SlideShare a Scribd company logo

Keep Your SIte Secure

Michele Butcher-Jones
Michele Butcher-Jones

This document discusses the importance of website security and provides tips for keeping a WordPress site secure. It notes that hackers are constantly finding new ways to steal information. While there is no 100% secure site, some simple steps can help prevent hackers, like using strong, unique passwords, updating software regularly, and installing security plugins. It also recommends backing up the site frequently to external storage in case a hack does occur. The overall message is that basic security measures are important for all sites, regardless of size, as even small sites can be targets.

Technology
1 of 42
Download to read offline
Keep Your Site Secure
• WordPress Specialist, Site Cleaner, and Trainer for WP Security Lock • WordPress Evangelist for InMotion Hosting • Geek behind Can’t Speak Geek • Beginners and Intermediate WordPress Instructor Michele Butcher
Why is security important?
Many do not think security is important until it is too late. Every single day hackers find new ways to get your information. Todays features are tomorrow’s vulnerabilities. Stop them before they stop you
• Make bank • build a zombie army • Share their nasty code with the world • Get your information • They are bored • They want to see if they can do it Why do hackers hack?
But…Why are they hacking me? There is rarely ever a targeted hacking attack. Typically all sites are considered targets. The big and the small.
• They guess your login information • Denial of Service Attack (DDoS) • Through a file in a theme, plugin, or anything on your server where they found an exploit • Through your FTP and/or cPanel configuration And how do they get in?
Here is the only scary thing I will say in this talk
You are NEVER 100% secure
A test site or a site that might get 5 visitors a day can be hacked. It happened to me and it can happen to you.
Don’t Let Security Make you like this guy!
There are some simple steps to keep the hackers out
WordPress Security Basics 101
Never ever never use “admin” as a username or “password” as password. NEVER!!!! Any questions? Adm1n and Pa55w0rd do not count either!
Always use SFTP “S” is for safe!!!
Only give users the access they need Just because they want to be an admin does not mean they should. Guest bloggers should rarely every be anything more than a contributor.
If it is a temporary login, delete the user when the job is done If they do have posts, you can convert them to different users or make them a subscriber with limited access.
Set up file detection Many security plugins like iThemes Security and WordFence will alert you when files have been changed
Only keep the theme you are using and one backup theme on your site. The more themes that are on a site, the more open chances you have to a vulnerability
Only keep the plugins you have active on your site. An uninstalled plugin is not a potential vulnerability. Use the plugins repo favorites option to keep a list of your favorite plugins
• iThemes Security (Free and Pro version • Sucuri Firewall • WordFence Security • Jetpack with Brute Protect and Vault Press Security Plugins
• Backup Buddy, UpDraftPlus, BackWPUp • Always save to someplace OTHER than your server • Save them to Dropbox, AWS, email, or your local machine • Have them scheduled to be made daily or at least weekly Always make backups!
Malware Scanning? Do I need it? • Google Webmaster Tools
 • Sucuri Scanner
 • VirusTotal If you feel your site could be infected, first do a malware scan
What else can I do to protect my site?
Update! Update! Update! Update core. Update themes update plugins! The biggest reasons of updates is typically security or feature related. The biggest source of nearly all hacks is due to lack of updating.
If you use Envato products (ThemeForest and CodeCanyon) always check the box in the downloads to be notified of updates. That is the only way you will know if any of their products need to be updated. This is why the RevSlider infection was so widespread. Many did not even know the plugin was built into their theme.
Don't ever let your site get too lonely. That is when the zombies come. 
 Nobody wants the zombies to come
If the unthinkable happens and you do get hacked, it is not the end of the world. It can and will be fixed.
Who can clean my hacked website? Well I can! And so can Sucuri and HackRepair
Great! Are there any other ways I can be secure?
Always use complex passwords
Never email passwords
Never use the same password twice
• Last Pass • One Password • KeePass Use a Password Keeper
If a login has a Two- Factor Authentication, USE IT!
Anti-virus! Use it on all the things. Yes, even a Mac!
Be conscious when using public WiFi
• Torguard • Site Social • Hide My Ass Use a VPN if you use Public WiFi
Update! Update! Update!
Back everything up and back it up often! No one wants to lose their information stored on their computer. Bitcasa Caronbinte External Harddrives
Questions?
Thank you!!! Michele Butcher CantSpeakGeek.com WPSecurityLock.com @michele_butcher Slides can be found at http://mlb.pw/wcnc2015

