SlideShare a Scribd company logo
WordPress
Security 101
A guide by Laura Hartwig
Laura Hartwig
I’ve been a WordPress Developer since 2011 and
find it important to keep my clients sites secure.
It’s much easier to prevent your site from getting
hacked rather than try to recover your site after
it’s been hacked.
Am I a Target?
YES
Why?
➔ WordPress
Powers nearly 30% off all websites.
This is good and bad.
➔ Server Space
Hackers want to store files on your
server and connect it into a botnet.
➔ Because they can
Many hackers like to hack sites just to
see if they can. It’s a thrill similar to
hunting or leveling up on a computer
game.
First Law of
Website Security
➔ Nothing is unhackable
Chart credit: WordFence
Chart credit: WordFence
Level of Security
➔ Your level of security will
depend on resources vs. value
The reality is that you are not going to
spend a lot of time and money on a
website that you don’t value. Adding
security measures is a pain, like locking
your doors, so you will need to decide
what level of protection is worth it.
What can
you do?
1. Choose a
Good Host
➔ Latest PHP Version
➔ Use HTTPS
➔ SFTP (Not FTP)
➔ Private Server
At least don’t host multiple sites on
your server
➔ Use a CDN
Like Cloudflare (free)
2. Keep Your Site
Updated
➔ Update Core, Plugins & Themes
Be wary of themes plugins that haven’t
been tested. (Esp Free)
➔ Remove unused themes &
plugins
➔ Use services like ManageWP if
you have a lot of sites.
But be wary of updates breaking your
site.
➔ Don’t leave old files on your site
Esp not old sites
3. Use Strong
Usernames &
Passwords
➔ Don’t use “admin”
➔ At least 14 characters
➔ !@#$%^
➔ That means everyone!
4. Remove
Unwanted Users
➔ Everyone should not be Admin
➔ What is the default user role?
➔ People who no longer work for
you
➔ Use Adminimize to control
access
➔ Use unique usernames
Remember that nicknames can
be different.
5. Use Security
Plugins
➔ Change Login URL
Don’t use /wp-admin
➔ Limit Login Attempts
And notes about if it’s wrong username
or password.
➔ Two Factor Authentication
It’s a pain, but it works
➔ Captcha
Prevents brute force attacks
6. Backups
➔ Hosting Backups
Good hosts will do them automatically
➔ Backup Plugin
Updraft or Backup Buddy
➔ Schedule Backups
Backups are no good if not done. How
often you need to backup depends on
how often you update your site.
➔ Send them somewhere
Download to your computer or file
hosting service.
7. Get Notified
➔ Google Console
Will let you know if your site has been
hacked. This is actually too late, but a
good idea if you rarely check into your
site. Once Google knows, your site will
be blacklisted. This will hurt your
visitors and your ranking.
➔ Use a Malware Scanner
Sucuri or WordFence
8. Your Own Security
➔ Strong password for your email
➔ Don’t email passwords
WordPress will automatically email
passwords or use a service like 1ty.me
➔ Don’t keep passwords on your
computer or in your browser
Except LastPass
➔ Use Virus protection on your
computer and update your
browsers
➔ Turn off your computer at night
9. If You Get
Hacked
➔ Use your backup
But make sure it has not been
compromised.
➔ Sucuri.net
Fixing hacked sites is what they do and
they can get your site up fairly quickly,
but it will cost you.
➔ Read their blog if you are really
interested in security
Good luck!
I hope you will make some changes right
away to make your site more secure.
Presentation:
Slidshare.net/laura-hartwig
Contact me:
LauraHartwigDesign@gmail.com

More Related Content

What's hot

WordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupWordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User Meetup
Chris Burgess
 
Website Backup
Website Backup Website Backup
Website Backup
Matt Foley
 
Should you be using WordPress as your web platform?
Should you be using WordPress as your web platform?Should you be using WordPress as your web platform?
Should you be using WordPress as your web platform?
Nigel Harding
 
