!!!
  • 16. Only give users the access they need Just because they want to be an admin does not mean they should. Guest bloggers should rarely every be anything more than a contributor.
  • 17. If it is a temporary login, delete the user when the job is done If they do have posts, you can convert them to different users or make them a subscriber with limited access.
  • 18. Set up file detection Many security plugins like iThemes Security and WordFence will alert you when files have been changed
  • 19. Only keep the theme you are using and one backup theme on your site. The more themes that are on a site, the more open chances you have to a vulnerability
  • 20. Only keep the plugins you have active on your site. An uninstalled plugin is not a potential vulnerability. Use the plugins repo favorites option to keep a list of your favorite plugins
  • 21. Security Plugins iThemes Security (Free and Pro version Securi Firewall WordFence Security Jetpack with Brute Protect and Vault Press
  • 22. Always make backups! Backup Buddy, UpDraftPlus, BackWPUp Always save to someplace OTHER than your server Save them to Dropbox, AWS, email, or your local machine Have them scheduled to be made daily or at least weekly
  • 23. Malware Scanning? Do I need it? If you suspect an issue scan your site! Google Webmaster Tools VirusTotal iThemes Security Pro Sucuri Scanner
  • 24. What else can I do to protect my site?
  • 25. Update! Update! Update! Update core. Update themes update plugins! The biggest reasons of updates is typically security or feature related. The biggest source of nearly all hacks is due to lack of updating.
  • 26. If you use Envato products (ThemeForest and CodeCanyon) always check the box in the downloads to be notified of updates. That is the only way you will know if any of their products need to be updated. This is why the RevSlider infection was so widespread. Many did not even know the plugin was built into their theme.
  • 27. Don't ever let your site get too lonely. That is when the zombies come. 
 Nobody wants the zombies to come
  • 28. If the unthinkable happens and you do get hacked, it is not the end of the world. It can and will be fixed.
  • 29. Who can clean my hacked website? Well I can! And so can Securi and HackRepair
  • 30. Great! Are there any other ways I can be secure?
  • 33. Never use the same password twice
  • 34. Use a Password Keeper Last Pass One Password KeePass
  • 35. If a login has a Two- Factor Authentication, USE IT!
  • 36. Anti-virus! Use it on all the things. Yes, even a Mac!
  • 37. Be conscious when using public WiFi
  • 38. Use a VPN if you use Public WiFi Torguard Site Social Hide My Ass
  • 40. No one wants to lose their information stored on their computer. Back everything up and back it up often! Bitcasa Carobinte External Harddrives
  • 42. Thank you!!! Michele Butcher CantSpeakGeek.com WPSecurityLock.com @michele_butcher