SlideShare a Scribd company logo
Nathan Driver

WordPress Security
Who Am I
Media – Marketing - Geek

@natedriver
linkedin.com/in/ndriver
nathandriver.com
WP Security: 3 Sections

Basic
Settings

PLUGINS

Advanced
Settings

…and everything in between
Basic Settings:
Noob

Starting with the basics
WP Security: Basic Settings
Stop using ADMIN
Do not make easy for hackers to
‘guess’ your username

Change the table prefix
It Is NOT that difficult
WP Security: Basic Settings
DON’T
MAKE
IT
EASY
WP Security: Basic Settings
WP Security: Basic Settings
•
•
•
•
•
•
•
•
•
•
•
•
•
•

A strong password:
has at least 15 characters;
has uppercase letters;
has lowercase letters;
has numbers;
has symbols, such as ` ! " ? $ ? % ^ & * ( ) _ - + = { [ } ] : ; @ ' ~ # |  < , > . ?
/
is not like your previous passwords;
is not your name;
is not your login;
is not your friend’s name;
is not your family member’s name;
is not a dictionary word;
is not a common name;
is not a keyboard pattern, such as qwerty, asdfghjkl, or 12345678.
WP Security: Basic Settings

UPDATE – UPDATE - UPDATE

You see it – do something about it!
Plugins: Help Yourself

They’re there to help make your life easier
WP Security: Plugins

BACKUP – BACKUP - BACKUP
VaultPress

http://vaultpress.com
WP Security: Plugins

Brute Force
Limit Login Attempts:
http://wordpress.org/extend/plugins/li
mit-login-attempts/
WP Security: Plugins

WP Security Scan:
1. Passwords
2. File Permissions
3. Database security
4. Version hiding
5. WordPress admin protection/security
6. Removes WP Generator META tag from
core code
WP Security: Plugins

Better WP Security
•
•
•
•
•
•
•
•
•
•
•
•

Remove the meta “Generator” tag
Change the urls for WordPress dashboard including login, admin,
and more
Completely turn off the ability to login for a given time period (away
mode)
Remove theme, plugin, and core update notifications from users
who do not have permission to update them
Remove Windows Live Write header information
Remove RSD header information
Rename “admin” account
Change the ID on the user with ID 1
Change the WordPress database table prefix
Change wp-content path
Removes login error messages
Display a random version number to non administrative users
anywhere version is used
Advanced: Watch Yourself

Behind the scenes
WP Security: Advanced Settings

phpMyAdmin -> Database -> …users
WP Security: Advanced Settings

Alternative steps:
•Create a new user
•Give them admin rights
•Log out
•Log in under new user
•Delete “admin” account
WP Security: Advanced Settings

Folder Permissions
• All directories should be 755 or 750.
• All files should be 644 or 640. Exception: wpconfig.php should be 600 to prevent other
users on the server from reading it.
• No directories should ever be given 777, even
upload directories. Since the php process is
running as the owner of the files, it gets the
owners permissions and can write to even a
755 directory.
WP Security: Advanced Settings
Get rid of WordPress version

This can be found
• Header.php {header meta}
• Readme.html file

Fix by placing either one in the functions of your theme
•remove_action(‘wp_head’,’wp_generator’);
•function remove_wp_version() {
return ‘’;
}
Get It or Lose It
Nathan Driver
Media – Marketing – Geek
@natedriver
www.nathandriver.com

WordPress Security:

More Related Content

Viewers also liked

WordPress SEO by Yoast - DaytonWP November 2013 MeetUp
WordPress SEO by Yoast - DaytonWP November 2013 MeetUpWordPress SEO by Yoast - DaytonWP November 2013 MeetUp
WordPress SEO by Yoast - DaytonWP November 2013 MeetUp
DaytonWP
 
Round Table: Content-Content-Content - DaytonWP February 2013 MeetUp
Round Table: Content-Content-Content - DaytonWP February 2013 MeetUpRound Table: Content-Content-Content - DaytonWP February 2013 MeetUp
Round Table: Content-Content-Content - DaytonWP February 2013 MeetUp
DaytonWP
 
