SlideShare a Scribd company logo

Wordpress Meetup

Download as PPTX, PDF
Codal
Codal

WordPress is a free and open-source content management system (CMS) that was originally released in 2003. It powers over 70 million websites and is used as both a blogging platform and CMS. WordPress is constantly evolving and improving, with thousands of plugins, widgets, and themes available. It is easy to use, flexible, extensible, and has strong support and SEO optimization features. To install WordPress, the minimum requirements are PHP version 5.6 or greater and MySQL version 5.6 or greater. The installation process involves downloading WordPress, uploading files to a web server, creating a database, configuring WordPress, and running the installation script.

1 of 33
WordPress 101
Footer 2 Introduction to WordPress ➢ Released in 2003 by Matt Mullenweg and Mike Little ➢ Powers more than 70 million websites ➢ Most popular blogging platform, but also... ➢ Powerful Content Management System(CMS) ➢ Completely FREE ➢ Open Source Project ➢ Constantly evolving and improving ➢ Thousands of plugins, widgets, and themes.
Footer 3 Reasons You Should Use It ➢ Open Source ○ Completely free for commercial or private use. ○ Hundreds of volunteers contributing to core. ○ Constantly evolving and improving. ➢ User-Friendly ○ No need for expensive "webmasters". ○ Easily manage and update your own content. ○ No need to learn complicated HTML. ➢ Flexible & Extensible ○ Thousands of plugins and themes available. ○ Easily change the look of your website. ○ Add new features in just a few clicks.
Footer 4 Reasons You Should Use It (cont’d) ➢ Support Options. (wordpress.org/support, wordpress.stackexchange.com, www.wpquestions.com) ○ Online video tutorials. ○ Easy to find help from wordpress experts. ○ Get answers to your questions online... ➢ SEO Friendly ○ Fully compliant with W3C standards. ○ Built in support for RSS. ○ Clean,search-engine friendly code. ➢ Own your Content ○ Easily import and export your content
Footer 5 Requirements and Installation To run WordPress we recommend your host supports: ➢ PHP Version 5.6 or greater ➢ MySQL version 5.6 or greater Host can be LAMP, WAMP or MAMP Following 5 steps to install wordpress. ➢ Download wordpress from wordpress.org ➢ Upload the wordpress file to webserver. ➢ Create a MYSQL database and user. ➢ Configure Wordpress to connect to database. ➢ Run the wordpress installation script.
Installation Process
7
8
9
10
11
12
13
14
15
WordPress Themes 16
17 What are WordPress Themes? ➢ A WordPress Theme is a collection of files that work together to produce a graphical interface design for a weblog.
18 What are WordPress Themes? ➢ A WordPress Theme is a collection of files that work together to produce a graphical interface design for a weblog. ➢ These files are called template files.
19 What are WordPress Themes? ➢ A WordPress Theme is a collection of files that work together to produce a graphical interface design for a weblog. ➢ These files are called template files. ➢ Themes can provide much more control over the look and presentation of the material on your website.
20 What are WordPress Themes? ➢ A WordPress Theme is a collection of files that work together to produce a graphical interface design for a weblog. ➢ These files are called template files. ➢ Themes can provide much more control over the look and presentation of the material on your website. ➢ WordPress currently comes with three themes (version 4.4.2) : ○ The default Twenty Sixteen theme, ○ Previous defaults Twenty Fifteen theme and ○ Twenty Fourteen theme
Is WordPress MVC? 21
22 WordPress as MVC ➢ Module ○ Custom post types (beyond the pages and posts, you can create your own types of objects) ➢ View ○ Wordpress Themes ○ HTML5 ○ iOS app ○ Android app ➢ Controllers (are made of) ○ Functions.php ○ Hooks ➢ Views talk to the Controllers via AJAX/ WP Rest APIs ○ GenerateWP (to create custom post types, helps you extend wordpress functionalities) ○ Post Type Generator (a Tool, just write name of post type with all properties it should have) https://wordpress.org/plugins/wp-mvc/
Theme Development 23
24 Theme Development ➢ What makes a WordPress theme? HTML,CSS, PHP, JS, Assets Geneis framework Stragzer Clean box pro ➢ How does WP theme work? At least index.php and style.css header.php, sidebar.php, functions.php, footer.php ➢ Approaches ○ Starting from scratch ○ Editing an existing themes like twenty eleven to catch box ○ Parent and child ○ Theme framework ○ Starter theme
25 Theme Development ➢ Starting from scratch: ○ Time consuming and difficult approach ○ Preferred by freelancers and web agencies ○ Not recommended for theme shops ○ why reinvent wheel? ○ e.g. simple catch pro, bossip (transient APIs, 109 million page views/ month) ➢ Editing an existing themes like twenty eleven to catch box ○ Preferred by Freelancers and newbies ○ Fast turnaround and Fast editing ○ Learn standard codes ○ Only need time to search for the best theme ○ Update available: only edits are gone? ○ Be careful while editing an existing theme ■ Change text domain style.css ■ folder name/ theme slug to match the text domain
