This document discusses the importance of website security and provides tips for keeping a WordPress site secure. It notes that hackers are constantly finding new ways to steal information. While there is no 100% secure site, some simple steps can help prevent hackers, like using strong, unique passwords, updating software regularly, and installing security plugins. It also recommends backing up the site frequently to external storage in case a hack does occur. The overall message is that basic security measures are important for all sites, regardless of size, as even small sites can be targets.
The recent spike of hack attempts on various Joomla sites has made it more urgent than ever to take actions and secure your Joomla in the best possible way. In this webinar the SiteGround Joomla Performance Guru Daniel Kanchev shows the best practices and shares insightful tricks how to protect your Joomla from getting hacked:
- Joomla administrator security settings
- Bullet-proof password tips
- Vulnerable extensions to avoid
- Web application firewall configurations
- Recommended server settings
- Intrusion detection and protection tools
- Disaster recovery plans
8 Most Popular Joomla Hacks & How To Avoid ThemSiteGround.com
Slides from a SiteGround webinar by SiteGround Joomla Performance Guru, Daniel Kanchev. He reveals the 8 most common ways a Joomla website can get hacked and what you can do to protect yourself from each of those hacks.
Outdated Extensions & Themes
Vulnerable Extensions & Themes
Stolen or Weak Login Details
Outdated / Vulnerable Server Software
Incorrectly Configured Web Server
Vulnerable Joomla on a Host Server
Incorrect Joomla Permissions
Local PC Malware
The recent spike of hack attempts on various Joomla sites has made it more urgent than ever to take actions and secure your Joomla in the best possible way. In this webinar the SiteGround Joomla Performance Guru Daniel Kanchev shows the best practices and shares insightful tricks how to protect your Joomla from getting hacked:
- Joomla administrator security settings
- Bullet-proof password tips
- Vulnerable extensions to avoid
- Web application firewall configurations
- Recommended server settings
- Intrusion detection and protection tools
- Disaster recovery plans
8 Most Popular Joomla Hacks & How To Avoid ThemSiteGround.com
Slides from a SiteGround webinar by SiteGround Joomla Performance Guru, Daniel Kanchev. He reveals the 8 most common ways a Joomla website can get hacked and what you can do to protect yourself from each of those hacks.
Outdated Extensions & Themes
Vulnerable Extensions & Themes
Stolen or Weak Login Details
Outdated / Vulnerable Server Software
Incorrectly Configured Web Server
Vulnerable Joomla on a Host Server
Incorrect Joomla Permissions
Local PC Malware
Talk on Securing WordPress site at WordCamp Nepal 2012. I will be covering Top 10 Myths That We Live By and Building Secure WordPress Sites in Simple 10 Steps. Watch Video at http://wordpress.tv/2013/02/26/sakin-shrestha-building-secure-wordpress-sites/
GoSec 2015 - Protecting the web from withinIMMUNIO
The web has become a part of our lives. We bank online, we shop online, we talk online, we even pay our taxes online. It's made our lives very convenient, but all that data makes a tempting target for hackers. Learn about some recent attacks on popular web frameworks and dig in to why they were effective. Learn how these advanced attacks can be detected, and how they can be stopped by applications which learn to protect themselves.
Rails comes with many powerful security protections out of the box, but no code is perfect. This talk will highlight a new approach to web app security, one focusing on a higher level of abstraction than current techniques. We will take a look at current security processes and tools and some common vulnerabilities still found in many Rails apps. Then we will investigate novel ways to protect against these vulnerabilities.
Are you a developer who works with PHP? Then this webinar was made for you.
Even though PHP is a simple and practical language, it is easy to make code with the help of unorthodox solutions, also known as "kludges", that can endanger your website.
In this webinar, Jean will explore some examples of PHP coding done incorrectly. Jean will also show you how badly written code is an invitation for hackers to exploit a website.
There have been some active moves to compromise sites developed in WordPress. These moves by some people have created a fear in WordPress users and making them think about security of WordPress. So in this presentation, Mr. Koirala is trying to convince users that WordPress is secure enough if we deploy it properly.
Common sense, simple security for WordPress. Many presentations have lots of complicated .htaccess tricks, moving/hiding files, etc. However, if people are overwhelmed with details, they tend to not do anything. If I were to summarize what you MUST do for security, I'd say:
1 - BACKUP - find a backup tool and use it. Subscribe to VaultPress.com or host your site with WPEngine.com or purchase BackupBuddy plugin and schedule regular backups. If you're short on cash, use BackWPUp plugin and download your wp-content folder.
2 - UPDATE - All plugins, themes, and WordPress at least once a month or whenever there is a security update. Sign up for an account at WordPress.org, so you'll get notices of WordPress security updates.