What's New in 3.5 - DaytonWP December 2012 MeetUp
What's New in 3.5 - DaytonWP December 2012 MeetUpWhat's New in 3.5 - DaytonWP December 2012 MeetUp
What's New in 3.5 - DaytonWP December 2012 MeetUp
DaytonWP
 
WordPress Themes: underlying, unifying design for a blog
WordPress Themes: underlying, unifying design for a blog WordPress Themes: underlying, unifying design for a blog
WordPress Themes: underlying, unifying design for a blog
DaytonWP
 
Themes: What they Are - How To Use 'Em - DaytonWP November 2012 MeetUp
Themes: What they Are - How To Use 'Em - DaytonWP November 2012 MeetUpThemes: What they Are - How To Use 'Em - DaytonWP November 2012 MeetUp
Themes: What they Are - How To Use 'Em - DaytonWP November 2012 MeetUp
DaytonWP
 
Hire WordPress Developer at Flexible Rates
Hire WordPress Developer at Flexible RatesHire WordPress Developer at Flexible Rates
Hire WordPress Developer at Flexible Rates
HireWebDeveloper
 
Digital marketing Course in Punjab
Digital marketing Course in PunjabDigital marketing Course in Punjab
Digital marketing Course in Punjab
CIIM - Chandigarh Institute of Internet Marketing
 
Management Strategies for Successful WordPress Projects
Management Strategies for Successful WordPress ProjectsManagement Strategies for Successful WordPress Projects
Management Strategies for Successful WordPress Projects
Matthew Dorman
 
Personal Branding Sebastian Behar Piquero 2016
Personal Branding Sebastian Behar Piquero 2016Personal Branding Sebastian Behar Piquero 2016
Personal Branding Sebastian Behar Piquero 2016
Sebastian Behar Piquero
 
WebHosting Performance / WordPress - Pubcon Vegas - Hendison
WebHosting Performance / WordPress  - Pubcon Vegas - HendisonWebHosting Performance / WordPress  - Pubcon Vegas - Hendison
WebHosting Performance / WordPress - Pubcon Vegas - Hendison
Search Commander, Inc.
 
6 Useful Tips For WordPress Theme Development!
6 Useful Tips For WordPress Theme Development!6 Useful Tips For WordPress Theme Development!
6 Useful Tips For WordPress Theme Development!
TalentsFromIndia.com
 
Managing_WordPress_Projects_wcstl 2015_Lucas_Lima
Managing_WordPress_Projects_wcstl 2015_Lucas_LimaManaging_WordPress_Projects_wcstl 2015_Lucas_Lima
Managing_WordPress_Projects_wcstl 2015_Lucas_Lima
Lucas Lima
 
Ship WordPress Projects Like a Boss
Ship WordPress Projects Like a BossShip WordPress Projects Like a Boss
Ship WordPress Projects Like a Boss
SiteGround.com
 
Setting up Google Authorship and Google Publisher using an SEO Plugin
Setting up Google Authorship and Google Publisher using an SEO PluginSetting up Google Authorship and Google Publisher using an SEO Plugin
Setting up Google Authorship and Google Publisher using an SEO Plugin
Jessica Reilley
 
Google Adwords Training
Google Adwords TrainingGoogle Adwords Training
Google Adwords Training
Sebastian Behar Piquero
 
Google Adwords Crash Course
Google Adwords Crash CourseGoogle Adwords Crash Course
Google Adwords Crash Course
RTB-Media
 
(( Lucas lima )) Managing WordPress Projects - STL Meetup August 2015
(( Lucas lima )) Managing WordPress Projects - STL Meetup August 2015(( Lucas lima )) Managing WordPress Projects - STL Meetup August 2015
(( Lucas lima )) Managing WordPress Projects - STL Meetup August 2015
Lucas Lima
 
Speeding Up WordPress sites
Speeding Up WordPress sitesSpeeding Up WordPress sites
Speeding Up WordPress sites
Jason Yingling
 

Viewers also liked (18)

WordPress SEO by Yoast - DaytonWP November 2013 MeetUp
WordPress SEO by Yoast - DaytonWP November 2013 MeetUpWordPress SEO by Yoast - DaytonWP November 2013 MeetUp
WordPress SEO by Yoast - DaytonWP November 2013 MeetUp
 
