Uploaded bybekee
158 views

Why WordPress Works

Bekee Gibson, director of CMS at Earthling Interactive, presents on the importance of WordPress as a content management system while discussing its security vulnerabilities and common failures such as insecure hosting and weak passwords. She emphasizes that security is about risk reduction and offers practical advice on enhancing WordPress security, including enforcing strong passwords and regular updates. Gibson reassures small businesses that while they may feel insignificant, they are still potential targets for hackers and suggests proactive measures to improve security.

Technology
Related topics:
Web Development

Embed presentation

Download to read offline
Hi, I’m Bekee Gibson! 🙋 Director of CMS at Earthling Interactive • Developer, Team Lead, Project Manager for 6y • Madison WordPress Meetup Organizer for 3y • Technerd from wayback Some things I enjoy away from the computer: 🥘 Fooding 🧶 Knitting, a lot ☢ Fallout 4
What is WordPress? WordPress is a Content Management System. It is much more than a blogging platform. It’s Open Source, easy to use, and can be customized to fit your needs, the needs of your staff, and, most importantly, your customers.
Why is WordPress a target? 🎯 All websites on the internet are vulnerable to hacking attempts, so why does WordPress get a bad rap? WordPress runs 64% of all CMS sites, or 38% of all websites on the Internet. Those odds are pretty good if your goal is to harvest passwords.
Why WordPress Fails No, you’re not at the wrong presentation. 🤓 🤓🤓 🤓🤓🤓 🤓🤓🤓🤓
Why WordPress Fails ● Insecure Hosting ● Weak Passwords ● Users and admin access ● Default setup and configuration ● Core out of date ● Plugins & Themes ○ Out of date ○ Out of development ○ Out of service These all have a common element: A Human Choice
WordPress works when you work with it Fundamentally, security is not about perfectly secure systems. Such a thing might well be impractical, or impossible to find and/or maintain. What security is though is risk reduction, not risk elimination. It’s about employing all the appropriate controls available to you, within reason, that allow you to improve your overall posture reducing the odds of making yourself a target, subsequently getting hacked. – WordPress Security Codex
Why WordPress Works Decide about hosting ● 🤓 Shared ● 🤓🤓 Virtual Private Server (VPS) ● 🤓🤓🤓🤓 Dedicated (On Prem) ● 🤓🤓 Managed
Enforce a password policy Why WordPress Works
Enforce Two-factor Authorization (2FA) Why WordPress Works
Why WordPress Works Users and admin access ● 🤓 Make sure ‘admin’ is not a username ● 🤓 Create second admin user, remove the first ● 🤓 Audit users and their roles SELECT * FROM wp_users WHERE ID=1
Why WordPress Works Setup and configuration ● 🤓 Change database table prefix ● 🤓🤓🤓 Obfuscate, hide, or chmod wp-config.php ○ CHMOD 440 wp-config.php ● 🤓🤓 Disable file editing from the Dashboard ○ define('DISALLOW_FILE_EDIT', true); ● 🤓 Serve your site over HTTPS ● 🤓🤓🤓🤓 Use a code repository
Why WordPress Works Keep Core updated ● 🤓 Automatic Background Updates ● Update and test ○ 🤓🤓🤓 Local ○ 🤓🤓 Staging
Why WordPress Works Know your Plugins & Themes ● Keep them updated ● Check on the status ● Get from trusted sources
Why WordPress Works “I’m just a small business with a website, I’m not a target for hackers!” 🏢 vs 🏬 This all sounds like a lot, but you don’t have to do it alone. 🤝
Why WordPress Works Et voilà! Questions?