Care and feeding of your website
Care and feeding of your websiteCare and feeding of your website
Care and feeding of your website
Shawn DeWolfe
 
Why wordpress is not completely safe
Why wordpress is not completely safeWhy wordpress is not completely safe
Why wordpress is not completely safe
Brainwork Technologies
 
Word press security checklist
Word press security checklistWord press security checklist
Word press security checklist
Sanjay Dabhoya
 
Security 101
Security 101Security 101
Security 101
Red Gate Software
 
Word campktm speed-security
Word campktm speed-securityWord campktm speed-security
Word campktm speed-security
Digamber Pradhan
 
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
Otto Kekäläinen
 
Word camp pune 2013 security
Word camp pune 2013   securityWord camp pune 2013   security
Word camp pune 2013 security
Gaurav Singh
 
Optimizing your WordPress website
Optimizing your WordPress websiteOptimizing your WordPress website
Optimizing your WordPress website
mwfordesigns
 
WordPress Security Basics
WordPress Security BasicsWordPress Security Basics
WordPress Security Basics
Ryan Plas
 
Wordpress tutorial
Wordpress tutorialWordpress tutorial
Wordpress tutorial
Marita Santander
 
Drupal Security for Coders and Themers - XSS and CSRF
Drupal Security for Coders and Themers - XSS and CSRF Drupal Security for Coders and Themers - XSS and CSRF
Drupal Security for Coders and Themers - XSS and CSRF
knaddison
 
Basic Plugin Recommendations to get your WordPress Website Started
Basic Plugin Recommendations to get your WordPress Website StartedBasic Plugin Recommendations to get your WordPress Website Started
Basic Plugin Recommendations to get your WordPress Website Started
Nile Flores
 
Hari 4 6 sep 12
Hari 4 6 sep 12Hari 4 6 sep 12
Hari 4 6 sep 12
matjenin2013
 
D3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the BrowserD3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the Browser
Imperva Incapsula
 
4.comment base hacking
4.comment base hacking4.comment base hacking
4.comment base hacking
Akhilesh Kant
 
Technical SEO for WordPress - 2017 edition
Technical SEO for WordPress - 2017 editionTechnical SEO for WordPress - 2017 edition
Technical SEO for WordPress - 2017 edition
Otto Kekäläinen
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites
Catch Themes
 

What's hot (20)

WordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupWordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User Meetup
 
Website Backup
Website Backup Website Backup
Website Backup
 
Should you be using WordPress as your web platform?
Should you be using WordPress as your web platform?Should you be using WordPress as your web platform?
Should you be using WordPress as your web platform?
 
Care and feeding of your website
Care and feeding of your websiteCare and feeding of your website
Care and feeding of your website
 
Why wordpress is not completely safe
Why wordpress is not completely safeWhy wordpress is not completely safe
Why wordpress is not completely safe
 
Word press security checklist
Word press security checklistWord press security checklist
Word press security checklist
 
Security 101
Security 101Security 101
Security 101
 
Word campktm speed-security
Word campktm speed-securityWord campktm speed-security
Word campktm speed-security
 
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
 
Word camp pune 2013 security
Word camp pune 2013   securityWord camp pune 2013   security
Word camp pune 2013 security
 
Optimizing your WordPress website
Optimizing your WordPress websiteOptimizing your WordPress website
Optimizing your WordPress website
 
WordPress Security Basics
WordPress Security BasicsWordPress Security Basics
WordPress Security Basics
 
Wordpress tutorial
Wordpress tutorialWordpress tutorial
Wordpress tutorial
 
Drupal Security for Coders and Themers - XSS and CSRF
Drupal Security for Coders and Themers - XSS and CSRF Drupal Security for Coders and Themers - XSS and CSRF
Drupal Security for Coders and Themers - XSS and CSRF
 
