GB
Uploaded byGerroald Barron
1,504 views

WCBham Beginner WordPress Security

1) Use strong passwords, two-factor authentication, and password managers to better secure login credentials. 2) Implement SSL/HTTPS to encrypt data transfer and secure file permissions to prevent unauthorized access to server files. 3) Regularly update WordPress core, plugins, themes, passwords, and backups and remove unused items to maintain security.

Embed presentation

Downloaded 11 times
Beginner WordPress Security Tips to Help Secure Your WordPress Site WordCamp Birmingham, 2016 #wcbham
Gerroald Barron gerroald@ithemes.com - @gerroald https://profiles.wordpress.org/gerroald https://ithemes.com/security/ https://wordpress.org/plugins/better-wp-security/
Why Would Someone Want to Hack My Site? Twitter - @gerroald http://www.slideshare.net/GerroaldBarron
There are currently over 1 Billion websites on the web. https://sucuri.net/website-security/website-hacked-report WordPress powers about 26% of them. Twitter - @gerroald http://www.slideshare.net/GerroaldBarron
You’re likely not the target, WordPress is. Twitter - @gerroald www.slideshare.net/GerroaldBarron
It’s not about if you get attacked, but rather how to prevent it from being successful. Twitter - @gerroald www.slideshare.net/GerroaldBarron
If you know your passwords, they’re likely too weak. Strong Passwords
Password Managers https://www.dashlane.com/passwordmanager https://1password.com/ https://lastpass.com/ Twitter - @gerroald www.slideshare.net/GerroaldBarron
Two-Factor Authentication Two-Factor Authentication is not a mere nuisance, it’s Real Security. Twitter - @gerroald www.slideshare.net/GerroaldBarron
Two Factor Plugins WordPress Two-Factor Plugins https://ithemes.com/security/ Twitter - @gerroald www.slideshare.net/GerroaldBarron
Two-Factor Mobile Apps Google Authenticator Android Authy for iOS and Android Google Authenticator iOS Twitter - @gerroald www.slideshare.net/GerroaldBarron
Changing the Salts Salted Keys further protect your login credentials stored in your cookies. https://api.wordpress.org/secret-key/1.1/salt/ *tutorial*
Plugins to Change Your Salts https://wordpress.org/plugins/better-wp-security/ https://wordpress.org/plugins/wp-config-file-editor/ Twitter - @gerroald www.slideshare.net/GerroaldBarron
Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are a must. Twitter - @gerroald www.slideshare.net/GerroaldBarron
Using sFTP Encryption vs FTP The SFTP and FTP protocols both transfer data, that’s where their similarities end.
FTP stands for File Transfer Protocol sFTP stands for (SSH) File Transfer Protocol FTP transfers data between two remote connections, in plain text. sFTP ensures that data is securely transferred privately with use of the SSH2 protocol. Twitter - @gerroald www.slideshare.net/GerroaldBarron
SSL (Secure Sockets Layer) What is it? Why should I use it? Twitter - @gerroald www.slideshare.net/GerroaldBarron
SSL creates an encrypted connection between your web server and your visitors' web browser. Twitter - @gerroald www.slideshare.net/GerroaldBarron
HTTP stands for Hyper Text Protocol HTTPS stands for Hyper Text Protocol Secure When using HTTP to transfer information it’s relatively easy for a knowledgable person to intercept, and view it. When using HTTPS if anyone is able to intercept it, they still won’t be able to decipher it because it’s encrypted. SSL Secure Socket Layers is the security during the transfer while using HTTPS. Twitter - @gerroald www.slideshare.net/GerroaldBarron
Free SSL Certificates https://letsencrypt.org/ https://ssl.comodo.com/free-ssl-certificate.php Twitter - @gerroald www.slideshare.net/GerroaldBarron
Maintenance Keep WordPress Core up to date. Keep your plugins and themes up to date Regularly update your passwords Remove plugins, themes and users that aren't being used. ALWAYS have a recent backup. Twitter - @gerroald www.slideshare.net/GerroaldBarron
Summary Use a strong password with the help of a password manager Two-Factor for ALL THE THINGS Regularly change your Salts Use secure file permissions Use sFTP when ever possible Use SSL on all of your sites Please keep your site and everything on it up to date

More Related Content

PDF
The Slow Death of Passwords
byForgeRock Identity Tech Talks
 
PDF
Account Fraud Situation and Prevention in Rakuten
byRakuten Group, Inc.
 