More Related Content

PDF
Word press beirut 9th meetup march
byFadi Nicolas Zahhar
 
PDF
Speed Up WordPress
byAbul Khayer
 
PDF
Websites for Hackers
byChris Antes
 
PDF
WordPress security & sanitation for beginners
byD'nelle Dowis
 
PDF
Community Code: Macadamian
bySencha
 
PDF
Top 10 website optimizations tips
bykatyaweb
 
PPT
Ctrl+F5 Ahmedabad, 2017 - BOOST THE PERFORMANCE OF WORDPRESS WEBSITES by Prat...
byResellerClub
 
PPTX
bootstrap
byLokesh Sharma
 
Word press beirut 9th meetup march
byFadi Nicolas Zahhar
 
Speed Up WordPress
byAbul Khayer
 
Websites for Hackers
byChris Antes
 
WordPress security & sanitation for beginners
byD'nelle Dowis
 
Community Code: Macadamian
bySencha
 
Top 10 website optimizations tips
bykatyaweb
 
Ctrl+F5 Ahmedabad, 2017 - BOOST THE PERFORMANCE OF WORDPRESS WEBSITES by Prat...
byResellerClub
 
bootstrap
byLokesh Sharma
 

What's hot

PDF
WebAssembly with Rust
byKnoldus Inc.
 
PPTX
Career on WordPress: How to get started with WordPress
byEunus Hosen
 
PDF
WeBB MeetUp#1 Web applications caching techniques
byMaciej Grajcarek
 
PDF
Automate your WordPress Workflow with Grunt.js
byJosh Lee
 
PPTX
Improving WordPress Performance: Xdebug and PHP profiling
bySeravo
 
PDF
Content Management Without the Killing
byDrew McLellan
 
PDF
Jump start php environment
byAdrian Sandu
 
PPTX
WORDPRESS
byAkhil Kumar
 
PDF
Caching and Optimization By M Asif Rahman @ WordCamp Orlando 2012 Final
byM Asif Rahman
 
PDF
wp cli- don’t fear the command line
byDwayne McDaniel
 
PPTX
Bootstrap - What the hell is it
byLaPlante Web Development
 
PDF
Securing your WordPress powered Website
byPratik Jagdishwala
 
PPTX
A crash course in scaling wordpress
byGovLoop
 
PPTX
WordPress.org & Optimizing Security for your WordPress sites
byGovLoop
 
PPTX
Learning gutenberg css tricks
byElliott Richmond
 
ODP
DrupalCamp STL: Get Your Drupal Sea Legs
byericthelast
 
PPTX
20120621 creating rich, responsive display and editor
byBIWUG
 
PPTX
WordPress Theme Development Workflow with Node.js, Ruby, Sass, Bower and Grunt
byBrajeshwar Oinam
 
PPSX
Hugo in Action: website creation made painless
byManning Publications
 
PDF
How to optimize and speed-up your website. The complete guide.
byAdam Mucha
 
WebAssembly with Rust
byKnoldus Inc.
 
Career on WordPress: How to get started with WordPress
byEunus Hosen
 
WeBB MeetUp#1 Web applications caching techniques
byMaciej Grajcarek
 
Automate your WordPress Workflow with Grunt.js
byJosh Lee
 
Improving WordPress Performance: Xdebug and PHP profiling
bySeravo
 
Content Management Without the Killing
byDrew McLellan
 
Jump start php environment
byAdrian Sandu
 
WORDPRESS
byAkhil Kumar
 
Caching and Optimization By M Asif Rahman @ WordCamp Orlando 2012 Final
byM Asif Rahman
 
wp cli- don’t fear the command line
byDwayne McDaniel
 
Bootstrap - What the hell is it
byLaPlante Web Development
 
Securing your WordPress powered Website
byPratik Jagdishwala
 
A crash course in scaling wordpress
byGovLoop
 
WordPress.org & Optimizing Security for your WordPress sites
byGovLoop
 
Learning gutenberg css tricks
byElliott Richmond
 
DrupalCamp STL: Get Your Drupal Sea Legs
byericthelast
 
20120621 creating rich, responsive display and editor
byBIWUG
 
WordPress Theme Development Workflow with Node.js, Ruby, Sass, Bower and Grunt
byBrajeshwar Oinam
 