Basic Plugin Recommendations to get your WordPress Website Started
Basic Plugin Recommendations to get your WordPress Website StartedBasic Plugin Recommendations to get your WordPress Website Started
Basic Plugin Recommendations to get your WordPress Website Started
 
Hari 4 6 sep 12
Hari 4 6 sep 12Hari 4 6 sep 12
Hari 4 6 sep 12
 
D3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the BrowserD3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the Browser
 
4.comment base hacking
4.comment base hacking4.comment base hacking
4.comment base hacking
 
Technical SEO for WordPress - 2017 edition
Technical SEO for WordPress - 2017 editionTechnical SEO for WordPress - 2017 edition
Technical SEO for WordPress - 2017 edition
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites
 

Similar to Word press security 101 2018

Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress Security
Nile Flores
 
Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress Security
Nile Flores
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your Wordpress
Chelsea O'Brien
 
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKEDWORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
StuartJDavidson.com
 
WordPress Security Guide
WordPress Security GuideWordPress Security Guide
WordPress Security Guide
Trainings Webversity
 
WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
Dre Armeda
 
Improve WordPress Security How To
Improve WordPress Security How ToImprove WordPress Security How To
Improve WordPress Security How To
Vivekanand Arumanda
 
Responsible [digital] Home Ownership
Responsible [digital] Home OwnershipResponsible [digital] Home Ownership
Responsible [digital] Home Ownership
Denise (Dee) Teal
 
Tips to improve word press security ppt
Tips to improve word press security pptTips to improve word press security ppt
Tips to improve word press security ppt
Cheap SSL Coupon Code
 
Why WordPress Works
Why WordPress WorksWhy WordPress Works
Why WordPress Works
bekee
 
Avoiding Errors: Troubleshoot Wordpress like a Pro!
Avoiding Errors: Troubleshoot Wordpress like a Pro!Avoiding Errors: Troubleshoot Wordpress like a Pro!
Avoiding Errors: Troubleshoot Wordpress like a Pro!
J_Cortes
 
Understanding word press security wwc-4-7-17
Understanding word press security wwc-4-7-17Understanding word press security wwc-4-7-17
Understanding word press security wwc-4-7-17
Nicholas Batik
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
SiteGround.com
 
WordPress Website Down.pdf
WordPress Website Down.pdfWordPress Website Down.pdf
WordPress Website Down.pdf
Host It Smart
 
Professional WordPress Security: Beyond Security Plugins
Professional WordPress Security: Beyond Security PluginsProfessional WordPress Security: Beyond Security Plugins
Professional WordPress Security: Beyond Security Plugins
Chris Burgess
 
A Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdfA Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdf
Host It Smart
 
Secure wordpress
Secure wordpressSecure wordpress
Secure wordpress
Prabesh Thapa
 
WordPress Resources Nov 2014
WordPress Resources Nov 2014WordPress Resources Nov 2014
WordPress Resources Nov 2014
Judy Wilson
 
Seravo.com: WordPress Security 101
Seravo.com: WordPress Security 101Seravo.com: WordPress Security 101
Seravo.com: WordPress Security 101
Seravo
 
WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and Security
Think Media Inc.
 

Similar to Word press security 101 2018 (20)

Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress Security
 
Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress Security
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your Wordpress
 
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKEDWORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
 
WordPress Security Guide
WordPress Security GuideWordPress Security Guide
WordPress Security Guide
 
WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
 
Improve WordPress Security How To
Improve WordPress Security How ToImprove WordPress Security How To
Improve WordPress Security How To
 
Responsible [digital] Home Ownership
Responsible [digital] Home OwnershipResponsible [digital] Home Ownership
Responsible [digital] Home Ownership
 
Tips to improve word press security ppt
Tips to improve word press security pptTips to improve word press security ppt
Tips to improve word press security ppt
 
Why WordPress Works
Why WordPress WorksWhy WordPress Works
Why WordPress Works
 
Avoiding Errors: Troubleshoot Wordpress like a Pro!
Avoiding Errors: Troubleshoot Wordpress like a Pro!Avoiding Errors: Troubleshoot Wordpress like a Pro!
Avoiding Errors: Troubleshoot Wordpress like a Pro!
 
