SlideShare a Scribd company logo

WordPress Site Management - Keeping Your Creation Happy, Healthy and Secure

Download as PPTX, PDF
Meagan Hanes
Meagan Hanes

You’ve designed it, you’ve built it, you’ve launched your new website – job done, right? Nope – your adventure has only begun! In this session we’ll review what “website security” really means, why it matters, and how exactly to implement basic security best practices such as: – Controlling user access to your site, – Using (and managing) strong passwords, – Applying updates to Core and Plugins, – Installing and configuring security plugins, – & How to back up your site easily, effectively, and automatically! You’ll leave this session with the ABCs of Security – literally!

Technology
1 of 13
WP Site Management Keeping your Creation Happy, Healthy, and Secure Meagan Hanes @mhanes WordCamp Hamilton 2016
A Bit About Me Freelance designer & developer 15+ years 10+ years creating WP sites of all sizes & styles TheWPCrowd Member #training team make.wordpress.org/training Favourite colour: Rainbow! Say Hi to my Friend Roy: http://hiroy.club
What is Web Security?
What is Web Security? Protecting your website from malicious threats Bots, Hackers Ex-employees Competing Businesses Reducing vectors of attack Plugins and themes Weak passwords Unused user accounts Reducing the risk of an attack Backups & Security
Why does web security matter? $$$
Why does web security matter? Protect your investment Websites aren’t cheap or easy to build - why risk losing that investment? Reduce your stress levels, sleep well at night Web Security = insurance policy for your website Make your web employees happy As much as developers love money, they don’t like fixing hacked sites!
Access Who has access? How do they access the server? Where do they access it from? Backups How often are backups made? What’s involved in restoring a backup? Whose job is it? Check for Updates What kind of updates? How do I update my site with no risk of it breaking? ABCs of Website Security
Who has access to your site? What level of access do they need? How do they access your site? Current Users Modify their User Role based on what level of access they need1 Encourage server connections with SFTP or SSH vs FTP Old Users Delete from Users section of WordPress * Check Server-level Access As Well! * 1. https://codex.wordpress.org/Roles_and_Capabilities Access
Dolphin12 is not a password, it’s a Hotmail account. Not easily guessable - No birth years Never write it down - LastPass, KeyPass Never reuse a password Weird mind tricks work! Password Reset Links are your friends! Strong Passwords
When was your last website backup made? Where is that backup? How do you restore your site from a backup? Manually1 Copy WordPress file directory, export the database, store on a third party server Automagically2 Via a plugin: UpdraftPlus, BackupBuddy, WP-DB Backup, etc Via a centralized hub: ManageWP, InfiniteWP * Test your Backup Restore Routine Tomorrow! * 1. https://codex.wordpress.org/WordPress_Backups 2. http://www.wpbeginner.com/plugins/7-best-wordpress-backup-plugins-compared-pros-and-cons/ Backups
What version of WordPress are you using? What plugins do you have installed and activated on your site? What theme are you using? What themes do you have installed but not active? Core Updates Point updates are done automatically (4.5.1 to 4.5.2) -> security patches, etc Major updates are done manually (4.3 to 4.5) -> get on the most recent version for :) Plugins and Themes If you don’t need them, delete them! -> fewer attack vectors If they’re old, update them! -> missing features & compatibility with themes/plugins If they’ve been modified, get a developer to help! * Set Up A Staging Server for Maximum Win! * Check for Updates
Who’s tried logging in to your site, from where, and when? Does your site have any suspicious code? When were site files last modified? Security Plugins for WordPress iThemes Security WordFence Sucuri AllInOne WP Security Limit user login attempts (# of times), geolocation, time of access, IP address Detect if/when files are changed Two-factor authentication Forcing secure passwords .htaccess monitoring Blacklists, firewalls, etc … and more! * Peace of mind comes at a cost - budget accordingly! * BONUS: Security Plugins
Question Time! Meagan Hanes @mhanes WordCamp Hamilton 2016

Recommended

WordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupWordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User Meetup
Chris Burgess
 
Responsible [digital] Home Ownership
Responsible [digital] Home OwnershipResponsible [digital] Home Ownership
Responsible [digital] Home Ownership
Denise (Dee) Teal
 