PPT
TBEX - North America 2014 - 5 Tips to Keep Your Content and Users Safe
byTony Perez
 
PPTX
Death to passwords - DroidCon Paris 2014
byParis Android User Group
 
PPTX
Webinar: Personal Online Privacy - Sucuri Security
bySucuri
 
PPTX
Strong Passwords
byNorth Carolina State University
 
PPTX
Sucuri Webinar: Simple Steps To Secure Your Online Store
bySucuri
 
PDF
Safe Browsing in 2016
byGabor Szathmari
 
The Slow Death of Passwords
byForgeRock Identity Tech Talks
 
Account Fraud Situation and Prevention in Rakuten
byRakuten Group, Inc.
 
TBEX - North America 2014 - 5 Tips to Keep Your Content and Users Safe
byTony Perez
 
Death to passwords - DroidCon Paris 2014
byParis Android User Group
 
Webinar: Personal Online Privacy - Sucuri Security
bySucuri
 
Strong Passwords
byNorth Carolina State University
 
Sucuri Webinar: Simple Steps To Secure Your Online Store
bySucuri
 
Safe Browsing in 2016
byGabor Szathmari
 

What's hot

ODP
Digitalks #15 - Sicherheit im Netz
byMartin Leyrer
 
PPTX
Hack Snapchat Account
byjack ordert
 
DOCX
probed
bySecureBacklink1
 
PPTX
WordPress Security - Learning From Hacks
byTony Perez
 
PPTX
Sucuri Webinar: How Caching Options Can Impact Your Website Speed
bySucuri
 
PDF
Wannacry
byemeka onuzuruike
 
PPTX
Sucuri Webinar: How Websites Get Hacked
bySucuri
 
PDF
obtain additional security
bysnobbishmishap958
 
PDF
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
byMazin Ahmed
 
PPTX
WannaCry Ransomware
byZoho Corporation
 
PDF
Irm 13-phishing
byKasper de Waard
 
PDF
Usable security
byRachel Ilan Simpson
 
PDF
Cybercrime - Why we're not doomed after all
bySophos Benelux
 
PDF
Ransomware - Mark Chimely
byIISPEastMids
 
PPTX
Conectarse shh linux
byJames Jara
 
PDF
LTSTricks.net
bySandeep Kumar
 
PDF
obtain additional security
byoffbeatnominee633
 
PPTX
Google Penguin and Panda - Algorithm explanation
byWoptimo
 
PPTX
WordPress Security 2014 - The Basics of Security
byTony Perez
 
PPTX
Logs: Understanding Them to Better Manage Your WordPress Site
bySucuri
 
Digitalks #15 - Sicherheit im Netz
byMartin Leyrer
 
Hack Snapchat Account
byjack ordert
 
probed
bySecureBacklink1
 
WordPress Security - Learning From Hacks
byTony Perez
 
Sucuri Webinar: How Caching Options Can Impact Your Website Speed
bySucuri
 
Wannacry
byemeka onuzuruike
 
Sucuri Webinar: How Websites Get Hacked
bySucuri
 
obtain additional security
bysnobbishmishap958
 
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
byMazin Ahmed
 
WannaCry Ransomware
byZoho Corporation
 
Irm 13-phishing
byKasper de Waard
 
Usable security
byRachel Ilan Simpson
 
Cybercrime - Why we're not doomed after all
bySophos Benelux
 
Ransomware - Mark Chimely
byIISPEastMids
 
Conectarse shh linux
byJames Jara
 
LTSTricks.net
bySandeep Kumar
 
obtain additional security
byoffbeatnominee633
 
Google Penguin and Panda - Algorithm explanation
byWoptimo
 
WordPress Security 2014 - The Basics of Security
byTony Perez
 
Logs: Understanding Them to Better Manage Your WordPress Site
bySucuri
 

Viewers also liked

PDF
Getting Started With SlideShare
bySlideshare
 
PPTX
Word campktm speed-security
byDigamber Pradhan
 
PPTX
What to Upload to SlideShare
bySlideshare
 
PPTX
Wordpress Security Top 10 Protections
byRoshni Kumar Yambem
 
PPTX
WordPress Security - The "No-BS" Version
byTony Perez
 
PDF
Startup - Big Data - Data Science
byTeguh Nugraha
 
PPTX
WordPress Security for Beginners
byAdam W. Warner
 
PPTX
Data integration with embulk
byTeguh Nugraha
 
PPTX
Savremena ekonomija azije
byAndrea Širočka
 
PDF
WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...
byOtto Kekäläinen
 
PPTX
WordPress Security: Defend yourself against digital invaders
byVladimír Smitka
 