26 Theme Development ➢ Parent and Child ○ Similar to editing existing theme but safer ○ Take any child theme ready theme ○ Child functions and files will overwrite parent ○ EDIN, Goran ○ Your design/functions are similar to the parent there ○ Secured and fast development ○ Always select the best parent ➢ Theme framework ○ Similar to parent and child theme ○ Its more advanced and difficult to learn ○ Its code library and Can-do attitude theme ○ e.g. Genesis framework, Hybrid theme ○ Preferred by experienced and dev and a few theme shops ○ Might have issues, if framework theme releases major changes
27 Theme Development ➢ Starter theme ○ Independent theme and not a parent theme ○ Toolbox for theme development ○ Savetime "A 1000 hour head start" ○ For Everyone ○ Used and recommended by lot of theme shops ○ Starter themes are evolving and it’s difficult to track ○ (Bones, Underscores) ➢ Components ○ It’s a booster starter theme ○ Forked form Underscores (developed by underscores)
Risks? Security! 28
29 OWASP TOP 10 Protection ➢ A1 Injection ○ Injection flaws, such as SQL, OS, and LDAP injection occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization. ➢ A2 Broken Authentication & Session Management ○ Application functions for authentication and session management not implemented correctly ○ Allowing attackers to compromise passwords, keys, or session tokens, or to exploit other implementation flaws to assume other users’ identities. ➢ A3 Cross Site Scripting (XSS) ○ Application takes untrusted data and sends it to a browser without proper validation or escaping. ○ Allows attackers to execute scripts in the browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites. ➢ A4 Insecure Direct Object References ○ When a developer exposes a reference to an internal implementation object. file, directory, or DB key. ○ Without an access control check or protection, attackers can manipulate these references to access unauthorized data.
30 OWASP TOP 10 Protection ➢ A5 Security Misconfiguration ○ Requires having a secure configuration defined and deployed for the application, frameworks, application server, web server, database server, and platform. ○ Secure settings should be defined, implemented, and maintained, as defaults are often insecure. ○ Software should be kept up to date. ➢ A6 Sensitive Data Exposure ○ Do not properly protect sensitive data, such as credit cards, tax IDs, and authentication credentials. ○ Attackers may steal or modify such weakly protected data to conduct credit card fraud, identity theft, or other crimes. Sensitive data deserves extra protection such as encryption at rest or in transit, as well as special precautions when exchanged with the browser. ➢ A7 Missing Function Level Access Control ○ Most web applications verify function level access rights before making that functionality visible in UI. ○ However, applications need to perform the same access control checks on the server when each function is accessed. ○ If requests are not verified, attackers will be able to forge requests in order to access functionality without proper authorization.
31 OWASP TOP 10 Protection ➢ A8 Cross Site Request Forgery (CSRF) ○ Forces a logged-on victim’s browser to send a forged HTTP request, including the victim’s session cookie and any other automatically included authentication information, to a vulnerable web application. ○ Attacker forces browser to generate requests the vulnerable application thinks are legitimate requests from the victim. ➢ A9 Using Known Vulnerable Components ○ Components, such as libraries, frameworks, and other software modules, almost always run with full privileges. If a vulnerable component is exploited, such an attack can facilitate serious data loss or server takeover. Applications using components with known vulnerabilities may undermine application defenses and enable a range of possible attacks and impacts. ➢ A10 Unvalidated Redirects and Forwards ○ Web applications frequently redirect and forward users to other pages and websites, and use untrusted data to determine the destination pages. Without proper validation, attackers can redirect victims to phishing or malware sites, or use forwards to access unauthorized pages. ➢ CERT: Computer Emergency Response Team with the Concern of the Mass ○ http://www.cert-in.org.in/
32 About Codal Codal is a UX design and development agency with a focus on blending an Agile process with the latest emerging technologies. Based in the heart of Chicago, we have a knack for bringing out the best in every brand that we work with, worldwide. Our clientele has ranged from small business to enterprise, but our philosophy has always remained the same: to empower brand visibility and deliver the most elegant web and mobile solutions possible.
Thank You!