Word press in 30 minutes
Word press in 30 minutesWord press in 30 minutes
Word press in 30 minutes
Michelle Castillo
 
WordPress in 90 minutes
WordPress in 90 minutesWordPress in 90 minutes
WordPress in 90 minutes
Michelle Castillo
 
Word press sites maintenanace
Word press sites maintenanaceWord press sites maintenanace
Word press sites maintenanaceMichelle Castillo
 
Build a WordPress.com Website
Build a WordPress.com WebsiteBuild a WordPress.com Website
Build a WordPress.com Website
mwfordesigns
 
NJ Videographers Association - Build an amazing website - WordPress
NJ Videographers Association - Build an amazing website - WordPressNJ Videographers Association - Build an amazing website - WordPress
NJ Videographers Association - Build an amazing website - WordPress
Gabriela Levit
 
Introduction to Wordpress (Research Based)
Introduction to Wordpress (Research Based)Introduction to Wordpress (Research Based)
Introduction to Wordpress (Research Based)
Anjum Hashir
 

Recommended

WordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupWordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User Meetup
Chris Burgess
 
Responsible [digital] Home Ownership
Responsible [digital] Home OwnershipResponsible [digital] Home Ownership
Responsible [digital] Home Ownership
Denise (Dee) Teal
 
Word press in 30 minutes
Word press in 30 minutesWord press in 30 minutes
Word press in 30 minutes
Michelle Castillo
 
WordPress in 90 minutes
WordPress in 90 minutesWordPress in 90 minutes
WordPress in 90 minutes
Michelle Castillo
 
Word press sites maintenanace
Word press sites maintenanaceWord press sites maintenanace
Word press sites maintenanaceMichelle Castillo
 
Build a WordPress.com Website
Build a WordPress.com WebsiteBuild a WordPress.com Website
Build a WordPress.com Website
mwfordesigns
 
NJ Videographers Association - Build an amazing website - WordPress
NJ Videographers Association - Build an amazing website - WordPressNJ Videographers Association - Build an amazing website - WordPress
NJ Videographers Association - Build an amazing website - WordPress
Gabriela Levit
 
Introduction to Wordpress (Research Based)
Introduction to Wordpress (Research Based)Introduction to Wordpress (Research Based)
Introduction to Wordpress (Research Based)
Anjum Hashir
 
How to Resolve Recurring WordPress Problems?
How to Resolve Recurring WordPress Problems?How to Resolve Recurring WordPress Problems?
How to Resolve Recurring WordPress Problems?
Rasin Bekkevold
 
Basic WordPress for Beginner ppt
Basic WordPress for Beginner pptBasic WordPress for Beginner ppt
Basic WordPress for Beginner ppt
Dipika Wadhvani
 
Refresh WordPress Beginner Workshop
Refresh WordPress Beginner WorkshopRefresh WordPress Beginner Workshop
Refresh WordPress Beginner Workshop
David Bisset
 
Basic WordPress Workshop Presentation
Basic WordPress Workshop PresentationBasic WordPress Workshop Presentation
Basic WordPress Workshop Presentation
Felix Albutra
 
Choosing WordPress Plugins (WordCamp Raleigh 2016)
Choosing WordPress Plugins (WordCamp Raleigh 2016)Choosing WordPress Plugins (WordCamp Raleigh 2016)
Choosing WordPress Plugins (WordCamp Raleigh 2016)
andisites
 
Setup and run wordpress: 201
Setup and run wordpress: 201Setup and run wordpress: 201
Setup and run wordpress: 201
wordpresswebmaster
 
How to install wordpress
How to install wordpress How to install wordpress
How to install wordpress
Deepanshu Kapoor
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPress
Craig Bailey
 
WordPress SEO Tips
WordPress SEO TipsWordPress SEO Tips
WordPress SEO Tips
Chris Burgess
 
Basic Wordpress Session
Basic Wordpress SessionBasic Wordpress Session
Basic Wordpress Session
Vipul Garg
 
WordPress what is Wordpress
WordPress what is WordpressWordPress what is Wordpress
WordPress what is Wordpress
Shahid Husain
 
Wordpress essential training - Wordpress Presentation PPT
Wordpress essential training - Wordpress Presentation PPTWordpress essential training - Wordpress Presentation PPT
Wordpress essential training - Wordpress Presentation PPT
Abdulla2410
 