Understanding word press security wwc-4-7-17
Understanding word press security wwc-4-7-17Understanding word press security wwc-4-7-17
Understanding word press security wwc-4-7-17
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
 
WordPress Website Down.pdf
WordPress Website Down.pdfWordPress Website Down.pdf
WordPress Website Down.pdf
 
Professional WordPress Security: Beyond Security Plugins
Professional WordPress Security: Beyond Security PluginsProfessional WordPress Security: Beyond Security Plugins
Professional WordPress Security: Beyond Security Plugins
 
A Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdfA Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdf
 
Secure wordpress
Secure wordpressSecure wordpress
Secure wordpress
 
WordPress Resources Nov 2014
WordPress Resources Nov 2014WordPress Resources Nov 2014
WordPress Resources Nov 2014
 
Seravo.com: WordPress Security 101
Seravo.com: WordPress Security 101Seravo.com: WordPress Security 101
Seravo.com: WordPress Security 101
 
WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and Security
 

More from Laura Hartwig

WordPress 101
WordPress 101 WordPress 101
WordPress 101
Laura Hartwig
 
Website content
Website contentWebsite content
Website content
Laura Hartwig
 
Websites 101
Websites 101Websites 101
Websites 101
Laura Hartwig
 
How to Start a WordPress Meetup in Your Town
How to Start a WordPress Meetup in Your TownHow to Start a WordPress Meetup in Your Town
How to Start a WordPress Meetup in Your Town
Laura Hartwig
 
Woocommerce 101
Woocommerce 101Woocommerce 101
Woocommerce 101
Laura Hartwig
 
Favorite WordPress Plugins 2016
Favorite WordPress Plugins 2016Favorite WordPress Plugins 2016
Favorite WordPress Plugins 2016
Laura Hartwig
 
Customizing Your WordPress Theme Using Firebug and Basic CSS
Customizing Your WordPress Theme Using Firebug and Basic CSSCustomizing Your WordPress Theme Using Firebug and Basic CSS
Customizing Your WordPress Theme Using Firebug and Basic CSS
Laura Hartwig
 
Customizing WordPress Themes
Customizing WordPress ThemesCustomizing WordPress Themes
Customizing WordPress Themes
Laura Hartwig
 

More from Laura Hartwig (8)

WordPress 101
WordPress 101 WordPress 101
WordPress 101
 
Website content
Website contentWebsite content
Website content
 
Websites 101
Websites 101Websites 101
Websites 101
 
How to Start a WordPress Meetup in Your Town
How to Start a WordPress Meetup in Your TownHow to Start a WordPress Meetup in Your Town
How to Start a WordPress Meetup in Your Town
 
Woocommerce 101
Woocommerce 101Woocommerce 101
Woocommerce 101
 
Favorite WordPress Plugins 2016
Favorite WordPress Plugins 2016Favorite WordPress Plugins 2016
Favorite WordPress Plugins 2016
 
Customizing Your WordPress Theme Using Firebug and Basic CSS
Customizing Your WordPress Theme Using Firebug and Basic CSSCustomizing Your WordPress Theme Using Firebug and Basic CSS
Customizing Your WordPress Theme Using Firebug and Basic CSS
 
Customizing WordPress Themes
Customizing WordPress ThemesCustomizing WordPress Themes
Customizing WordPress Themes
 

Recently uploaded

Azure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdfAzure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdf
AanSulistiyo
 
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
ukwwuq
 
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
bseovas
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
bseovas
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
Laura Szabó
 
Design Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptxDesign Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptx
saathvikreddy2003
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
wolfsoftcompanyco
 