Recommended

Beginning WordPress Security WordCamp North Canton 2015
Beginning WordPress Security WordCamp North Canton 2015Beginning WordPress Security WordCamp North Canton 2015
Beginning WordPress Security WordCamp North Canton 2015
Michele Butcher-Jones
 
10 Ways to Secure WordPress
10 Ways to Secure WordPress10 Ways to Secure WordPress
10 Ways to Secure WordPress
Jeremy Green
 
Passwords, Attakcks, and Security, oh my!
Passwords, Attakcks, and Security, oh my!Passwords, Attakcks, and Security, oh my!
Passwords, Attakcks, and Security, oh my!
Michele Butcher
 
Are You Safe From Hackers
Are You Safe From HackersAre You Safe From Hackers
Are You Safe From Hackers
Michele Butcher-Jones
 
8 Simple Ways to Hack Your Joomla
8 Simple Ways to Hack Your Joomla8 Simple Ways to Hack Your Joomla
8 Simple Ways to Hack Your Joomla
SiteGround.com
 
Attack of the BEAST
Attack of the BEASTAttack of the BEAST
Attack of the BEAST
Stefan Fodor
 
Secrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla RevealedSecrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla Revealed
SiteGround.com
 
8 Most Popular Joomla Hacks & How To Avoid Them
8 Most Popular Joomla Hacks & How To Avoid Them8 Most Popular Joomla Hacks & How To Avoid Them
8 Most Popular Joomla Hacks & How To Avoid Them
SiteGround.com
 

Recommended

Beginning WordPress Security WordCamp North Canton 2015
Beginning WordPress Security WordCamp North Canton 2015Beginning WordPress Security WordCamp North Canton 2015
Beginning WordPress Security WordCamp North Canton 2015
Michele Butcher-Jones
 
10 Ways to Secure WordPress
10 Ways to Secure WordPress10 Ways to Secure WordPress
10 Ways to Secure WordPress
Jeremy Green
 
Passwords, Attakcks, and Security, oh my!
Passwords, Attakcks, and Security, oh my!Passwords, Attakcks, and Security, oh my!
Passwords, Attakcks, and Security, oh my!
Michele Butcher
 
Are You Safe From Hackers
Are You Safe From HackersAre You Safe From Hackers
Are You Safe From Hackers
Michele Butcher-Jones
 
8 Simple Ways to Hack Your Joomla
8 Simple Ways to Hack Your Joomla8 Simple Ways to Hack Your Joomla
8 Simple Ways to Hack Your Joomla
SiteGround.com
 
Attack of the BEAST
Attack of the BEASTAttack of the BEAST
Attack of the BEAST
Stefan Fodor
 
Secrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla RevealedSecrets to a Hack-Proof Joomla Revealed
Secrets to a Hack-Proof Joomla Revealed
SiteGround.com
 
8 Most Popular Joomla Hacks & How To Avoid Them
8 Most Popular Joomla Hacks & How To Avoid Them8 Most Popular Joomla Hacks & How To Avoid Them
8 Most Popular Joomla Hacks & How To Avoid Them
SiteGround.com
 
WordCamp Philippines 2009: WordPress In The Wild
WordCamp Philippines 2009: WordPress In The WildWordCamp Philippines 2009: WordPress In The Wild
WordCamp Philippines 2009: WordPress In The Wildrebelpixel
 