PPT
Portafolio Electrónico
bykalvaraddo
 
PPTX
Indija
byfridakalo64
 
PDF
Alternativa telemática en los países en desarrollo
byAcademia de Ingeniería de México
 
ODP
WordCamp Birmingham 2016 -- Do You Really Need a 3-lb Pocket Knife?
byKate Newbill
 
PPTX
Redes sociales [recuperado]
byKarol Mendez
 
PPT
Lucija Kočiš i Marina Mijatović - Indija
byMoja Geografija
 
PDF
Website Pricing 101: Don’t Be a Commodity
byGeoff Myers
 
PPT
Indija
bydusanjerkovic
 
PPTX
QXCA Make in India Presentation
byqxadvisors
 
Getting Started With SlideShare
bySlideshare
 
Word campktm speed-security
byDigamber Pradhan
 
What to Upload to SlideShare
bySlideshare
 
Wordpress Security Top 10 Protections
byRoshni Kumar Yambem
 
WordPress Security - The "No-BS" Version
byTony Perez
 
Startup - Big Data - Data Science
byTeguh Nugraha
 
WordPress Security for Beginners
byAdam W. Warner
 
Data integration with embulk
byTeguh Nugraha
 
Savremena ekonomija azije
byAndrea Širočka
 
WordPress Security 101 – WordCamp Finland 2016 presentation by Otto Kekäläine...
byOtto Kekäläinen
 
WordPress Security: Defend yourself against digital invaders
byVladimír Smitka
 
Portafolio Electrónico
bykalvaraddo
 
Indija
byfridakalo64
 
Alternativa telemática en los países en desarrollo
byAcademia de Ingeniería de México
 
WordCamp Birmingham 2016 -- Do You Really Need a 3-lb Pocket Knife?
byKate Newbill
 
Redes sociales [recuperado]
byKarol Mendez
 
Lucija Kočiš i Marina Mijatović - Indija
byMoja Geografija
 
Website Pricing 101: Don’t Be a Commodity
byGeoff Myers
 
Indija
bydusanjerkovic
 
QXCA Make in India Presentation
byqxadvisors
 

Similar to WCBham Beginner WordPress Security

PDF
Word press beirut 9th meetup march
byFadi Nicolas Zahhar
 
PPTX
WordPress Security - WordPress Meetup Copenhagen 2013
byThor Kristiansen
 
PDF
WordPress Security 101 - WordCamp Nairobi 2019
bystk_jj
 
PDF
Top Ten WordPress Security Tips for 2012
byBrad Williams
 
PPTX
Protect Your WordPress From The Inside Out
bySiteGround.com
 
PDF
Introduction to WordPress Security
byNile Flores
 
PPTX
7 tips to make word press website secure in 2021
byWebConnect Pvt Ltd
 
PDF
A Guide To Secure WordPress Website – A Complete Guide.pdf
byHost It Smart
 
PPTX
WordPress Security Fundamentals - WordCamp Biratnagar 2018
byAbul Khayer
 
PDF
WordPress Security - 12 WordPress Security Fundamentals
byfindingsimple
 
PPTX
How to Secure your WordPress Website - WordCamp UK 2014
byPrimary Image Ltd
 
PPT
WordCamp Chicago 2011 - WordPress End User Security - Dre Armeda
byDre Armeda
 