3 - DELETE -- All unused plugins and themes. These are your biggest security risks. Delete all unused copies of WordPress you might have installed on your server.
4 - BE CAUTIOUS - Don't use plugins willy nilly. Do some research. They are not all made the same, and they will leave you vulnerable to hacking.
5 - PASSWORDS -- Use strong, randomly generated passwords, all different, for everything - your hosting, ftp, WP login, and email. Use 1Password.com to track your passwords easily and securely.
6 - SECURITY PLUGINS -- Run Firewall 2 and Limit Login Attempts. There are others, but I don't know how well they play with others and what things they modify. You can check out Bulletproof Security and Better WP Security.
7 - BEST PRACTICES - See the slideshow for some other best practices regarding users, comments, etc.
If you just do the above 6 things systematically, you'll be far ahead of your peers! Good luck!
Identifying a Compromised WordPress SiteChris Burgess
This talk was originally delivered at the Melbourne WordPress Developer Meetup in July 2016. Rather than the common talks on hardening and prevention, this presentation covered how you can identify a WordPress website is compromised, and some of the early warning signs.
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri
TIP: Make sure you scroll to the last slide to view the video recording
On April 26th, 2017 at 11am PST, Caleb Lane - Firewall Analyst, presented this webinar.
Attention spans are getting shorter, and search engines are favoring websites with faster loading times and lower bounce rates. By optimizing your website performance, you can rank higher in search results, increase and retain your traffic and create an optimal user experience.
This webinar covered basic principles of website performance and teaches website owners:
- What two main metrics you should be focused on when optimizing your website.
- Which steps you can take to effectively optimize your website performance.
- How to utilize the recommended tools and solutions to accomplish these tasks.
How to Secure your WordPress Website - WordCamp UK 2014Primary Image Ltd
Here’s the slides from my talk on how to secure your WordPress website, which I gave at the WordCamp UK 2014 conference in Bournemouth on 12th July. I shared some security best practices and a few practical tips you can use to help harden your WordPress installation.
See the notes at: http://www.primaryimage.com/2014/07/secure-your-wordpress-website/
WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...Otto Kekäläinen
Extended edition of presentation about "WordPress security: what is important and what is not" held at WordCamp Finland, April 15th 2016 by Otto Kekäläinen (from WP-palvelu.fi / Seravo.fi)
A wild ride through the dizzying highs and terrifying lows of web security in 2015. Take a look at some major breaches of the year, including some free beer!
We’ll look at how attack trends have changed over the past year and new ways websites are being compromised. We’ve pulled together data from all the sites we protect to show you insights on types and patterns of attacks, and sophistication and origin of the attackers.
After the bad, we’ll look at the good - new technologies like RASP are helping secure the web.
Talk on Securing WordPress site at WordCamp Nepal 2012. I will be covering Top 10 Myths That We Live By and Building Secure WordPress Sites in Simple 10 Steps. Watch Video at http://wordpress.tv/2013/02/26/sakin-shrestha-building-secure-wordpress-sites/
GoSec 2015 - Protecting the web from withinIMMUNIO
The web has become a part of our lives. We bank online, we shop online, we talk online, we even pay our taxes online. It's made our lives very convenient, but all that data makes a tempting target for hackers. Learn about some recent attacks on popular web frameworks and dig in to why they were effective. Learn how these advanced attacks can be detected, and how they can be stopped by applications which learn to protect themselves.
Rails comes with many powerful security protections out of the box, but no code is perfect. This talk will highlight a new approach to web app security, one focusing on a higher level of abstraction than current techniques. We will take a look at current security processes and tools and some common vulnerabilities still found in many Rails apps. Then we will investigate novel ways to protect against these vulnerabilities.
Are you a developer who works with PHP? Then this webinar was made for you.
Even though PHP is a simple and practical language, it is easy to make code with the help of unorthodox solutions, also known as "kludges", that can endanger your website.
In this webinar, Jean will explore some examples of PHP coding done incorrectly. Jean will also show you how badly written code is an invitation for hackers to exploit a website.
There have been some active moves to compromise sites developed in WordPress. These moves by some people have created a fear in WordPress users and making them think about security of WordPress. So in this presentation, Mr. Koirala is trying to convince users that WordPress is secure enough if we deploy it properly.
Common sense, simple security for WordPress. Many presentations have lots of complicated .htaccess tricks, moving/hiding files, etc. However, if people are overwhelmed with details, they tend to not do anything. If I were to summarize what you MUST do for security, I'd say:
1 - BACKUP - find a backup tool and use it. Subscribe to VaultPress.com or host your site with WPEngine.com or purchase BackupBuddy plugin and schedule regular backups. If you're short on cash, use BackWPUp plugin and download your wp-content folder.