It’s a WIN, WIN: ‘WordPress On Windows’
It’s a WIN, WIN: ‘WordPress On Windows’It’s a WIN, WIN: ‘WordPress On Windows’
It’s a WIN, WIN: ‘WordPress On Windows’
Brendan Sera-Shriar
 
Sucuri Webinar: Beginner's Guide to CDNs
Sucuri Webinar: Beginner's Guide to CDNsSucuri Webinar: Beginner's Guide to CDNs
Sucuri Webinar: Beginner's Guide to CDNs
Sucuri
 
Introduction to Wordpress
Introduction to WordpressIntroduction to Wordpress
Introduction to Wordpress
Reuben Rock
 
The Basics of WordPress
The Basics of WordPressThe Basics of WordPress
The Basics of WordPress
Thom Allen
 
Installing WordPress The Right Way
Installing WordPress The Right WayInstalling WordPress The Right Way
Installing WordPress The Right Way
Chris Burgess
 
Emergency WordPress Troubleshooting
Emergency WordPress TroubleshootingEmergency WordPress Troubleshooting
Emergency WordPress Troubleshooting
Tiffany Bridge
 
WordPress Basics
WordPress BasicsWordPress Basics
WordPress Basics
Kyrie Tompkins
 
Prabhanjan Panigrahi
Prabhanjan PanigrahiPrabhanjan Panigrahi
Prabhanjan PanigrahiAnirban Saha
 
Securing your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupSecuring your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP Meetup
Oyster Bay Marauders LLC
 
WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012
Angela Bowman
 

More Related Content

What's hot

How to Resolve Recurring WordPress Problems?
How to Resolve Recurring WordPress Problems?How to Resolve Recurring WordPress Problems?
How to Resolve Recurring WordPress Problems?
Rasin Bekkevold
 
Basic WordPress for Beginner ppt
Basic WordPress for Beginner pptBasic WordPress for Beginner ppt
Basic WordPress for Beginner ppt
Dipika Wadhvani
 
Refresh WordPress Beginner Workshop
Refresh WordPress Beginner WorkshopRefresh WordPress Beginner Workshop
Refresh WordPress Beginner Workshop
David Bisset
 
Basic WordPress Workshop Presentation
Basic WordPress Workshop PresentationBasic WordPress Workshop Presentation
Basic WordPress Workshop Presentation
Felix Albutra
 
Choosing WordPress Plugins (WordCamp Raleigh 2016)
Choosing WordPress Plugins (WordCamp Raleigh 2016)Choosing WordPress Plugins (WordCamp Raleigh 2016)
Choosing WordPress Plugins (WordCamp Raleigh 2016)
andisites
 
Setup and run wordpress: 201
Setup and run wordpress: 201Setup and run wordpress: 201
Setup and run wordpress: 201
wordpresswebmaster
 
How to install wordpress
How to install wordpress How to install wordpress
How to install wordpress
Deepanshu Kapoor
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPress
Craig Bailey
 
WordPress SEO Tips
WordPress SEO TipsWordPress SEO Tips
WordPress SEO Tips
Chris Burgess
 
Basic Wordpress Session
Basic Wordpress SessionBasic Wordpress Session
Basic Wordpress Session
Vipul Garg
 
WordPress what is Wordpress
WordPress what is WordpressWordPress what is Wordpress
WordPress what is Wordpress
Shahid Husain
 
Wordpress essential training - Wordpress Presentation PPT
Wordpress essential training - Wordpress Presentation PPTWordpress essential training - Wordpress Presentation PPT
Wordpress essential training - Wordpress Presentation PPT
Abdulla2410
 
It’s a WIN, WIN: ‘WordPress On Windows’
It’s a WIN, WIN: ‘WordPress On Windows’It’s a WIN, WIN: ‘WordPress On Windows’
It’s a WIN, WIN: ‘WordPress On Windows’
Brendan Sera-Shriar
 
Sucuri Webinar: Beginner's Guide to CDNs
Sucuri Webinar: Beginner's Guide to CDNsSucuri Webinar: Beginner's Guide to CDNs
Sucuri Webinar: Beginner's Guide to CDNs
Sucuri
 
