What do you do when you need to fix your WordPress website and there's no developer around to help? Here are the tools you need, the steps to take, and how to call in the cavalry.
23. “But what would a hacker
want with my site?”
Photo Credits:
Bitcoin Image courtesy Andre Francois via unsplash.com
Bot image courtesy Alex Knight vis unsplash.com
Spam Wall via Flickr user freezelight, via Creative Commons License
24. And now… statistics!
Small business websites are attacked
on average 58 times per day
Source: SiteLock Security
70% of WordPress sites have an exploitable vulnerability
Source: Sucuri
36. Try the easy stuff first.
• Migrating the site? Check the database for
references to the development URL. (phpMyAdmin
or a DB search-and-replace plugin)
• Updating plugins/themes? Disable the ones you just
updated.
• Editing a file? Check your syntax, or undo your
change.
• Caching plugin? Try dumping cache.
42. Try the easy stuff first.
• Migrating the site? Check the database for
references to the development URL. (phpMyAdmin
or a DB search-and-replace plugin)
• Updating plugins/themes? Disable the ones you just
updated.
• Editing a file? Check your syntax, or undo your
change.
• Caching plugin? Try dumping cache.
53. Hardening WordPress
• Move wp-config.php to one level above web root
and CHMOD 600
• Use .htaccess to deny access to files in install
directory, /wp-includes/, and /wp-content/
directories
• Use a plugin to move the location of the login and
wp-admin pages
• Make sure all users have nicknames set and no
actual usernames are displayed on the site
54. Two-Factor
Authentication
1. Decide on your second factor: Google, Yubikey,
Authy, SMS, phone call, or user’s choice?
2. Pick the 2FA plugin that supports it
3. Install it
56. Key Features
• Regular, automatic backups (you should still do your
own)
• One-click staging sites
• Automatic WordPress core updates
• Let’s Encrypt SSL support included
• BONUS: Automated migration tools
62. Solution:
Start Testing Now
• Install Gutenberg plugin on a staging site and start
checking posts and pages
• Pay particular attention to any plugins that augment
the native editor- they may break
• Install the Classic Editor plugin to be sure you’re
covered while you work on a migration plan
64. Solution: Start Testing on
PHP 7
• Plugin: PHP Compatibility Checker
• Update your staging site’s PHP version, if possible
• Or, set up a local staging environment to test