PDF
WordPress Security 101 - Meetup Nairobi March 2020
bystk_jj
 
PPT
WordCamp Philly WordPress End-User Security
byDre Armeda
 
ODP
WordPress Security
bySuzette Franck
 
PPT
WordPress End-User Security - WordCamp Las Vegas 2011
byDre Armeda
 
PDF
10 WordPress security measures you can implement today!
byToru Miki
 
PDF
WordPress security 101 - WP Turku Meetup 2.2.2017
byOtto Kekäläinen
 
PPTX
Building Secure WordPress Sites
byCatch Themes
 
PPTX
Wordpress security issues
byDeepu Thomas
 
Word press beirut 9th meetup march
byFadi Nicolas Zahhar
 
WordPress Security - WordPress Meetup Copenhagen 2013
byThor Kristiansen
 
WordPress Security 101 - WordCamp Nairobi 2019
bystk_jj
 
Top Ten WordPress Security Tips for 2012
byBrad Williams
 
Protect Your WordPress From The Inside Out
bySiteGround.com
 
Introduction to WordPress Security
byNile Flores
 
7 tips to make word press website secure in 2021
byWebConnect Pvt Ltd
 
A Guide To Secure WordPress Website – A Complete Guide.pdf
byHost It Smart
 
WordPress Security Fundamentals - WordCamp Biratnagar 2018
byAbul Khayer
 
WordPress Security - 12 WordPress Security Fundamentals
byfindingsimple
 
How to Secure your WordPress Website - WordCamp UK 2014
byPrimary Image Ltd
 
WordCamp Chicago 2011 - WordPress End User Security - Dre Armeda
byDre Armeda
 
WordPress Security 101 - Meetup Nairobi March 2020
bystk_jj
 
WordCamp Philly WordPress End-User Security
byDre Armeda
 
WordPress Security
bySuzette Franck
 
WordPress End-User Security - WordCamp Las Vegas 2011
byDre Armeda
 
10 WordPress security measures you can implement today!
byToru Miki
 
WordPress security 101 - WP Turku Meetup 2.2.2017
byOtto Kekäläinen
 
Building Secure WordPress Sites
byCatch Themes
 
Wordpress security issues
byDeepu Thomas
 

Recently uploaded

PPTX
AI Presentation it all about what is ai and how to implement in real life
byshraddhasule1710
 
PDF
A La Recherche Du Temps Perdu: In Search of the Cozy Web
byJen Looper
 
PDF
DNSSEC Implementation Journey at Prime Bank’s Domain
byBangladesh Network Operators Group
 
PPTX
BTCFi on Starknet,Troves.fi offers automated strategies for Bitcoin users on ...
bytrovesfi
 
PPTX
ENDNOTE refrencing how to do step by step..
byhumairasohaib19
 
PDF
Automating ISP Networks Using Ansible and IPAM as a Source of Truth [SoT]
byBangladesh Network Operators Group
 
PPTX
Passive Presentation pasdskpasdasdasdasf
byNoOne501682
 
PPTX
MEANING OF EMOJIS OF SOCIAL MEDIA - RUKUNDO Emmanuel..pptx
bysongsormusics
 
PPTX
ARCHITECTURESACGCHCIUOHCOHCSAKJCOQKCHUO.pptx
bymchlrdpc2921
 
PDF
OFFENSIVE OPERATIONS : THE ANATOMY OF A NETWORK TAKEOVER
byBangladesh Network Operators Group
 
PDF
A Day in the Life of IPv6 Scanning by Matsuzaki ʻmazʼ
byBangladesh Network Operators Group
 
PPTX
Facebook: How to Maximize for Everyday Business
byLP3I Surabaya
 
PPT
INTRODUCTION_TO_SOFTWARE_APPLICATION.pptx
byMESFINBELAY4
 
PPTX
evolution of internet (internet journey)
byyamunadevi49
 
PDF
Cybrain Software Solutions – Building Future-Ready Digital Tools
byCybrain Software Solutions
 
AI Presentation it all about what is ai and how to implement in real life
byshraddhasule1710
 
A La Recherche Du Temps Perdu: In Search of the Cozy Web
byJen Looper
 
DNSSEC Implementation Journey at Prime Bank’s Domain
byBangladesh Network Operators Group
 
BTCFi on Starknet,Troves.fi offers automated strategies for Bitcoin users on ...
bytrovesfi
 
ENDNOTE refrencing how to do step by step..
byhumairasohaib19
 
Automating ISP Networks Using Ansible and IPAM as a Source of Truth [SoT]
byBangladesh Network Operators Group
 
Passive Presentation pasdskpasdasdasdasf
byNoOne501682
 
MEANING OF EMOJIS OF SOCIAL MEDIA - RUKUNDO Emmanuel..pptx
bysongsormusics
 
ARCHITECTURESACGCHCIUOHCOHCSAKJCOQKCHUO.pptx
bymchlrdpc2921
 
OFFENSIVE OPERATIONS : THE ANATOMY OF A NETWORK TAKEOVER
byBangladesh Network Operators Group
 
A Day in the Life of IPv6 Scanning by Matsuzaki ʻmazʼ
byBangladesh Network Operators Group
 