Round Table: Content-Content-Content - DaytonWP February 2013 MeetUp
Round Table: Content-Content-Content - DaytonWP February 2013 MeetUpRound Table: Content-Content-Content - DaytonWP February 2013 MeetUp
Round Table: Content-Content-Content - DaytonWP February 2013 MeetUp
 
What's New in 3.5 - DaytonWP December 2012 MeetUp
What's New in 3.5 - DaytonWP December 2012 MeetUpWhat's New in 3.5 - DaytonWP December 2012 MeetUp
What's New in 3.5 - DaytonWP December 2012 MeetUp
 
WordPress Themes: underlying, unifying design for a blog
WordPress Themes: underlying, unifying design for a blog WordPress Themes: underlying, unifying design for a blog
WordPress Themes: underlying, unifying design for a blog
 
Themes: What they Are - How To Use 'Em - DaytonWP November 2012 MeetUp
Themes: What they Are - How To Use 'Em - DaytonWP November 2012 MeetUpThemes: What they Are - How To Use 'Em - DaytonWP November 2012 MeetUp
Themes: What they Are - How To Use 'Em - DaytonWP November 2012 MeetUp
 
Hire WordPress Developer at Flexible Rates
Hire WordPress Developer at Flexible RatesHire WordPress Developer at Flexible Rates
Hire WordPress Developer at Flexible Rates
 
Digital marketing Course in Punjab
Digital marketing Course in PunjabDigital marketing Course in Punjab
Digital marketing Course in Punjab
 
Management Strategies for Successful WordPress Projects
Management Strategies for Successful WordPress ProjectsManagement Strategies for Successful WordPress Projects
Management Strategies for Successful WordPress Projects
 
Personal Branding Sebastian Behar Piquero 2016
Personal Branding Sebastian Behar Piquero 2016Personal Branding Sebastian Behar Piquero 2016
Personal Branding Sebastian Behar Piquero 2016
 
WebHosting Performance / WordPress - Pubcon Vegas - Hendison
WebHosting Performance / WordPress  - Pubcon Vegas - HendisonWebHosting Performance / WordPress  - Pubcon Vegas - Hendison
WebHosting Performance / WordPress - Pubcon Vegas - Hendison
 
6 Useful Tips For WordPress Theme Development!
6 Useful Tips For WordPress Theme Development!6 Useful Tips For WordPress Theme Development!
6 Useful Tips For WordPress Theme Development!
 
Managing_WordPress_Projects_wcstl 2015_Lucas_Lima
Managing_WordPress_Projects_wcstl 2015_Lucas_LimaManaging_WordPress_Projects_wcstl 2015_Lucas_Lima
Managing_WordPress_Projects_wcstl 2015_Lucas_Lima
 
Ship WordPress Projects Like a Boss
Ship WordPress Projects Like a BossShip WordPress Projects Like a Boss
Ship WordPress Projects Like a Boss
 
Setting up Google Authorship and Google Publisher using an SEO Plugin
Setting up Google Authorship and Google Publisher using an SEO PluginSetting up Google Authorship and Google Publisher using an SEO Plugin
Setting up Google Authorship and Google Publisher using an SEO Plugin
 
Google Adwords Training
Google Adwords TrainingGoogle Adwords Training
Google Adwords Training
 
Google Adwords Crash Course
Google Adwords Crash CourseGoogle Adwords Crash Course
Google Adwords Crash Course
 
(( Lucas lima )) Managing WordPress Projects - STL Meetup August 2015
(( Lucas lima )) Managing WordPress Projects - STL Meetup August 2015(( Lucas lima )) Managing WordPress Projects - STL Meetup August 2015
(( Lucas lima )) Managing WordPress Projects - STL Meetup August 2015
 
Speeding Up WordPress sites
Speeding Up WordPress sitesSpeeding Up WordPress sites
Speeding Up WordPress sites
 

Similar to WordPress Security: Get it or Lose It - DaytonWP January 2013 MeetUp

WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013
Thor Kristiansen
 
WordPress Security - WordCamp NYC 2009
WordPress Security - WordCamp NYC 2009WordPress Security - WordCamp NYC 2009
WordPress Security - WordCamp NYC 2009
Brad Williams
 