Word Camp Ph 2009 Word Press In The Wild
Word Camp Ph 2009 Word Press In The WildWord Camp Ph 2009 Word Press In The Wild
Word Camp Ph 2009 Word Press In The Wildrebelpixel
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites
Catch Themes
 
8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website
SiteGround.com
 
GoSec 2015 - Protecting the web from within
GoSec 2015 - Protecting the web from withinGoSec 2015 - Protecting the web from within
GoSec 2015 - Protecting the web from within
IMMUNIO
 
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching VulnerabilitiesRailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
IMMUNIO
 
Security-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser AttacksSecurity-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser Attacks
Raghu Addanki
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?
Sucuri
 
WordPress Troubleshooting Hacks.pdf
WordPress Troubleshooting Hacks.pdfWordPress Troubleshooting Hacks.pdf
WordPress Troubleshooting Hacks.pdf
Arthur Kasirye
 
How secure is WordPress ?
How secure is WordPress ?How secure is WordPress ?
How secure is WordPress ?
Er. Narayan Koirala
 
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Michele Butcher-Jones
 
WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012
Angela Bowman
 
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERSHOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
Elsner Technologies Pvt Ltd
 
Basics for Securing WordPress
Basics for Securing WordPressBasics for Securing WordPress
Basics for Securing WordPress
miss604
 
WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security Essentials
Angela Bowman
 
Identifying a Compromised WordPress Site
Identifying a Compromised WordPress SiteIdentifying a Compromised WordPress Site
Identifying a Compromised WordPress Site
Chris Burgess
 
Sucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri
 
How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014
Primary Image Ltd
 
WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...
WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...
WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...
Otto Kekäläinen
 
State of Web Security RailsConf 2016
State of Web Security RailsConf 2016State of Web Security RailsConf 2016
State of Web Security RailsConf 2016
IMMUNIO
 
I Have My WordPress Site Now What?
I Have My WordPress Site Now What?I Have My WordPress Site Now What?
I Have My WordPress Site Now What?
Michele Butcher-Jones
 
Passwords, Attacks, and Security oh my!
Passwords, Attacks, and Security oh my!Passwords, Attacks, and Security oh my!
Passwords, Attacks, and Security oh my!
Michele Butcher-Jones
 

More Related Content

What's hot

WordCamp Philippines 2009: WordPress In The Wild
WordCamp Philippines 2009: WordPress In The WildWordCamp Philippines 2009: WordPress In The Wild
WordCamp Philippines 2009: WordPress In The Wildrebelpixel
 
Word Camp Ph 2009 Word Press In The Wild
Word Camp Ph 2009 Word Press In The WildWord Camp Ph 2009 Word Press In The Wild
Word Camp Ph 2009 Word Press In The Wildrebelpixel
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites
Catch Themes
 
8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website
SiteGround.com
 
GoSec 2015 - Protecting the web from within
GoSec 2015 - Protecting the web from withinGoSec 2015 - Protecting the web from within
GoSec 2015 - Protecting the web from within
IMMUNIO
 
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching VulnerabilitiesRailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
IMMUNIO
 
Security-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser AttacksSecurity-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser Attacks
Raghu Addanki
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?
Sucuri
 
WordPress Troubleshooting Hacks.pdf
WordPress Troubleshooting Hacks.pdfWordPress Troubleshooting Hacks.pdf
WordPress Troubleshooting Hacks.pdf
Arthur Kasirye
 
How secure is WordPress ?
How secure is WordPress ?How secure is WordPress ?
How secure is WordPress ?
Er. Narayan Koirala
 
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Michele Butcher-Jones
 
WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012
Angela Bowman
 
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERSHOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
Elsner Technologies Pvt Ltd
 
Basics for Securing WordPress
Basics for Securing WordPressBasics for Securing WordPress
Basics for Securing WordPress
miss604
 
WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security Essentials
Angela Bowman
 
Identifying a Compromised WordPress Site
Identifying a Compromised WordPress SiteIdentifying a Compromised WordPress Site
Identifying a Compromised WordPress Site
Chris Burgess
 
Sucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri
 
How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014
Primary Image Ltd
 
WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...
WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...
WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...
Otto Kekäläinen
 
State of Web Security RailsConf 2016
State of Web Security RailsConf 2016State of Web Security RailsConf 2016
State of Web Security RailsConf 2016
IMMUNIO
 

What's hot (20)

WordCamp Philippines 2009: WordPress In The Wild
WordCamp Philippines 2009: WordPress In The WildWordCamp Philippines 2009: WordPress In The Wild
WordCamp Philippines 2009: WordPress In The Wild
 
Word Camp Ph 2009 Word Press In The Wild
Word Camp Ph 2009 Word Press In The WildWord Camp Ph 2009 Word Press In The Wild
Word Camp Ph 2009 Word Press In The Wild
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites
 
8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website
 
GoSec 2015 - Protecting the web from within
GoSec 2015 - Protecting the web from withinGoSec 2015 - Protecting the web from within
GoSec 2015 - Protecting the web from within
 
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching VulnerabilitiesRailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
 
Security-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser AttacksSecurity-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser Attacks
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?
 
WordPress Troubleshooting Hacks.pdf
WordPress Troubleshooting Hacks.pdfWordPress Troubleshooting Hacks.pdf
WordPress Troubleshooting Hacks.pdf
 
How secure is WordPress ?
How secure is WordPress ?How secure is WordPress ?
How secure is WordPress ?
 
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
Intro to Security (Beginner's Edition) WordCamp St. Louis 2015
 
WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012
 
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERSHOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
HOW TO PROTECT YOUR WORDPRESS WEBSITE FROM HACKERS
 
Basics for Securing WordPress
Basics for Securing WordPressBasics for Securing WordPress
Basics for Securing WordPress
 
WordPress Security Essentials
WordPress Security EssentialsWordPress Security Essentials
WordPress Security Essentials
 
Identifying a Compromised WordPress Site
Identifying a Compromised WordPress SiteIdentifying a Compromised WordPress Site
Identifying a Compromised WordPress Site
 
Sucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best Performance
 
How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014
 
WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...
WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...
WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...
 
State of Web Security RailsConf 2016
State of Web Security RailsConf 2016State of Web Security RailsConf 2016
State of Web Security RailsConf 2016
 

Similar to Keep Your SIte Secure

I Have My WordPress Site Now What?
I Have My WordPress Site Now What?I Have My WordPress Site Now What?
I Have My WordPress Site Now What?
Michele Butcher-Jones
 
Passwords, Attacks, and Security oh my!
Passwords, Attacks, and Security oh my!Passwords, Attacks, and Security oh my!
Passwords, Attacks, and Security oh my!
Michele Butcher-Jones
 
WordPress Security Basics
WordPress Security BasicsWordPress Security Basics
WordPress Security Basics
Ryan Plas
 
Your Site Has Been Hacked, Now What?
Your Site Has Been Hacked, Now What?Your Site Has Been Hacked, Now What?
Your Site Has Been Hacked, Now What?
Michele Butcher-Jones
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
SiteGround.com
 
So Your Company Hired A Pentester
So Your Company Hired A PentesterSo Your Company Hired A Pentester
So Your Company Hired A PentesterNorthBayWeb
 
Passwords, Attacks, and Security oh My!
Passwords, Attacks, and Security oh My!Passwords, Attacks, and Security oh My!
Passwords, Attacks, and Security oh My!
Michele Butcher-Jones
 
Understanding word press security wwc-4-7-17
Understanding word press security wwc-4-7-17Understanding word press security wwc-4-7-17
Understanding word press security wwc-4-7-17
Nicholas Batik
 