Introduction to Wordpress
Introduction to WordpressIntroduction to Wordpress
Introduction to Wordpress
Reuben Rock
 
The Basics of WordPress
The Basics of WordPressThe Basics of WordPress
The Basics of WordPress
Thom Allen
 
Installing WordPress The Right Way
Installing WordPress The Right WayInstalling WordPress The Right Way
Installing WordPress The Right Way
Chris Burgess
 
Emergency WordPress Troubleshooting
Emergency WordPress TroubleshootingEmergency WordPress Troubleshooting
Emergency WordPress Troubleshooting
Tiffany Bridge
 
WordPress Basics
WordPress BasicsWordPress Basics
WordPress Basics
Kyrie Tompkins
 
Prabhanjan Panigrahi
Prabhanjan PanigrahiPrabhanjan Panigrahi
Prabhanjan PanigrahiAnirban Saha
 

What's hot (20)

How to Resolve Recurring WordPress Problems?
How to Resolve Recurring WordPress Problems?How to Resolve Recurring WordPress Problems?
How to Resolve Recurring WordPress Problems?
 
Basic WordPress for Beginner ppt
Basic WordPress for Beginner pptBasic WordPress for Beginner ppt
Basic WordPress for Beginner ppt
 
Refresh WordPress Beginner Workshop
Refresh WordPress Beginner WorkshopRefresh WordPress Beginner Workshop
Refresh WordPress Beginner Workshop
 
Basic WordPress Workshop Presentation
Basic WordPress Workshop PresentationBasic WordPress Workshop Presentation
Basic WordPress Workshop Presentation
 
Choosing WordPress Plugins (WordCamp Raleigh 2016)
Choosing WordPress Plugins (WordCamp Raleigh 2016)Choosing WordPress Plugins (WordCamp Raleigh 2016)
Choosing WordPress Plugins (WordCamp Raleigh 2016)
 
Setup and run wordpress: 201
Setup and run wordpress: 201Setup and run wordpress: 201
Setup and run wordpress: 201
 
How to install wordpress
How to install wordpress How to install wordpress
How to install wordpress
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPress
 
WordPress SEO Tips
WordPress SEO TipsWordPress SEO Tips
WordPress SEO Tips
 
Basic Wordpress Session
Basic Wordpress SessionBasic Wordpress Session
Basic Wordpress Session
 
WordPress what is Wordpress
WordPress what is WordpressWordPress what is Wordpress
WordPress what is Wordpress
 
Wordpress essential training - Wordpress Presentation PPT
Wordpress essential training - Wordpress Presentation PPTWordpress essential training - Wordpress Presentation PPT
Wordpress essential training - Wordpress Presentation PPT
 
It’s a WIN, WIN: ‘WordPress On Windows’
It’s a WIN, WIN: ‘WordPress On Windows’It’s a WIN, WIN: ‘WordPress On Windows’
It’s a WIN, WIN: ‘WordPress On Windows’
 
Sucuri Webinar: Beginner's Guide to CDNs
Sucuri Webinar: Beginner's Guide to CDNsSucuri Webinar: Beginner's Guide to CDNs
Sucuri Webinar: Beginner's Guide to CDNs
 
Introduction to Wordpress
Introduction to WordpressIntroduction to Wordpress
Introduction to Wordpress
 
The Basics of WordPress
The Basics of WordPressThe Basics of WordPress
The Basics of WordPress
 
Installing WordPress The Right Way
Installing WordPress The Right WayInstalling WordPress The Right Way
Installing WordPress The Right Way
 
Emergency WordPress Troubleshooting
Emergency WordPress TroubleshootingEmergency WordPress Troubleshooting
Emergency WordPress Troubleshooting
 
WordPress Basics
WordPress BasicsWordPress Basics
WordPress Basics
 
Prabhanjan Panigrahi
Prabhanjan PanigrahiPrabhanjan Panigrahi
Prabhanjan Panigrahi
 

Similar to WordPress Site Management - Keeping Your Creation Happy, Healthy and Secure

Securing your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupSecuring your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP Meetup
Oyster Bay Marauders LLC
 
WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012
Angela Bowman
 
How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014
Primary Image Ltd
 
WordPress security
WordPress securityWordPress security
WordPress security
Shelley Magnezi
 
WordPress Resources Nov 2014
WordPress Resources Nov 2014WordPress Resources Nov 2014
WordPress Resources Nov 2014
Judy Wilson
 
Security, more important than ever!
Security, more important than ever!Security, more important than ever!
Security, more important than ever!
Marko Heijnen
 
WordPress Insider Meetup Group - Jan, 7, 2016 meeting
WordPress Insider Meetup Group - Jan, 7, 2016 meetingWordPress Insider Meetup Group - Jan, 7, 2016 meeting
WordPress Insider Meetup Group - Jan, 7, 2016 meeting
Michelle Castillo
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressChelsea O'Brien
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
SiteGround.com
 
Handy Resources for Developing a WordPress Website
Handy Resources for Developing a WordPress WebsiteHandy Resources for Developing a WordPress Website
Handy Resources for Developing a WordPress Website
XHTML Champs
 
Up and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web DesignUp and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web Design
Judy Wilson
 
A Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdfA Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdf
Host It Smart
 
WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
Dre Armeda
 
Update Smart: Use a staging site!
Update Smart: Use a staging site!Update Smart: Use a staging site!
Update Smart: Use a staging site!
Meagan Hanes
 
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKEDWORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
StuartJDavidson.com
 
WordCamp RI 2015 - Beginner WordPress Workshop
WordCamp RI 2015 - Beginner WordPress Workshop WordCamp RI 2015 - Beginner WordPress Workshop
WordCamp RI 2015 - Beginner WordPress Workshop
Ella J Designs
 
WordPress Security Presentation
WordPress Security PresentationWordPress Security Presentation
WordPress Security Presentation
Andrew Paton
 
Which plugins rule the world?
Which plugins rule the world? Which plugins rule the world?
Which plugins rule the world?
Charlotte Hartley-Wilson
 
Avoiding Errors: Troubleshoot Wordpress like a Pro!
Avoiding Errors: Troubleshoot Wordpress like a Pro!Avoiding Errors: Troubleshoot Wordpress like a Pro!
Avoiding Errors: Troubleshoot Wordpress like a Pro!
J_Cortes
 
Higher Order WordPress Security
Higher Order WordPress SecurityHigher Order WordPress Security
Higher Order WordPress Security
Dougal Campbell
 

Similar to WordPress Site Management - Keeping Your Creation Happy, Healthy and Secure (20)

Securing your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupSecuring your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP Meetup
 
WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012WordPress Security Essentials WordCamp Denver 2012
WordPress Security Essentials WordCamp Denver 2012
 
How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014
 
WordPress security
WordPress securityWordPress security
WordPress security
 
WordPress Resources Nov 2014
WordPress Resources Nov 2014WordPress Resources Nov 2014
WordPress Resources Nov 2014
 
Security, more important than ever!
Security, more important than ever!Security, more important than ever!
Security, more important than ever!
 
WordPress Insider Meetup Group - Jan, 7, 2016 meeting
WordPress Insider Meetup Group - Jan, 7, 2016 meetingWordPress Insider Meetup Group - Jan, 7, 2016 meeting
WordPress Insider Meetup Group - Jan, 7, 2016 meeting
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your Wordpress
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
 
Handy Resources for Developing a WordPress Website
Handy Resources for Developing a WordPress WebsiteHandy Resources for Developing a WordPress Website
Handy Resources for Developing a WordPress Website
 
Up and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web DesignUp and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web Design
 
A Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdfA Guide To Secure WordPress Website – A Complete Guide.pdf
A Guide To Secure WordPress Website – A Complete Guide.pdf
 
WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
 
Update Smart: Use a staging site!
Update Smart: Use a staging site!Update Smart: Use a staging site!
Update Smart: Use a staging site!
 
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKEDWORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
 
WordCamp RI 2015 - Beginner WordPress Workshop
WordCamp RI 2015 - Beginner WordPress Workshop WordCamp RI 2015 - Beginner WordPress Workshop
WordCamp RI 2015 - Beginner WordPress Workshop
 
WordPress Security Presentation
WordPress Security PresentationWordPress Security Presentation
WordPress Security Presentation
 
Which plugins rule the world?
Which plugins rule the world? Which plugins rule the world?
Which plugins rule the world?
 