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)Hardening WordPress - SAScon Manchester 2013 (WordPress Security)
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)
Bastian Grimm
 
WordPress Security
WordPress SecurityWordPress Security
WordPress Security
Brad Williams
 
Now That's What I Call WordPress Security 2010
Now That's What I Call WordPress Security 2010Now That's What I Call WordPress Security 2010
Now That's What I Call WordPress Security 2010
Brad Williams
 
WordPress Security - WordCamp Boston 2010
WordPress Security - WordCamp Boston 2010WordPress Security - WordCamp Boston 2010
WordPress Security - WordCamp Boston 2010
Brad Williams
 
Ithemes presentation
Ithemes presentationIthemes presentation
Ithemes presentation
Jason Yingling
 
WordPress Security Updated - NYC Meetup 2009
WordPress Security Updated - NYC Meetup 2009WordPress Security Updated - NYC Meetup 2009
WordPress Security Updated - NYC Meetup 2009
Brad Williams
 
WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
Dre Armeda
 
WordPress Security - Kulpreet Singh
WordPress Security - Kulpreet SinghWordPress Security - Kulpreet Singh
WordPress Security - Kulpreet Singh
guest4fe370
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
SiteGround.com
 
WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)
Michael Carnell
 
WordPress Security Guide
WordPress Security GuideWordPress Security Guide
WordPress Security Guide
Trainings Webversity
 
Top Ten WordPress Security Tips for 2012
Top Ten WordPress Security Tips for 2012Top Ten WordPress Security Tips for 2012
Top Ten WordPress Security Tips for 2012
Brad Williams
 
Intro to Wordpress Security
Intro to Wordpress SecurityIntro to Wordpress Security
Intro to Wordpress Security
Chris Dodds
 
WordPress Security
WordPress Security WordPress Security
WordPress Security
Christina Hawkins
 
Installing & Setting Up WordPress
Installing & Setting Up WordPressInstalling & Setting Up WordPress
Installing & Setting Up WordPress
Gravitational FX
 
Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress Security
Nile Flores
 
WordPress Security
WordPress SecurityWordPress Security
WordPress Security
Nathan Platt
 
Fortress SQL Server
Fortress SQL ServerFortress SQL Server
Fortress SQL Server
webhostingguy
 

Similar to WordPress Security: Get it or Lose It - DaytonWP January 2013 MeetUp (20)

WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013
 
WordPress Security - WordCamp NYC 2009
WordPress Security - WordCamp NYC 2009WordPress Security - WordCamp NYC 2009
WordPress Security - WordCamp NYC 2009
 
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)Hardening WordPress - SAScon Manchester 2013 (WordPress Security)
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)
 
WordPress Security
WordPress SecurityWordPress Security
WordPress Security
 
Now That's What I Call WordPress Security 2010
Now That's What I Call WordPress Security 2010Now That's What I Call WordPress Security 2010
Now That's What I Call WordPress Security 2010
 
WordPress Security - WordCamp Boston 2010
WordPress Security - WordCamp Boston 2010WordPress Security - WordCamp Boston 2010
WordPress Security - WordCamp Boston 2010
 
Ithemes presentation
Ithemes presentationIthemes presentation
Ithemes presentation
 
WordPress Security Updated - NYC Meetup 2009
WordPress Security Updated - NYC Meetup 2009WordPress Security Updated - NYC Meetup 2009
WordPress Security Updated - NYC Meetup 2009
 
WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
 
WordPress Security - Kulpreet Singh
WordPress Security - Kulpreet SinghWordPress Security - Kulpreet Singh
WordPress Security - Kulpreet Singh
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
 
WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)
 
WordPress Security Guide
WordPress Security GuideWordPress Security Guide
WordPress Security Guide
 
Top Ten WordPress Security Tips for 2012
Top Ten WordPress Security Tips for 2012Top Ten WordPress Security Tips for 2012
Top Ten WordPress Security Tips for 2012
 
Intro to Wordpress Security
Intro to Wordpress SecurityIntro to Wordpress Security
Intro to Wordpress Security
 