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKEDWORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
StuartJDavidson.com
 
Keeping Your Joomla! Site Secure
Keeping Your Joomla! Site SecureKeeping Your Joomla! Site Secure
Keeping Your Joomla! Site Secure
joomladayhouston
 
A Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdfA Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdf
Host It Smart
 
Thoughts on Defensive Development for Sitecore
Thoughts on Defensive Development for SitecoreThoughts on Defensive Development for Sitecore
Thoughts on Defensive Development for Sitecore
PINT Inc
 
Emergency WordPress Troubleshooting
Emergency WordPress TroubleshootingEmergency WordPress Troubleshooting
Emergency WordPress Troubleshooting
Tiffany Bridge
 
WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and Security
Think Media Inc.
 
Internet security
Internet securityInternet security
Internet security
rfukunaga
 
WordPress Security and Best Practices
WordPress Security and Best PracticesWordPress Security and Best Practices
WordPress Security and Best Practices
Robert Vidal
 
WordPress Security
WordPress SecurityWordPress Security
WordPress Security
Nathan Platt
 
WPSecurity best practices of securing a word press website
WPSecurity best practices of securing a word press websiteWPSecurity best practices of securing a word press website
WPSecurity best practices of securing a word press website
Deola Kayode
 
Blog World 2010 - How to Keep Your Blog from Being Hacked
Blog World 2010 - How to Keep Your Blog from Being HackedBlog World 2010 - How to Keep Your Blog from Being Hacked
Blog World 2010 - How to Keep Your Blog from Being Hacked
Brian Layman
 

Similar to Keep Your SIte Secure (20)

I Have My WordPress Site Now What?
I Have My WordPress Site Now What?I Have My WordPress Site Now What?
I Have My WordPress Site Now What?
 
Passwords, Attacks, and Security oh my!
Passwords, Attacks, and Security oh my!Passwords, Attacks, and Security oh my!
Passwords, Attacks, and Security oh my!
 
WordPress Security Basics
WordPress Security BasicsWordPress Security Basics
WordPress Security Basics
 
Your Site Has Been Hacked, Now What?
Your Site Has Been Hacked, Now What?Your Site Has Been Hacked, Now What?
Your Site Has Been Hacked, Now What?
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
 
So Your Company Hired A Pentester
So Your Company Hired A PentesterSo Your Company Hired A Pentester
So Your Company Hired A Pentester
 
INTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSINTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDS
 
Passwords, Attacks, and Security oh My!
Passwords, Attacks, and Security oh My!Passwords, Attacks, and Security oh My!
Passwords, Attacks, and Security oh My!
 
Understanding word press security wwc-4-7-17
Understanding word press security wwc-4-7-17Understanding word press security wwc-4-7-17
Understanding word press security wwc-4-7-17
 
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKEDWORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
 
Keeping Your Joomla! Site Secure
Keeping Your Joomla! Site SecureKeeping Your Joomla! Site Secure
Keeping Your Joomla! Site Secure
 
A Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdfA Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdf
 
Thoughts on Defensive Development for Sitecore
Thoughts on Defensive Development for SitecoreThoughts on Defensive Development for Sitecore
Thoughts on Defensive Development for Sitecore
 
Emergency WordPress Troubleshooting
Emergency WordPress TroubleshootingEmergency WordPress Troubleshooting
Emergency WordPress Troubleshooting
 
WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and Security
 
Internet security
Internet securityInternet security
Internet security
 
WordPress Security and Best Practices
WordPress Security and Best PracticesWordPress Security and Best Practices
WordPress Security and Best Practices
 
WordPress Security
WordPress SecurityWordPress Security
WordPress Security
 
WPSecurity best practices of securing a word press website
WPSecurity best practices of securing a word press websiteWPSecurity best practices of securing a word press website
WPSecurity best practices of securing a word press website
 