Hugo in Action: website creation made painless
byManning Publications
 
How to optimize and speed-up your website. The complete guide.
byAdam Mucha
 

Similar to Why WordPress Works

PDF
Emergency WordPress Troubleshooting
byTiffany Bridge
 
PPTX
WordPress Security - What to do, What NOT to do
byWordPress Trivandrum
 
PPTX
Understanding word press security wwc-4-7-17
byNicholas Batik
 
KEY
Higher Order WordPress Security
byDougal Campbell
 
PPT
WordPress Security
byBrad Williams
 
PPTX
WordPress Security
byNathan Platt
 
PDF
WordPress Security Best Practices 2019 Update
byZero Point Development
 
PDF
ResellerClub Ctrl+F5 - WordPress Security session
byPratik Jagdishwala
 
PDF
Word press security checklist
bySanjay Dabhoya
 
PDF
WordPress Security 2018
byAdrian Mikeliunas
 
PDF
WordPress Security 101
byManifest Creative
 
PDF
WordPress Security - 12 WordPress Security Fundamentals
byfindingsimple
 
DOCX
The Ultimate Guide to Wordpress Security
byAidanChard
 
PPTX
How secure is WordPress ?
byEr. Narayan Koirala
 
PPT
Secure All The Things!
byDougal Campbell
 
PPTX
WordPress Security - WordPress Meetup Copenhagen 2013
byThor Kristiansen
 
PDF
WordPress Hardening: Strategies to Secure & Protect Your Website
byReliqusConsulting
 
PDF
Types of Security Threats WordPress Websites Face: Part-1
byWPWhiteBoard
 
PPTX
WordPress Security Best Practices
byZero Point Development
 
PPTX
Dan Catalin Vasile - Hacking the Wordpress Ecosystem
byDan Vasile
 
Emergency WordPress Troubleshooting
byTiffany Bridge
 
WordPress Security - What to do, What NOT to do
byWordPress Trivandrum
 
Understanding word press security wwc-4-7-17
byNicholas Batik
 
Higher Order WordPress Security
byDougal Campbell
 
WordPress Security
byBrad Williams
 
WordPress Security
byNathan Platt
 
WordPress Security Best Practices 2019 Update
byZero Point Development
 
ResellerClub Ctrl+F5 - WordPress Security session
byPratik Jagdishwala
 
Word press security checklist
bySanjay Dabhoya
 
WordPress Security 2018
byAdrian Mikeliunas
 
WordPress Security 101
byManifest Creative
 
WordPress Security - 12 WordPress Security Fundamentals
byfindingsimple
 
The Ultimate Guide to Wordpress Security
byAidanChard
 
How secure is WordPress ?
byEr. Narayan Koirala
 
Secure All The Things!
byDougal Campbell
 
WordPress Security - WordPress Meetup Copenhagen 2013
byThor Kristiansen
 
WordPress Hardening: Strategies to Secure & Protect Your Website
byReliqusConsulting
 
Types of Security Threats WordPress Websites Face: Part-1
byWPWhiteBoard
 
WordPress Security Best Practices
byZero Point Development
 
Dan Catalin Vasile - Hacking the Wordpress Ecosystem
byDan Vasile
 

Recently uploaded

PDF
7 Essential Types of Penetration Testing Services Every Business Should Under...
bypandeydevika621
 
PDF
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
PDF
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
PDF
AI and Zero Trust: What it takes to do it right
byMark Simos
 
PDF
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
PDF
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
PDF
Transcript: What Thema can do: Leveraging metadata to support the discoverabi...
byBookNet Canada
 
PDF
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
PPTX
Cyber security chapter 1 for learning and educating to the students who want ...
byGulMohammadi
 
PDF
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
PDF
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
PDF
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
PDF
Transcript: EU regulations for the North American book supply chain - Tech Fo...
byBookNet Canada
 
PDF
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
PDF
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
PDF
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
PDF
Designing a Blog Using Wordpress
bymarkzubi50
 