2 - UPDATE - All plugins, themes, and WordPress at least once a month or whenever there is a security update. Sign up for an account at WordPress.org, so you'll get notices of WordPress security updates.
3 - DELETE -- All unused plugins and themes. These are your biggest security risks. Delete all unused copies of WordPress you might have installed on your server.
4 - BE CAUTIOUS - Don't use plugins willy nilly. Do some research. They are not all made the same, and they will leave you vulnerable to hacking.
5 - PASSWORDS -- Use strong, randomly generated passwords, all different, for everything - your hosting, ftp, WP login, and email. Use 1Password.com to track your passwords easily and securely.
6 - SECURITY PLUGINS -- Run Firewall 2 and Limit Login Attempts. There are others, but I don't know how well they play with others and what things they modify. You can check out Bulletproof Security and Better WP Security.
7 - BEST PRACTICES - See the slideshow for some other best practices regarding users, comments, etc.
If you just do the above 6 things systematically, you'll be far ahead of your peers! Good luck!
Identifying a Compromised WordPress SiteChris Burgess
This talk was originally delivered at the Melbourne WordPress Developer Meetup in July 2016. Rather than the common talks on hardening and prevention, this presentation covered how you can identify a WordPress website is compromised, and some of the early warning signs.
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri
TIP: Make sure you scroll to the last slide to view the video recording
On April 26th, 2017 at 11am PST, Caleb Lane - Firewall Analyst, presented this webinar.
Attention spans are getting shorter, and search engines are favoring websites with faster loading times and lower bounce rates. By optimizing your website performance, you can rank higher in search results, increase and retain your traffic and create an optimal user experience.
This webinar covered basic principles of website performance and teaches website owners:
- What two main metrics you should be focused on when optimizing your website.
- Which steps you can take to effectively optimize your website performance.
- How to utilize the recommended tools and solutions to accomplish these tasks.
How to Secure your WordPress Website - WordCamp UK 2014Primary Image Ltd
Here’s the slides from my talk on how to secure your WordPress website, which I gave at the WordCamp UK 2014 conference in Bournemouth on 12th July. I shared some security best practices and a few practical tips you can use to help harden your WordPress installation.
See the notes at: http://www.primaryimage.com/2014/07/secure-your-wordpress-website/
WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...Otto Kekäläinen
Extended edition of presentation about "WordPress security: what is important and what is not" held at WordCamp Finland, April 15th 2016 by Otto Kekäläinen (from WP-palvelu.fi / Seravo.fi)
A wild ride through the dizzying highs and terrifying lows of web security in 2015. Take a look at some major breaches of the year, including some free beer!
We’ll look at how attack trends have changed over the past year and new ways websites are being compromised. We’ve pulled together data from all the sites we protect to show you insights on types and patterns of attacks, and sophistication and origin of the attackers.
After the bad, we’ll look at the good - new technologies like RASP are helping secure the web.
Protect Your WordPress From The Inside OutSiteGround.com
The recent spike of hack attempts on various WordPress sites has made it more urgent than ever to take actions and secure your WordPress in the best possible way. In this webinar the WebDevStudios founders show the best practices and share insightful tricks how to protect your WordPress from getting hacked:
- WordPress Security Threats & Trends
- WordPress Admin Security Settings
- Securing Files, Folders & Databases
- Bullet Proof Passwords
- Vulnerable WordPress Extensions
- Recommended Plugins & Services
Understanding word press security wwc-4-7-17Nicholas Batik
WordPress is a powerful tool for presenting your information on the web, but with great power comes great responsibility – and great targets for people intending various criminal intent. This presentation illustrates some of the risks and ways to mitigate them.
Website security is serious business. Knowing how to maximise your WordPress security can be the difference in losing your business or ruining your reputation. The rise in compromised websites has (and in my opinion will always) increase due to the nature of the Internet’s popularity and the demand from consumerism.
A Guide To Secure WordPress Website – A Complete Guide.pdfHost It Smart
Find out the comprehensive guide of best tricks to secure your WordPress website & create a strong wall of security for protection. Let’s Secure it today!
Thoughts on Defensive Development for SitecorePINT Inc
Presentation given by Thomas Powell (tpowell@pint.com) and Joe Lima (jlima@port80software.com) - 2-15-2012 covering WebAppSec issues with an emphasis on concerns with the Sitecore CMS platform.
Sorry for any small quirks in slideshare conversion.
What do you do when you need to fix your WordPress website and there's no developer around to help? Here are the tools you need, the steps to take, and how to call in the cavalry.