Blog World 2010 - How to Keep Your Blog from Being Hacked
Blog World 2010 - How to Keep Your Blog from Being HackedBlog World 2010 - How to Keep Your Blog from Being Hacked
Blog World 2010 - How to Keep Your Blog from Being Hacked
 

More from Michele Butcher-Jones

Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
Onboarding Clients Does Not have to take a Miracle to get all the things! - W...Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
Michele Butcher-Jones
 
The Importance of Maintenance
The Importance of MaintenanceThe Importance of Maintenance
The Importance of Maintenance
Michele Butcher-Jones
 
Elevating Customer Experiences
Elevating Customer ExperiencesElevating Customer Experiences
Elevating Customer Experiences
Michele Butcher-Jones
 
You Don't Have to be Crazy to Work Here! A Mental Health Check
You Don't Have to be Crazy to Work Here! A Mental Health CheckYou Don't Have to be Crazy to Work Here! A Mental Health Check
You Don't Have to be Crazy to Work Here! A Mental Health Check
Michele Butcher-Jones
 
WordPress London: Creating a 5 Star Customer Experience
WordPress London: Creating a 5 Star Customer ExperienceWordPress London: Creating a 5 Star Customer Experience
WordPress London: Creating a 5 Star Customer Experience
Michele Butcher-Jones
 
Demons in the Closet - Handling your mental health while working remotely and...
Demons in the Closet - Handling your mental health while working remotely and...Demons in the Closet - Handling your mental health while working remotely and...
Demons in the Closet - Handling your mental health while working remotely and...
Michele Butcher-Jones
 
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Michele Butcher-Jones
 
What To Do Post-Launch: How To Care For Your Brand New WordPress Site
What To Do Post-Launch: How To Care For Your Brand New WordPress SiteWhat To Do Post-Launch: How To Care For Your Brand New WordPress Site
What To Do Post-Launch: How To Care For Your Brand New WordPress Site
Michele Butcher-Jones
 
The Five Star Customer Experience
The Five Star Customer ExperienceThe Five Star Customer Experience
The Five Star Customer Experience
Michele Butcher-Jones
 
Taming the Demons in the Closet
Taming the Demons in the ClosetTaming the Demons in the Closet
Taming the Demons in the Closet
Michele Butcher-Jones
 
My website is live now what?
My website is live now what?My website is live now what?
My website is live now what?
Michele Butcher-Jones
 
WordCamp St Louis 2018 Contributing Without Coding
WordCamp St Louis 2018 Contributing Without CodingWordCamp St Louis 2018 Contributing Without Coding
WordCamp St Louis 2018 Contributing Without Coding
Michele Butcher-Jones
 
Contributing to WordPress without Coding
Contributing to WordPress without CodingContributing to WordPress without Coding
Contributing to WordPress without Coding
Michele Butcher-Jones
 
The Five Star Customer Service Experience
The Five Star Customer Service ExperienceThe Five Star Customer Service Experience
The Five Star Customer Service Experience
Michele Butcher-Jones
 
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
Michele Butcher-Jones
 
Demons in the Closet WordCamp Montreal 2016
Demons in the Closet WordCamp Montreal 2016Demons in the Closet WordCamp Montreal 2016
Demons in the Closet WordCamp Montreal 2016
Michele Butcher-Jones
 
Jetpack All The Things
Jetpack All The ThingsJetpack All The Things
Jetpack All The Things
Michele Butcher-Jones
 
So i have a website now what?
So i have a website now what?So i have a website now what?
So i have a website now what?
Michele Butcher-Jones
 
WordPress for beginners lesson 4 fall2015 JALC
WordPress for beginners lesson 4 fall2015 JALCWordPress for beginners lesson 4 fall2015 JALC
WordPress for beginners lesson 4 fall2015 JALC
Michele Butcher-Jones
 
Word press for beginners lesson 3 jalc fall 2015
Word press for beginners lesson 3 jalc fall 2015Word press for beginners lesson 3 jalc fall 2015
Word press for beginners lesson 3 jalc fall 2015
Michele Butcher-Jones
 

More from Michele Butcher-Jones (20)

Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
Onboarding Clients Does Not have to take a Miracle to get all the things! - W...Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
Onboarding Clients Does Not have to take a Miracle to get all the things! - W...
 