Recommended

ResellerClub Ctrl+F5 - WordPress Security session
ResellerClub Ctrl+F5 - WordPress Security sessionResellerClub Ctrl+F5 - WordPress Security session
ResellerClub Ctrl+F5 - WordPress Security session
Pratik Jagdishwala
 
Web development
Web development Web development
Web development
Nikhil Charde
 
Introduction to wordpress & theme implementation
Introduction to wordpress & theme implementationIntroduction to wordpress & theme implementation
Introduction to wordpress & theme implementation
www.netgains.org
 
Introduction to Drupal Content Management System
Introduction to Drupal Content Management SystemIntroduction to Drupal Content Management System
Introduction to Drupal Content Management System
Mario Hernandez
 
Word press beirut 9th meetup march
Word press beirut 9th meetup marchWord press beirut 9th meetup march
Word press beirut 9th meetup march
Fadi Nicolas Zahhar
 
2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite
2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite
2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite
WPMU DEV
 
Go Mobile Business on the Move
Go Mobile Business on the Move Go Mobile Business on the Move
Go Mobile Business on the Move
Codal
 
iOS Then and Now - Survival of the Fittest
iOS Then and Now - Survival of the FittestiOS Then and Now - Survival of the Fittest
iOS Then and Now - Survival of the Fittest
Codal
 

Recommended

ResellerClub Ctrl+F5 - WordPress Security session
ResellerClub Ctrl+F5 - WordPress Security sessionResellerClub Ctrl+F5 - WordPress Security session
ResellerClub Ctrl+F5 - WordPress Security session
Pratik Jagdishwala
 
Web development
Web development Web development
Web development
Nikhil Charde
 
Introduction to wordpress & theme implementation
Introduction to wordpress & theme implementationIntroduction to wordpress & theme implementation
Introduction to wordpress & theme implementation
www.netgains.org
 
Introduction to Drupal Content Management System
Introduction to Drupal Content Management SystemIntroduction to Drupal Content Management System
Introduction to Drupal Content Management System
Mario Hernandez
 
Word press beirut 9th meetup march
Word press beirut 9th meetup marchWord press beirut 9th meetup march
Word press beirut 9th meetup march
Fadi Nicolas Zahhar
 
2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite
2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite
2014 WordCamp Austin: Do's and Don'ts of WordPress Multisite
WPMU DEV
 
Go Mobile Business on the Move
Go Mobile Business on the Move Go Mobile Business on the Move
Go Mobile Business on the Move
Codal
 
iOS Then and Now - Survival of the Fittest
iOS Then and Now - Survival of the FittestiOS Then and Now - Survival of the Fittest
iOS Then and Now - Survival of the Fittest
Codal
 
WordPress Security and Best Practices
WordPress Security and Best PracticesWordPress Security and Best Practices
WordPress Security and Best Practices
Robert Vidal
 
Demystifying WordPress
Demystifying WordPressDemystifying WordPress
Demystifying WordPress
Mykl Roventine
 
[DevDay2018] Embrace the challenge – working as a developer in Content Manage...
[DevDay2018] Embrace the challenge – working as a developer in Content Manage...[DevDay2018] Embrace the challenge – working as a developer in Content Manage...
[DevDay2018] Embrace the challenge – working as a developer in Content Manage...
DevDay.org
 