Facebook: How to Maximize for Everyday Business
byLP3I Surabaya
 
INTRODUCTION_TO_SOFTWARE_APPLICATION.pptx
byMESFINBELAY4
 
evolution of internet (internet journey)
byyamunadevi49
 
Cybrain Software Solutions – Building Future-Ready Digital Tools
byCybrain Software Solutions
 

WCBham Beginner WordPress Security

  • 1.
    Beginner WordPress Security Tips toHelp Secure Your WordPress Site WordCamp Birmingham, 2016 #wcbham
  • 2.
    Gerroald Barron gerroald@ithemes.com -@gerroald https://profiles.wordpress.org/gerroald https://ithemes.com/security/ https://wordpress.org/plugins/better-wp-security/
  • 3.
    Why Would Someone Wantto Hack My Site? Twitter - @gerroald http://www.slideshare.net/GerroaldBarron
  • 4.
    There are currentlyover 1 Billion websites on the web. https://sucuri.net/website-security/website-hacked-report WordPress powers about 26% of them. Twitter - @gerroald http://www.slideshare.net/GerroaldBarron
  • 5.
    You’re likely notthe target, WordPress is. Twitter - @gerroald www.slideshare.net/GerroaldBarron
  • 7.
    It’s not aboutif you get attacked, but rather how to prevent it from being successful. Twitter - @gerroald www.slideshare.net/GerroaldBarron
  • 8.
    If you knowyour passwords, they’re likely too weak. Strong Passwords
  • 9.
  • 10.
    Two-Factor Authentication Two-Factor Authentication isnot a mere nuisance, it’s Real Security. Twitter - @gerroald www.slideshare.net/GerroaldBarron
  • 11.
    Two Factor Plugins WordPressTwo-Factor Plugins https://ithemes.com/security/ Twitter - @gerroald www.slideshare.net/GerroaldBarron
  • 12.
    Two-Factor Mobile Apps Google AuthenticatorAndroid Authy for iOS and Android Google Authenticator iOS Twitter - @gerroald www.slideshare.net/GerroaldBarron
  • 13.
    Changing the Salts SaltedKeys further protect your login credentials stored in your cookies. https://api.wordpress.org/secret-key/1.1/salt/ *tutorial*
  • 14.
    Plugins to Change YourSalts https://wordpress.org/plugins/better-wp-security/ https://wordpress.org/plugins/wp-config-file-editor/ Twitter - @gerroald www.slideshare.net/GerroaldBarron
  • 15.
    Secure File Permissions How secureis your site if anyone can view or write to your server files? It’s not. Secure file permissions are a must. Twitter - @gerroald www.slideshare.net/GerroaldBarron
  • 16.
    Using sFTP Encryption vsFTP The SFTP and FTP protocols both transfer data, that’s where their similarities end.
  • 17.
    FTP stands forFile Transfer Protocol sFTP stands for (SSH) File Transfer Protocol FTP transfers data between two remote connections, in plain text. sFTP ensures that data is securely transferred privately with use of the SSH2 protocol. Twitter - @gerroald www.slideshare.net/GerroaldBarron
  • 18.
    SSL (Secure SocketsLayer) What is it? Why should I use it? Twitter - @gerroald www.slideshare.net/GerroaldBarron
  • 19.
    SSL creates anencrypted connection between your web server and your visitors' web browser. Twitter - @gerroald www.slideshare.net/GerroaldBarron
  • 20.
    HTTP stands forHyper Text Protocol HTTPS stands for Hyper Text Protocol Secure When using HTTP to transfer information it’s relatively easy for a knowledgable person to intercept, and view it. When using HTTPS if anyone is able to intercept it, they still won’t be able to decipher it because it’s encrypted. SSL Secure Socket Layers is the security during the transfer while using HTTPS. Twitter - @gerroald www.slideshare.net/GerroaldBarron
  • 21.
  • 23.
    Maintenance Keep WordPress Coreup to date. Keep your plugins and themes up to date Regularly update your passwords Remove plugins, themes and users that aren't being used. ALWAYS have a recent backup. Twitter - @gerroald www.slideshare.net/GerroaldBarron
  • 24.
    Summary Use a strongpassword with the help of a password manager Two-Factor for ALL THE THINGS Regularly change your Salts Use secure file permissions Use sFTP when ever possible Use SSL on all of your sites Please keep your site and everything on it up to date