The Importance of Maintenance
The Importance of MaintenanceThe Importance of Maintenance
The Importance of Maintenance
 
Elevating Customer Experiences
Elevating Customer ExperiencesElevating Customer Experiences
Elevating Customer Experiences
 
You Don't Have to be Crazy to Work Here! A Mental Health Check
You Don't Have to be Crazy to Work Here! A Mental Health CheckYou Don't Have to be Crazy to Work Here! A Mental Health Check
You Don't Have to be Crazy to Work Here! A Mental Health Check
 
WordPress London: Creating a 5 Star Customer Experience
WordPress London: Creating a 5 Star Customer ExperienceWordPress London: Creating a 5 Star Customer Experience
WordPress London: Creating a 5 Star Customer Experience
 
Demons in the Closet - Handling your mental health while working remotely and...
Demons in the Closet - Handling your mental health while working remotely and...Demons in the Closet - Handling your mental health while working remotely and...
Demons in the Closet - Handling your mental health while working remotely and...
 
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
Successful Teams are Created when Everyone Leads - Shift-Enter Charlottesvill...
 
What To Do Post-Launch: How To Care For Your Brand New WordPress Site
What To Do Post-Launch: How To Care For Your Brand New WordPress SiteWhat To Do Post-Launch: How To Care For Your Brand New WordPress Site
What To Do Post-Launch: How To Care For Your Brand New WordPress Site
 
The Five Star Customer Experience
The Five Star Customer ExperienceThe Five Star Customer Experience
The Five Star Customer Experience
 
Taming the Demons in the Closet
Taming the Demons in the ClosetTaming the Demons in the Closet
Taming the Demons in the Closet
 
My website is live now what?
My website is live now what?My website is live now what?
My website is live now what?
 
WordCamp St Louis 2018 Contributing Without Coding
WordCamp St Louis 2018 Contributing Without CodingWordCamp St Louis 2018 Contributing Without Coding
WordCamp St Louis 2018 Contributing Without Coding
 
Contributing to WordPress without Coding
Contributing to WordPress without CodingContributing to WordPress without Coding
Contributing to WordPress without Coding
 
The Five Star Customer Service Experience
The Five Star Customer Service ExperienceThe Five Star Customer Service Experience
The Five Star Customer Service Experience
 
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
Demons In The Closet - A look at Mental Health with Remote Wokers WordCamp St...
 
Demons in the Closet WordCamp Montreal 2016
Demons in the Closet WordCamp Montreal 2016Demons in the Closet WordCamp Montreal 2016
Demons in the Closet WordCamp Montreal 2016
 
Jetpack All The Things
Jetpack All The ThingsJetpack All The Things
Jetpack All The Things
 
So i have a website now what?
So i have a website now what?So i have a website now what?
So i have a website now what?
 
WordPress for beginners lesson 4 fall2015 JALC
WordPress for beginners lesson 4 fall2015 JALCWordPress for beginners lesson 4 fall2015 JALC
WordPress for beginners lesson 4 fall2015 JALC
 
Word press for beginners lesson 3 jalc fall 2015
Word press for beginners lesson 3 jalc fall 2015Word press for beginners lesson 3 jalc fall 2015
Word press for beginners lesson 3 jalc fall 2015
 

Recently uploaded

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
Fwdays
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 

Recently uploaded (20)