USG Rock Eagle 2017 - PWP at 1000 Days
USG Rock Eagle 2017 - PWP at 1000 DaysUSG Rock Eagle 2017 - PWP at 1000 Days
USG Rock Eagle 2017 - PWP at 1000 Days
Eric Sembrat
 
From WordPress With Love
From WordPress With LoveFrom WordPress With Love
From WordPress With Love
Up2 Technology
 
Content Management System(CMS) & Basic WordPress
Content Management System(CMS) & Basic WordPressContent Management System(CMS) & Basic WordPress
Content Management System(CMS) & Basic WordPress
Shahadat Hossain Manik
 
What CMS to choose? WordPress - Joomla! - Drupal
What CMS to choose? WordPress - Joomla! - DrupalWhat CMS to choose? WordPress - Joomla! - Drupal
What CMS to choose? WordPress - Joomla! - Drupal
Wrocode
 
Shockingly Fast Site Development with Acquia Lightning 4.0
Shockingly Fast Site Development with Acquia Lightning 4.0Shockingly Fast Site Development with Acquia Lightning 4.0
Shockingly Fast Site Development with Acquia Lightning 4.0
Rachel Wandishin
 
Shifting WordPress from Manual to Automattic
Shifting WordPress from Manual to AutomatticShifting WordPress from Manual to Automattic
Shifting WordPress from Manual to Automattic
NewPath Consulting (Technology for Small Business)
 
WordPress Intermediate Workshop
WordPress Intermediate WorkshopWordPress Intermediate Workshop
WordPress Intermediate Workshop
The Toolbox, Inc.
 
Care and feeding of your website
Care and feeding of your websiteCare and feeding of your website
Care and feeding of your website
Shawn DeWolfe
 
Managed WordPress Demystified
Managed WordPress DemystifiedManaged WordPress Demystified
Managed WordPress Demystified
NewPath Consulting (Technology for Small Business)
 
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
Jan Löffler
 
WordPress 101
WordPress 101WordPress 101
WordPress 101
Kristen Symonds
 
Case study
Case studyCase study
Case study
karan saini
 
Remote file path traversal attacks for fun and profit
Remote file path traversal attacks for fun and profitRemote file path traversal attacks for fun and profit
Remote file path traversal attacks for fun and profit
Dharmalingam Ganesan
 
Out With the Old, in With the Open-source: Brainshark's Complete CMS Migration
Out With the Old, in With the Open-source: Brainshark's Complete CMS MigrationOut With the Old, in With the Open-source: Brainshark's Complete CMS Migration
Out With the Old, in With the Open-source: Brainshark's Complete CMS Migration
Acquia
 
Developing word press professionally
Developing word press professionallyDeveloping word press professionally
Developing word press professionally
Austin Gil
 
Winning the game with WordPress hosting solutions powered by Plesk Onyx
Winning the game with WordPress hosting solutions powered by Plesk OnyxWinning the game with WordPress hosting solutions powered by Plesk Onyx
Winning the game with WordPress hosting solutions powered by Plesk Onyx
Plesk
 
WordPress Multisite Network Do’s & Don’ts
WordPress Multisite Network Do’s & Don’tsWordPress Multisite Network Do’s & Don’ts
WordPress Multisite Network Do’s & Don’ts
Taylor McCaslin
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
ysasp1
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
uehowe
 

More Related Content

Similar to Wordpress Meetup

WordPress Security and Best Practices
WordPress Security and Best PracticesWordPress Security and Best Practices
WordPress Security and Best Practices
Robert Vidal
 
Demystifying WordPress
Demystifying WordPressDemystifying WordPress
Demystifying WordPress
Mykl Roventine
 
[DevDay2018] Embrace the challenge – working as a developer in Content Manage...
[DevDay2018] Embrace the challenge – working as a developer in Content Manage...[DevDay2018] Embrace the challenge – working as a developer in Content Manage...
[DevDay2018] Embrace the challenge – working as a developer in Content Manage...
DevDay.org
 