Presentation to YYC Bloggers Meetup on Plugins and Securing WordPress.
Geared to the beginner/average user. A presentation and discussion about the basic steps to better manage your WordPress site/blog.
This was presented at the March 16th, 2016 WordPress Meetup in Hamilton and describes WordPress Security and best practices that should be taken to protect any WordPress website against hackers whom target WordPress websites and impact your Google reputation and online presence.
Blog World 2010 - How to Keep Your Blog from Being HackedBrian Layman
This presentation was given in Las Vegas at BlogWorld 2010 by Brian Layman. It describes techniques that can be used to keep your WordPress website safe.
WordPress Cobb (Metro Atlanta) Users Group - May 11, 2021
How to elevate the customer experience every single time with easy steps that starts with the owner of the company down to greeting the customer.
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...Michele Butcher-Jones
A successful team starts with a valued group of individuals, held accountable for their decisions, and trust that they will own their position in the company. Micromanaging is a thing of the past and we will discuss ways of building a thriving department. Some of the topics will include effective training for new hires, setting the correct tone for success, effective mentorship in place of leadership, and much more. A valued team that is given proper training, the tools to do their job to the best of their ability, and the responsibility to make it their own will provide less turnover and a better work environment.
What To Do Post-Launch: How To Care For Your Brand New WordPress SiteMichele Butcher-Jones
What happens the morning after your website goes live? We will talk about everything you need to know to grow your website. Topics include backups, SEO, security, content creation, blogging, tips to get people to your site, and more.
Mental Health concerns are a big issue with people working remotely. Michele Jones goes through ways to help combat depression and anxiety while working remotely.
There is so much one can do to contribute to the WordPress project without writing a single line of code. This presentations covers all contributing opportunities within the WordPress Community.
People who work remotely have a high chance of dealing with mental illness at some time in their career. We talk about all the demons in the closet and what we can do for ourselves and the WordPress Community
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
4. Many do not think
security is important until
it is too late.
Every single day hackers find new ways to get your information.
Todays features are tomorrow’s vulnerabilities.
Stop them before they stop you
5. • Make bank
• build a zombie army
• Share their nasty code
with the world
• Get your information
• They are bored
• They want to see if
they can do it
Why do hackers hack?
6. But…Why are they
hacking me?
There is rarely ever a targeted hacking attack.
Typically all sites are considered targets. The big and the small.
7. • They guess your login information
• Denial of Service Attack (DDoS)
• Through a file in a theme, plugin, or anything on
your server where they found an exploit
• Through your FTP and/or cPanel configuration
And how do they get in?
8. Here is the only scary
thing I will say in this talk
16. Only give users the
access they need
Just because they want to be an admin does not mean they should.
Guest bloggers should rarely every be anything more than a
contributor.
17. If it is a temporary login, delete
the user when the job is done
If they do have posts, you can convert them to different users
or make them a subscriber with limited access.
18. Set up file detection
Many security plugins like iThemes Security and
WordFence will alert you when files have been changed
19. Only keep the theme you
are using and one backup
theme on your site.
The more themes that are on a site, the more open
chances you have to a vulnerability
20. Only keep the plugins you
have active on your site.
An uninstalled plugin is not a potential vulnerability.
Use the plugins repo favorites option to keep a list
of your favorite plugins
21. • iThemes Security (Free and Pro version
• Sucuri Firewall
• WordFence Security
• Jetpack with Brute Protect and Vault Press
Security Plugins
22. • Backup Buddy, UpDraftPlus, BackWPUp
• Always save to someplace OTHER than your server
• Save them to Dropbox, AWS, email, or your local
machine
• Have them scheduled to be made daily or at least
weekly
Always make backups!
23. Malware Scanning? Do I need it?
• Google Webmaster Tools
• Sucuri Scanner
• VirusTotal
If you feel your site could be infected, first do a malware scan
25. Update!
Update!
Update!
Update core. Update themes update plugins!
The biggest reasons of updates is typically security or feature related.
The biggest source of nearly all hacks is due to lack of updating.
26. If you use Envato products
(ThemeForest and CodeCanyon)
always check the box in the
downloads to be notified of updates.
That is the only way you will know if any of their products
need to be updated.
This is why the RevSlider infection was so widespread. Many
did not even know the plugin was built into their theme.
27. Don't ever let your site
get too lonely.
That is when the zombies come.
Nobody wants the zombies to come
28. If the unthinkable happens
and you do get hacked, it
is not the end of the world.
It can and will be fixed.
29. Who can clean my
hacked website?
Well I can!
And so can Sucuri and HackRepair