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
vmemo1
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
davidjhones387
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
cuobya
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
uehowe
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
Paul Walk
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
Trish Parr
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
uehowe
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
uehowe
 
7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
Danica Gill
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
fovkoyb
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
zoowe
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
cuobya
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
ysasp1
 

Recently uploaded (20)

Azure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdfAzure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdf
 
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
 
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
 
Design Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptxDesign Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptx
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
 
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
 
7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
 

Word press security 101 2018

  • 2. Laura Hartwig I’ve been a WordPress Developer since 2011 and find it important to keep my clients sites secure. It’s much easier to prevent your site from getting hacked rather than try to recover your site after it’s been hacked.
  • 3. Am I a Target?
  • 4. YES
  • 5. Why? ➔ WordPress Powers nearly 30% off all websites. This is good and bad. ➔ Server Space Hackers want to store files on your server and connect it into a botnet. ➔ Because they can Many hackers like to hack sites just to see if they can. It’s a thrill similar to hunting or leveling up on a computer game.
  • 6. First Law of Website Security ➔ Nothing is unhackable
  • 9. Level of Security ➔ Your level of security will depend on resources vs. value The reality is that you are not going to spend a lot of time and money on a website that you don’t value. Adding security measures is a pain, like locking your doors, so you will need to decide what level of protection is worth it.
  • 11. 1. Choose a Good Host ➔ Latest PHP Version ➔ Use HTTPS ➔ SFTP (Not FTP) ➔ Private Server At least don’t host multiple sites on your server ➔ Use a CDN Like Cloudflare (free)
  • 12. 2. Keep Your Site Updated ➔ Update Core, Plugins & Themes Be wary of themes plugins that haven’t been tested. (Esp Free) ➔ Remove unused themes & plugins ➔ Use services like ManageWP if you have a lot of sites. But be wary of updates breaking your site. ➔ Don’t leave old files on your site Esp not old sites
  • 13.
  • 14. 3. Use Strong Usernames & Passwords ➔ Don’t use “admin” ➔ At least 14 characters ➔ !@#$%^ ➔ That means everyone!
  • 15. 4. Remove Unwanted Users ➔ Everyone should not be Admin ➔ What is the default user role? ➔ People who no longer work for you ➔ Use Adminimize to control access ➔ Use unique usernames Remember that nicknames can be different.
  • 16. 5. Use Security Plugins ➔ Change Login URL Don’t use /wp-admin ➔ Limit Login Attempts And notes about if it’s wrong username or password. ➔ Two Factor Authentication It’s a pain, but it works ➔ Captcha Prevents brute force attacks
  • 17.
  • 18.
  • 19. 6. Backups ➔ Hosting Backups Good hosts will do them automatically ➔ Backup Plugin Updraft or Backup Buddy ➔ Schedule Backups Backups are no good if not done. How often you need to backup depends on how often you update your site. ➔ Send them somewhere Download to your computer or file hosting service.
  • 20. 7. Get Notified ➔ Google Console Will let you know if your site has been hacked. This is actually too late, but a good idea if you rarely check into your site. Once Google knows, your site will be blacklisted. This will hurt your visitors and your ranking. ➔ Use a Malware Scanner Sucuri or WordFence
  • 21. 8. Your Own Security ➔ Strong password for your email ➔ Don’t email passwords WordPress will automatically email passwords or use a service like 1ty.me ➔ Don’t keep passwords on your computer or in your browser Except LastPass ➔ Use Virus protection on your computer and update your browsers ➔ Turn off your computer at night
  • 22. 9. If You Get Hacked ➔ Use your backup But make sure it has not been compromised. ➔ Sucuri.net Fixing hacked sites is what they do and they can get your site up fairly quickly, but it will cost you. ➔ Read their blog if you are really interested in security
  • 23. Good luck! I hope you will make some changes right away to make your site more secure. Presentation: Slidshare.net/laura-hartwig Contact me: LauraHartwigDesign@gmail.com