USG Rock Eagle 2017 - PWP at 1000 Days
USG Rock Eagle 2017 - PWP at 1000 DaysUSG Rock Eagle 2017 - PWP at 1000 Days
USG Rock Eagle 2017 - PWP at 1000 Days
Eric Sembrat
 
From WordPress With Love
From WordPress With LoveFrom WordPress With Love
From WordPress With Love
Up2 Technology
 
Content Management System(CMS) & Basic WordPress
Content Management System(CMS) & Basic WordPressContent Management System(CMS) & Basic WordPress
Content Management System(CMS) & Basic WordPress
Shahadat Hossain Manik
 
What CMS to choose? WordPress - Joomla! - Drupal
What CMS to choose? WordPress - Joomla! - DrupalWhat CMS to choose? WordPress - Joomla! - Drupal
What CMS to choose? WordPress - Joomla! - Drupal
Wrocode
 
Shockingly Fast Site Development with Acquia Lightning 4.0
Shockingly Fast Site Development with Acquia Lightning 4.0Shockingly Fast Site Development with Acquia Lightning 4.0
Shockingly Fast Site Development with Acquia Lightning 4.0
Rachel Wandishin
 
Shifting WordPress from Manual to Automattic
Shifting WordPress from Manual to AutomatticShifting WordPress from Manual to Automattic
Shifting WordPress from Manual to Automattic
NewPath Consulting (Technology for Small Business)
 
WordPress Intermediate Workshop
WordPress Intermediate WorkshopWordPress Intermediate Workshop
WordPress Intermediate Workshop
The Toolbox, Inc.
 
Care and feeding of your website
Care and feeding of your websiteCare and feeding of your website
Care and feeding of your website
Shawn DeWolfe
 
Managed WordPress Demystified
Managed WordPress DemystifiedManaged WordPress Demystified
Managed WordPress Demystified
NewPath Consulting (Technology for Small Business)
 
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
Jan Löffler
 
WordPress 101
WordPress 101WordPress 101
WordPress 101
Kristen Symonds
 
Case study
Case studyCase study
Case study
karan saini
 
Remote file path traversal attacks for fun and profit
Remote file path traversal attacks for fun and profitRemote file path traversal attacks for fun and profit
Remote file path traversal attacks for fun and profit
Dharmalingam Ganesan
 
Out With the Old, in With the Open-source: Brainshark's Complete CMS Migration
Out With the Old, in With the Open-source: Brainshark's Complete CMS MigrationOut With the Old, in With the Open-source: Brainshark's Complete CMS Migration
Out With the Old, in With the Open-source: Brainshark's Complete CMS Migration
Acquia
 
Developing word press professionally
Developing word press professionallyDeveloping word press professionally
Developing word press professionally
Austin Gil
 
Winning the game with WordPress hosting solutions powered by Plesk Onyx
Winning the game with WordPress hosting solutions powered by Plesk OnyxWinning the game with WordPress hosting solutions powered by Plesk Onyx
Winning the game with WordPress hosting solutions powered by Plesk Onyx
Plesk
 
WordPress Multisite Network Do’s & Don’ts
WordPress Multisite Network Do’s & Don’tsWordPress Multisite Network Do’s & Don’ts
WordPress Multisite Network Do’s & Don’ts
Taylor McCaslin
 

Similar to Wordpress Meetup (20)

WordPress Security and Best Practices
WordPress Security and Best PracticesWordPress Security and Best Practices
WordPress Security and Best Practices
 
Demystifying WordPress
Demystifying WordPressDemystifying WordPress
Demystifying WordPress
 
[DevDay2018] Embrace the challenge – working as a developer in Content Manage...
[DevDay2018] Embrace the challenge – working as a developer in Content Manage...[DevDay2018] Embrace the challenge – working as a developer in Content Manage...
[DevDay2018] Embrace the challenge – working as a developer in Content Manage...
 
