wordpress security basics - melbourne wordpress user meetup

Report

Post on 15-Apr-2017

2.232 Views

Category:

Technology

1 Downloads

Preview:

Click to see full reader

TRANSCRIPT

WordPressSecurityBasics

ChrisBurgess@chrisburgess

BadNews

Thereisnosuchthingasabsolutesecurity.Nothingis100%secure.

GoodNews

Therearemanythingswecandotodrasticallyreducetherisks.

Contextiseverything…

“MostsuccessfulWordPresshackattacksaretypicallytheresultof

humanerror,beitaconfigurationerrororfailingtomaintainWordPress,suchaskeepingcoreandallpluginsupto

date,orinstallinginsecurepluginsetc.”-RobertAbela(@robertabela)

Source:http://www.wpwhitesecurity.com/wordpress-security/statistics-highlight-main-source-wordpress-vulnerabilities/

OverviewTakeSecuritySeriouslyUpdatesThemesandPluginsPasswordsBackupsandMaintenanceHardeningWordPressandSSLwillbecoveredinthefollowingpresentations

TakeSecuritySeriously

DefenseinDepth

Source:http://wptavern.com/

KeepWordPressUpdated

Updates

•  “Patchearlyandpatchoften”•  Thisisanothergoodreasontohaveatesting/stagingenvironment

UseReputablePlugins

UseReputableThemes

Trust

TheWeakestLink

PasswordManagement

•  LastPass,1Password,Roboform,KeePass,Dashlane

•  SecretServer,LastPassEnterprise,PassPack•  UseTwo-factorauthenticationwhereverpossible

PerformRegularBackupsandMaintenance

PrepareforProblems

BackupOptions

•  ServerLevelBackups– cPanel/Plesk– Replication– Snapshots

•  BackupServices•  BackupPlugins•  ManualBackups•  Exports

HardeningWordPress

HardeningWordPress

•  Allinoneplugins:Sucuri,Wordfence,iThemesSecurity

•  Oryoucantakeamoremodularapproach,butchoosewisely

•  SecurityServices•  ManualHardening

GoogleSearchConsole(formerlyWebmasterTools)

HowcanIlearnmore?

VerizonDBIR

http://news.verizonenterprise.com/2015/04/2015-data-breach-report-info/

Resources

•  https://wordpress.org/about/security/•  https://wordpress.org/news/category/security/

•  http://codex.wordpress.org/Hardening_WordPress

•  http://codex.wordpress.org/Brute_Force_Attacks#Protect_Your_Server

Thanks!

ChrisBurgess@chrisburgess

top related

wordpress ecommerce with woocommerce -...
Documents
wordpress security presentation from south florida wordpress...
Technology
wordpress security - wordpress meetup copenhagen 2013
Technology
meetup wordpress #openexpoday 2014
Technology
developers meetup wordpress presentation
Documents
wordpress india introductory meetup
Documents
wordpress meetup copenhagen 2011.04.16
Technology
melbourne azure meetup may 2012
Documents
socal wordpress meetup - iweb to wordpress aka wp99
Technology
wordpress cases met koppelingen - wordpress meetup nijmegen
Technology
wordpress seo basics - melbourne wordpress meetup
Marketing
wordpress melbourne user group april 2013 users meetup
Technology
2 wordpress meetup serbia
Internet
growing your wordpress meetup
Technology
wordpress meetup nijmegen 2016
Internet
wordpress meetup para iniciantes
Technology
wordpress meetup - junio 2015
Software
wordpress meetup - 10 plugins
Technology
ii meetup wordpress pontevedra
Internet
melbourne windows azure meetup
Documents