Avoiding Errors: Troubleshoot Wordpress like a Pro!
Avoiding Errors: Troubleshoot Wordpress like a Pro!Avoiding Errors: Troubleshoot Wordpress like a Pro!
Avoiding Errors: Troubleshoot Wordpress like a Pro!
 
Higher Order WordPress Security
Higher Order WordPress SecurityHigher Order WordPress Security
Higher Order WordPress Security
 

More from Meagan Hanes

Update Smart: Use a Staging Site!
Update Smart: Use a Staging Site!Update Smart: Use a Staging Site!
Update Smart: Use a Staging Site!
Meagan Hanes
 
Finding Useful Plugins: How To Extend WordPress Past a Simple Blog
Finding Useful Plugins: How To Extend WordPress Past a Simple BlogFinding Useful Plugins: How To Extend WordPress Past a Simple Blog
Finding Useful Plugins: How To Extend WordPress Past a Simple Blog
Meagan Hanes
 
To The Word And Beyond! Extending WordPress Past a Simple Blog
To The Word And Beyond! Extending WordPress Past a Simple BlogTo The Word And Beyond! Extending WordPress Past a Simple Blog
To The Word And Beyond! Extending WordPress Past a Simple Blog
Meagan Hanes
 
Giving back to WordPress - no code needed!
Giving back to WordPress - no code needed!Giving back to WordPress - no code needed!
Giving back to WordPress - no code needed!
Meagan Hanes
 
Speed up your site! #wcmtl2015 by Meagan Hanes
Speed up your site! #wcmtl2015 by Meagan HanesSpeed up your site! #wcmtl2015 by Meagan Hanes
Speed up your site! #wcmtl2015 by Meagan HanesMeagan Hanes
 
To The Word And Beyond! Extending WordPress Past a Simple Blog
To The Word And Beyond! Extending WordPress Past a Simple BlogTo The Word And Beyond! Extending WordPress Past a Simple Blog
To The Word And Beyond! Extending WordPress Past a Simple Blog
Meagan Hanes
 
WCO2014 - To The Word And Beyond!
WCO2014 - To The Word And Beyond!WCO2014 - To The Word And Beyond!
WCO2014 - To The Word And Beyond!
Meagan Hanes
 
#WCTO2013 - DIY or Have It Made? Here's How to Decide!
#WCTO2013 - DIY or Have It Made? Here's How to Decide!#WCTO2013 - DIY or Have It Made? Here's How to Decide!
#WCTO2013 - DIY or Have It Made? Here's How to Decide!Meagan Hanes
 
The ABCs of HTML
The ABCs of HTMLThe ABCs of HTML
The ABCs of HTML
Meagan Hanes
 

More from Meagan Hanes (9)

Update Smart: Use a Staging Site!
Update Smart: Use a Staging Site!Update Smart: Use a Staging Site!
Update Smart: Use a Staging Site!
 
Finding Useful Plugins: How To Extend WordPress Past a Simple Blog
Finding Useful Plugins: How To Extend WordPress Past a Simple BlogFinding Useful Plugins: How To Extend WordPress Past a Simple Blog
Finding Useful Plugins: How To Extend WordPress Past a Simple Blog
 
To The Word And Beyond! Extending WordPress Past a Simple Blog
To The Word And Beyond! Extending WordPress Past a Simple BlogTo The Word And Beyond! Extending WordPress Past a Simple Blog
To The Word And Beyond! Extending WordPress Past a Simple Blog
 
Giving back to WordPress - no code needed!
Giving back to WordPress - no code needed!Giving back to WordPress - no code needed!
Giving back to WordPress - no code needed!
 
Speed up your site! #wcmtl2015 by Meagan Hanes
Speed up your site! #wcmtl2015 by Meagan HanesSpeed up your site! #wcmtl2015 by Meagan Hanes
Speed up your site! #wcmtl2015 by Meagan Hanes
 
To The Word And Beyond! Extending WordPress Past a Simple Blog
To The Word And Beyond! Extending WordPress Past a Simple BlogTo The Word And Beyond! Extending WordPress Past a Simple Blog
To The Word And Beyond! Extending WordPress Past a Simple Blog
 
WCO2014 - To The Word And Beyond!
WCO2014 - To The Word And Beyond!WCO2014 - To The Word And Beyond!
WCO2014 - To The Word And Beyond!
 