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 

Keep Your SIte Secure

  • 1. Keep Your Site Secure
  • 2. • WordPress Specialist, Site Cleaner, and Trainer for WP Security Lock • WordPress Evangelist for InMotion Hosting • Geek behind Can’t Speak Geek • Beginners and Intermediate WordPress Instructor Michele Butcher
  • 4. Many do not think security is important until it is too late. Every single day hackers find new ways to get your information. Todays features are tomorrow’s vulnerabilities. Stop them before they stop you
  • 5. • Make bank • build a zombie army • Share their nasty code with the world • Get your information • They are bored • They want to see if they can do it Why do hackers hack?
  • 6. But…Why are they hacking me? There is rarely ever a targeted hacking attack. Typically all sites are considered targets. The big and the small.
  • 7. • They guess your login information • Denial of Service Attack (DDoS) • Through a file in a theme, plugin, or anything on your server where they found an exploit • Through your FTP and/or cPanel configuration And how do they get in?
  • 8. Here is the only scary thing I will say in this talk
  • 10. A test site or a site that might get 5 visitors a day can be hacked. It happened to me and it can happen to you.
  • 12. There are some simple steps to keep the hackers out
  • 14. Never ever never use “admin” as a username or “password” as password. NEVER!!!! Any questions? Adm1n and Pa55w0rd do not count either!
  • 15. Always use SFTP “S” is for safe!!!
  • 16. Only give users the access they need Just because they want to be an admin does not mean they should. Guest bloggers should rarely every be anything more than a contributor.
  • 17. If it is a temporary login, delete the user when the job is done If they do have posts, you can convert them to different users or make them a subscriber with limited access.
  • 18. Set up file detection Many security plugins like iThemes Security and WordFence will alert you when files have been changed
  • 19. Only keep the theme you are using and one backup theme on your site. The more themes that are on a site, the more open chances you have to a vulnerability
  • 20. Only keep the plugins you have active on your site. An uninstalled plugin is not a potential vulnerability. Use the plugins repo favorites option to keep a list of your favorite plugins
  • 21. • iThemes Security (Free and Pro version • Sucuri Firewall • WordFence Security • Jetpack with Brute Protect and Vault Press Security Plugins
  • 22. • Backup Buddy, UpDraftPlus, BackWPUp • Always save to someplace OTHER than your server • Save them to Dropbox, AWS, email, or your local machine • Have them scheduled to be made daily or at least weekly Always make backups!
  • 23. Malware Scanning? Do I need it? • Google Webmaster Tools
 • Sucuri Scanner
 • VirusTotal If you feel your site could be infected, first do a malware scan
  • 24. What else can I do to protect my site?
  • 25. Update! Update! Update! Update core. Update themes update plugins! The biggest reasons of updates is typically security or feature related. The biggest source of nearly all hacks is due to lack of updating.
  • 26. If you use Envato products (ThemeForest and CodeCanyon) always check the box in the downloads to be notified of updates. That is the only way you will know if any of their products need to be updated. This is why the RevSlider infection was so widespread. Many did not even know the plugin was built into their theme.
  • 27. Don't ever let your site get too lonely. That is when the zombies come. 
 Nobody wants the zombies to come
  • 28. If the unthinkable happens and you do get hacked, it is not the end of the world. It can and will be fixed.
  • 29. Who can clean my hacked website? Well I can! And so can Sucuri and HackRepair
  • 30. Great! Are there any other ways I can be secure?
  • 33. Never use the same password twice
  • 34. • Last Pass • One Password • KeePass Use a Password Keeper
  • 35. If a login has a Two- Factor Authentication, USE IT!
  • 36. Anti-virus! Use it on all the things. Yes, even a Mac!
  • 37. Be conscious when using public WiFi
  • 38. • Torguard • Site Social • Hide My Ass Use a VPN if you use Public WiFi
  • 40. Back everything up and back it up often! No one wants to lose their information stored on their computer. Bitcasa Caronbinte External Harddrives
  • 42. Thank you!!! Michele Butcher CantSpeakGeek.com WPSecurityLock.com @michele_butcher Slides can be found at http://mlb.pw/wcnc2015