USG Rock Eagle 2017 - PWP at 1000 Days
USG Rock Eagle 2017 - PWP at 1000 DaysUSG Rock Eagle 2017 - PWP at 1000 Days
USG Rock Eagle 2017 - PWP at 1000 Days
 
From WordPress With Love
From WordPress With LoveFrom WordPress With Love
From WordPress With Love
 
Content Management System(CMS) & Basic WordPress
Content Management System(CMS) & Basic WordPressContent Management System(CMS) & Basic WordPress
Content Management System(CMS) & Basic WordPress
 
What CMS to choose? WordPress - Joomla! - Drupal
What CMS to choose? WordPress - Joomla! - DrupalWhat CMS to choose? WordPress - Joomla! - Drupal
What CMS to choose? WordPress - Joomla! - Drupal
 
Shockingly Fast Site Development with Acquia Lightning 4.0
Shockingly Fast Site Development with Acquia Lightning 4.0Shockingly Fast Site Development with Acquia Lightning 4.0
Shockingly Fast Site Development with Acquia Lightning 4.0
 
Shifting WordPress from Manual to Automattic
Shifting WordPress from Manual to AutomatticShifting WordPress from Manual to Automattic
Shifting WordPress from Manual to Automattic
 
WordPress Intermediate Workshop
WordPress Intermediate WorkshopWordPress Intermediate Workshop
WordPress Intermediate Workshop
 
Care and feeding of your website
Care and feeding of your websiteCare and feeding of your website
Care and feeding of your website
 
Managed WordPress Demystified
Managed WordPress DemystifiedManaged WordPress Demystified
Managed WordPress Demystified
 
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
 
WordPress 101
WordPress 101WordPress 101
WordPress 101
 
Case study
Case studyCase study
Case study
 
Remote file path traversal attacks for fun and profit
Remote file path traversal attacks for fun and profitRemote file path traversal attacks for fun and profit
Remote file path traversal attacks for fun and profit
 
Out With the Old, in With the Open-source: Brainshark's Complete CMS Migration
Out With the Old, in With the Open-source: Brainshark's Complete CMS MigrationOut With the Old, in With the Open-source: Brainshark's Complete CMS Migration
Out With the Old, in With the Open-source: Brainshark's Complete CMS Migration
 
Developing word press professionally
Developing word press professionallyDeveloping word press professionally
Developing word press professionally
 
Winning the game with WordPress hosting solutions powered by Plesk Onyx
Winning the game with WordPress hosting solutions powered by Plesk OnyxWinning the game with WordPress hosting solutions powered by Plesk Onyx
Winning the game with WordPress hosting solutions powered by Plesk Onyx
 
WordPress Multisite Network Do’s & Don’ts
WordPress Multisite Network Do’s & Don’tsWordPress Multisite Network Do’s & Don’ts
WordPress Multisite Network Do’s & Don’ts
 

Recently uploaded

成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
ysasp1
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
uehowe
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
davidjhones387
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
cuobya
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
Laura Szabó
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
uehowe
 
Understanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdfUnderstanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdf
SEO Article Boost
 
Explore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories SecretlyExplore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories Secretly
Trending Blogers
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
bseovas
 
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
vmemo1
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
cuobya
 
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
bseovas
 
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
ukwwuq
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Florence Consulting
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
zoowe
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
hackersuli
 
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
zyfovom
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
xjq03c34
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
Trish Parr
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
uehowe
 

Recently uploaded (20)

成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
 
Understanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdfUnderstanding User Behavior with Google Analytics.pdf
Understanding User Behavior with Google Analytics.pdf
 
Explore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories SecretlyExplore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories Secretly
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
 
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
 
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
 
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
制作原版1:1(Monash毕业证)莫纳什大学毕业证成绩单办理假
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
 