#WCTO2013 - DIY or Have It Made? Here's How to Decide!
#WCTO2013 - DIY or Have It Made? Here's How to Decide!#WCTO2013 - DIY or Have It Made? Here's How to Decide!
#WCTO2013 - DIY or Have It Made? Here's How to Decide!
 
The ABCs of HTML
The ABCs of HTMLThe ABCs of HTML
The ABCs of HTML
 

Recently uploaded

JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 

Recently uploaded (20)

JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 

WordPress Site Management - Keeping Your Creation Happy, Healthy and Secure

  • 1. WP Site Management Keeping your Creation Happy, Healthy, and Secure Meagan Hanes @mhanes WordCamp Hamilton 2016
  • 2. A Bit About Me Freelance designer & developer 15+ years 10+ years creating WP sites of all sizes & styles TheWPCrowd Member #training team make.wordpress.org/training Favourite colour: Rainbow! Say Hi to my Friend Roy: http://hiroy.club
  • 3. What is Web Security?
  • 4. What is Web Security? Protecting your website from malicious threats Bots, Hackers Ex-employees Competing Businesses Reducing vectors of attack Plugins and themes Weak passwords Unused user accounts Reducing the risk of an attack Backups & Security
  • 5. Why does web security matter? $$$
  • 6. Why does web security matter? Protect your investment Websites aren’t cheap or easy to build - why risk losing that investment? Reduce your stress levels, sleep well at night Web Security = insurance policy for your website Make your web employees happy As much as developers love money, they don’t like fixing hacked sites!
  • 7. Access Who has access? How do they access the server? Where do they access it from? Backups How often are backups made? What’s involved in restoring a backup? Whose job is it? Check for Updates What kind of updates? How do I update my site with no risk of it breaking? ABCs of Website Security
  • 8. Who has access to your site? What level of access do they need? How do they access your site? Current Users Modify their User Role based on what level of access they need1 Encourage server connections with SFTP or SSH vs FTP Old Users Delete from Users section of WordPress * Check Server-level Access As Well! * 1. https://codex.wordpress.org/Roles_and_Capabilities Access
  • 9. Dolphin12 is not a password, it’s a Hotmail account. Not easily guessable - No birth years Never write it down - LastPass, KeyPass Never reuse a password Weird mind tricks work! Password Reset Links are your friends! Strong Passwords
  • 10. When was your last website backup made? Where is that backup? How do you restore your site from a backup? Manually1 Copy WordPress file directory, export the database, store on a third party server Automagically2 Via a plugin: UpdraftPlus, BackupBuddy, WP-DB Backup, etc Via a centralized hub: ManageWP, InfiniteWP * Test your Backup Restore Routine Tomorrow! * 1. https://codex.wordpress.org/WordPress_Backups 2. http://www.wpbeginner.com/plugins/7-best-wordpress-backup-plugins-compared-pros-and-cons/ Backups
  • 11. What version of WordPress are you using? What plugins do you have installed and activated on your site? What theme are you using? What themes do you have installed but not active? Core Updates Point updates are done automatically (4.5.1 to 4.5.2) -> security patches, etc Major updates are done manually (4.3 to 4.5) -> get on the most recent version for :) Plugins and Themes If you don’t need them, delete them! -> fewer attack vectors If they’re old, update them! -> missing features & compatibility with themes/plugins If they’ve been modified, get a developer to help! * Set Up A Staging Server for Maximum Win! * Check for Updates
  • 12. Who’s tried logging in to your site, from where, and when? Does your site have any suspicious code? When were site files last modified? Security Plugins for WordPress iThemes Security WordFence Sucuri AllInOne WP Security Limit user login attempts (# of times), geolocation, time of access, IP address Detect if/when files are changed Two-factor authentication Forcing secure passwords .htaccess monitoring Blacklists, firewalls, etc … and more! * Peace of mind comes at a cost - budget accordingly! * BONUS: Security Plugins
  • 13. Question Time! Meagan Hanes @mhanes WordCamp Hamilton 2016