PPTX
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
PPTX
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
 
PDF
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
7 Essential Types of Penetration Testing Services Every Business Should Under...
bypandeydevika621
 
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
AI and Zero Trust: What it takes to do it right
byMark Simos
 
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
Transcript: What Thema can do: Leveraging metadata to support the discoverabi...
byBookNet Canada
 
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
Cyber security chapter 1 for learning and educating to the students who want ...
byGulMohammadi
 
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
Transcript: EU regulations for the North American book supply chain - Tech Fo...
byBookNet Canada
 
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
Designing a Blog Using Wordpress
bymarkzubi50
 
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
 
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 

Why WordPress Works

  • 1.
    Hi, I’m BekeeGibson! 🙋 Director of CMS at Earthling Interactive • Developer, Team Lead, Project Manager for 6y • Madison WordPress Meetup Organizer for 3y • Technerd from wayback Some things I enjoy away from the computer: 🥘 Fooding 🧶 Knitting, a lot ☢ Fallout 4
  • 2.
    What is WordPress? WordPressis a Content Management System. It is much more than a blogging platform. It’s Open Source, easy to use, and can be customized to fit your needs, the needs of your staff, and, most importantly, your customers.
  • 3.
    Why is WordPressa target? 🎯 All websites on the internet are vulnerable to hacking attempts, so why does WordPress get a bad rap? WordPress runs 64% of all CMS sites, or 38% of all websites on the Internet. Those odds are pretty good if your goal is to harvest passwords.
  • 4.
    Why WordPress Fails No,you’re not at the wrong presentation. 🤓 🤓🤓 🤓🤓🤓 🤓🤓🤓🤓
  • 5.
    Why WordPress Fails ●Insecure Hosting ● Weak Passwords ● Users and admin access ● Default setup and configuration ● Core out of date ● Plugins & Themes ○ Out of date ○ Out of development ○ Out of service These all have a common element: A Human Choice
  • 6.
    WordPress works whenyou work with it Fundamentally, security is not about perfectly secure systems. Such a thing might well be impractical, or impossible to find and/or maintain. What security is though is risk reduction, not risk elimination. It’s about employing all the appropriate controls available to you, within reason, that allow you to improve your overall posture reducing the odds of making yourself a target, subsequently getting hacked. – WordPress Security Codex
  • 7.
    Why WordPress Works Decideabout hosting ● 🤓 Shared ● 🤓🤓 Virtual Private Server (VPS) ● 🤓🤓🤓🤓 Dedicated (On Prem) ● 🤓🤓 Managed
  • 8.
    Enforce a passwordpolicy Why WordPress Works
  • 9.
    Enforce Two-factor Authorization(2FA) Why WordPress Works
  • 10.
    Why WordPress Works Usersand admin access ● 🤓 Make sure ‘admin’ is not a username ● 🤓 Create second admin user, remove the first ● 🤓 Audit users and their roles SELECT * FROM wp_users WHERE ID=1
  • 11.
    Why WordPress Works Setupand configuration ● 🤓 Change database table prefix ● 🤓🤓🤓 Obfuscate, hide, or chmod wp-config.php ○ CHMOD 440 wp-config.php ● 🤓🤓 Disable file editing from the Dashboard ○ define('DISALLOW_FILE_EDIT', true); ● 🤓 Serve your site over HTTPS ● 🤓🤓🤓🤓 Use a code repository
  • 12.
    Why WordPress Works KeepCore updated ● 🤓 Automatic Background Updates ● Update and test ○ 🤓🤓🤓 Local ○ 🤓🤓 Staging
  • 13.
    Why WordPress Works Knowyour Plugins & Themes ● Keep them updated ● Check on the status ● Get from trusted sources
  • 14.
    Why WordPress Works “I’mjust a small business with a website, I’m not a target for hackers!” 🏢 vs 🏬 This all sounds like a lot, but you don’t have to do it alone. 🤝
  • 15.
    Why WordPress Works Etvoilà! Questions?