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
 

Wordpress Meetup

  • 2. Footer 2 Introduction to WordPress ➢ Released in 2003 by Matt Mullenweg and Mike Little ➢ Powers more than 70 million websites ➢ Most popular blogging platform, but also... ➢ Powerful Content Management System(CMS) ➢ Completely FREE ➢ Open Source Project ➢ Constantly evolving and improving ➢ Thousands of plugins, widgets, and themes.
  • 3. Footer 3 Reasons You Should Use It ➢ Open Source ○ Completely free for commercial or private use. ○ Hundreds of volunteers contributing to core. ○ Constantly evolving and improving. ➢ User-Friendly ○ No need for expensive "webmasters". ○ Easily manage and update your own content. ○ No need to learn complicated HTML. ➢ Flexible & Extensible ○ Thousands of plugins and themes available. ○ Easily change the look of your website. ○ Add new features in just a few clicks.
  • 4. Footer 4 Reasons You Should Use It (cont’d) ➢ Support Options. (wordpress.org/support, wordpress.stackexchange.com, www.wpquestions.com) ○ Online video tutorials. ○ Easy to find help from wordpress experts. ○ Get answers to your questions online... ➢ SEO Friendly ○ Fully compliant with W3C standards. ○ Built in support for RSS. ○ Clean,search-engine friendly code. ➢ Own your Content ○ Easily import and export your content
  • 5. Footer 5 Requirements and Installation To run WordPress we recommend your host supports: ➢ PHP Version 5.6 or greater ➢ MySQL version 5.6 or greater Host can be LAMP, WAMP or MAMP Following 5 steps to install wordpress. ➢ Download wordpress from wordpress.org ➢ Upload the wordpress file to webserver. ➢ Create a MYSQL database and user. ➢ Configure Wordpress to connect to database. ➢ Run the wordpress installation script.
  • 7. 7
  • 8. 8
  • 9. 9
  • 10. 10
  • 11. 11
  • 12. 12
  • 13. 13
  • 14. 14
  • 15. 15
  • 17. 17 What are WordPress Themes? ➢ A WordPress Theme is a collection of files that work together to produce a graphical interface design for a weblog.
  • 18. 18 What are WordPress Themes? ➢ A WordPress Theme is a collection of files that work together to produce a graphical interface design for a weblog. ➢ These files are called template files.
  • 19. 19 What are WordPress Themes? ➢ A WordPress Theme is a collection of files that work together to produce a graphical interface design for a weblog. ➢ These files are called template files. ➢ Themes can provide much more control over the look and presentation of the material on your website.
  • 20. 20 What are WordPress Themes? ➢ A WordPress Theme is a collection of files that work together to produce a graphical interface design for a weblog. ➢ These files are called template files. ➢ Themes can provide much more control over the look and presentation of the material on your website. ➢ WordPress currently comes with three themes (version 4.4.2) : ○ The default Twenty Sixteen theme, ○ Previous defaults Twenty Fifteen theme and ○ Twenty Fourteen theme
  • 22. 22 WordPress as MVC ➢ Module ○ Custom post types (beyond the pages and posts, you can create your own types of objects) ➢ View ○ Wordpress Themes ○ HTML5 ○ iOS app ○ Android app ➢ Controllers (are made of) ○ Functions.php ○ Hooks ➢ Views talk to the Controllers via AJAX/ WP Rest APIs ○ GenerateWP (to create custom post types, helps you extend wordpress functionalities) ○ Post Type Generator (a Tool, just write name of post type with all properties it should have) https://wordpress.org/plugins/wp-mvc/
  • 24. 24 Theme Development ➢ What makes a WordPress theme? HTML,CSS, PHP, JS, Assets Geneis framework Stragzer Clean box pro ➢ How does WP theme work? At least index.php and style.css header.php, sidebar.php, functions.php, footer.php ➢ Approaches ○ Starting from scratch ○ Editing an existing themes like twenty eleven to catch box ○ Parent and child ○ Theme framework ○ Starter theme
  • 25. 25 Theme Development ➢ Starting from scratch: ○ Time consuming and difficult approach ○ Preferred by freelancers and web agencies ○ Not recommended for theme shops ○ why reinvent wheel? ○ e.g. simple catch pro, bossip (transient APIs, 109 million page views/ month) ➢ Editing an existing themes like twenty eleven to catch box ○ Preferred by Freelancers and newbies ○ Fast turnaround and Fast editing ○ Learn standard codes ○ Only need time to search for the best theme ○ Update available: only edits are gone? ○ Be careful while editing an existing theme ■ Change text domain style.css ■ folder name/ theme slug to match the text domain
  • 26. 26 Theme Development ➢ Parent and Child ○ Similar to editing existing theme but safer ○ Take any child theme ready theme ○ Child functions and files will overwrite parent ○ EDIN, Goran ○ Your design/functions are similar to the parent there ○ Secured and fast development ○ Always select the best parent ➢ Theme framework ○ Similar to parent and child theme ○ Its more advanced and difficult to learn ○ Its code library and Can-do attitude theme ○ e.g. Genesis framework, Hybrid theme ○ Preferred by experienced and dev and a few theme shops ○ Might have issues, if framework theme releases major changes
  • 27. 27 Theme Development ➢ Starter theme ○ Independent theme and not a parent theme ○ Toolbox for theme development ○ Savetime "A 1000 hour head start" ○ For Everyone ○ Used and recommended by lot of theme shops ○ Starter themes are evolving and it’s difficult to track ○ (Bones, Underscores) ➢ Components ○ It’s a booster starter theme ○ Forked form Underscores (developed by underscores)
  • 29. 29 OWASP TOP 10 Protection ➢ A1 Injection ○ Injection flaws, such as SQL, OS, and LDAP injection occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization. ➢ A2 Broken Authentication & Session Management ○ Application functions for authentication and session management not implemented correctly ○ Allowing attackers to compromise passwords, keys, or session tokens, or to exploit other implementation flaws to assume other users’ identities. ➢ A3 Cross Site Scripting (XSS) ○ Application takes untrusted data and sends it to a browser without proper validation or escaping. ○ Allows attackers to execute scripts in the browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites. ➢ A4 Insecure Direct Object References ○ When a developer exposes a reference to an internal implementation object. file, directory, or DB key. ○ Without an access control check or protection, attackers can manipulate these references to access unauthorized data.
  • 30. 30 OWASP TOP 10 Protection ➢ A5 Security Misconfiguration ○ Requires having a secure configuration defined and deployed for the application, frameworks, application server, web server, database server, and platform. ○ Secure settings should be defined, implemented, and maintained, as defaults are often insecure. ○ Software should be kept up to date. ➢ A6 Sensitive Data Exposure ○ Do not properly protect sensitive data, such as credit cards, tax IDs, and authentication credentials. ○ Attackers may steal or modify such weakly protected data to conduct credit card fraud, identity theft, or other crimes. Sensitive data deserves extra protection such as encryption at rest or in transit, as well as special precautions when exchanged with the browser. ➢ A7 Missing Function Level Access Control ○ Most web applications verify function level access rights before making that functionality visible in UI. ○ However, applications need to perform the same access control checks on the server when each function is accessed. ○ If requests are not verified, attackers will be able to forge requests in order to access functionality without proper authorization.
  • 31. 31 OWASP TOP 10 Protection ➢ A8 Cross Site Request Forgery (CSRF) ○ Forces a logged-on victim’s browser to send a forged HTTP request, including the victim’s session cookie and any other automatically included authentication information, to a vulnerable web application. ○ Attacker forces browser to generate requests the vulnerable application thinks are legitimate requests from the victim. ➢ A9 Using Known Vulnerable Components ○ Components, such as libraries, frameworks, and other software modules, almost always run with full privileges. If a vulnerable component is exploited, such an attack can facilitate serious data loss or server takeover. Applications using components with known vulnerabilities may undermine application defenses and enable a range of possible attacks and impacts. ➢ A10 Unvalidated Redirects and Forwards ○ Web applications frequently redirect and forward users to other pages and websites, and use untrusted data to determine the destination pages. Without proper validation, attackers can redirect victims to phishing or malware sites, or use forwards to access unauthorized pages. ➢ CERT: Computer Emergency Response Team with the Concern of the Mass ○ http://www.cert-in.org.in/
  • 32. 32 About Codal Codal is a UX design and development agency with a focus on blending an Agile process with the latest emerging technologies. Based in the heart of Chicago, we have a knack for bringing out the best in every brand that we work with, worldwide. Our clientele has ranged from small business to enterprise, but our philosophy has always remained the same: to empower brand visibility and deliver the most elegant web and mobile solutions possible.