WordPress Security
WordPress Security WordPress Security
WordPress Security
 
Installing & Setting Up WordPress
Installing & Setting Up WordPressInstalling & Setting Up WordPress
Installing & Setting Up WordPress
 
Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress Security
 
WordPress Security
WordPress SecurityWordPress Security
WordPress Security
 
Fortress SQL Server
Fortress SQL ServerFortress SQL Server
Fortress SQL Server
 

Recently uploaded

Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
Wouter Lemaire
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
SitimaJohn
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Alpen-Adria-Universität
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Project Management Semester Long Project - Acuity
Project Management Semester Long Project - AcuityProject Management Semester Long Project - Acuity
Project Management Semester Long Project - Acuity
jpupo2018
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 

Recently uploaded (20)

Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Project Management Semester Long Project - Acuity
Project Management Semester Long Project - AcuityProject Management Semester Long Project - Acuity
Project Management Semester Long Project - Acuity
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 

WordPress Security: Get it or Lose It - DaytonWP January 2013 MeetUp

  • 2. Who Am I Media – Marketing - Geek @natedriver linkedin.com/in/ndriver nathandriver.com
  • 3. WP Security: 3 Sections Basic Settings PLUGINS Advanced Settings …and everything in between
  • 5. WP Security: Basic Settings Stop using ADMIN Do not make easy for hackers to ‘guess’ your username Change the table prefix It Is NOT that difficult
  • 6. WP Security: Basic Settings DON’T MAKE IT EASY
  • 8. WP Security: Basic Settings • • • • • • • • • • • • • • A strong password: has at least 15 characters; has uppercase letters; has lowercase letters; has numbers; has symbols, such as ` ! " ? $ ? % ^ & * ( ) _ - + = { [ } ] : ; @ ' ~ # | < , > . ? / is not like your previous passwords; is not your name; is not your login; is not your friend’s name; is not your family member’s name; is not a dictionary word; is not a common name; is not a keyboard pattern, such as qwerty, asdfghjkl, or 12345678.
  • 9. WP Security: Basic Settings UPDATE – UPDATE - UPDATE You see it – do something about it!
  • 10. Plugins: Help Yourself They’re there to help make your life easier
  • 11. WP Security: Plugins BACKUP – BACKUP - BACKUP VaultPress http://vaultpress.com
  • 12. WP Security: Plugins Brute Force Limit Login Attempts: http://wordpress.org/extend/plugins/li mit-login-attempts/
  • 13. WP Security: Plugins WP Security Scan: 1. Passwords 2. File Permissions 3. Database security 4. Version hiding 5. WordPress admin protection/security 6. Removes WP Generator META tag from core code
  • 14. WP Security: Plugins Better WP Security • • • • • • • • • • • • Remove the meta “Generator” tag Change the urls for WordPress dashboard including login, admin, and more Completely turn off the ability to login for a given time period (away mode) Remove theme, plugin, and core update notifications from users who do not have permission to update them Remove Windows Live Write header information Remove RSD header information Rename “admin” account Change the ID on the user with ID 1 Change the WordPress database table prefix Change wp-content path Removes login error messages Display a random version number to non administrative users anywhere version is used
  • 16. WP Security: Advanced Settings phpMyAdmin -> Database -> …users
  • 17. WP Security: Advanced Settings Alternative steps: •Create a new user •Give them admin rights •Log out •Log in under new user •Delete “admin” account
  • 18. WP Security: Advanced Settings Folder Permissions • All directories should be 755 or 750. • All files should be 644 or 640. Exception: wpconfig.php should be 600 to prevent other users on the server from reading it. • No directories should ever be given 777, even upload directories. Since the php process is running as the owner of the files, it gets the owners permissions and can write to even a 755 directory.
  • 19. WP Security: Advanced Settings Get rid of WordPress version This can be found • Header.php {header meta} • Readme.html file Fix by placing either one in the functions of your theme •remove_action(‘wp_head’,’wp_generator’); •function remove_wp_version() { return ‘’; }
  • 20. Get It or Lose It Nathan Driver Media – Marketing – Geek @natedriver www.nathandriver.com WordPress Security: