WordPress Security Blitz
-
Upload
nevada-interpreters-and-translators-association-nita -
Category
Technology
-
view
441 -
download
0
description
Transcript of WordPress Security Blitz
![Page 1: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/1.jpg)
Reno Tahoe WordCamp 2010
WordPress Security Blitz!
![Page 2: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/2.jpg)
Why?
Content, freshness, SEO, networking, design, stability, functionality, performance,
scaling...
![Page 3: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/3.jpg)
Why?
Content, freshness, SEO, networking, design, stability, functionality, performance,
scaling...
...and now security, too?
![Page 4: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/4.jpg)
Why?
...can't we all just get along?
![Page 5: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/5.jpg)
Why?
To leverage your efforts building a thriving community!
![Page 6: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/6.jpg)
Strategy
A little bit of effort, some discipline, and LOTS of common
sense
![Page 7: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/7.jpg)
Basic Security
Pick a hoster wisely
![Page 8: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/8.jpg)
Basic Security
Pick a hoster wisely
Split domain and hosting
![Page 9: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/9.jpg)
Basic Security
Pick a hoster wisely
Split domain and hosting
Back up (and back up again!)
![Page 10: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/10.jpg)
Basic Security
Pick a hoster wisely
Split domain and hosting
Back up (and back up again!)
Keep WP, plugins up-to-date
![Page 11: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/11.jpg)
Basic Security
Pick a hoster wisely
Split domain and hosting
Back up (and back up again!)
Keep WP, plugins up-to-date
Move wp-config.php up/out
![Page 12: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/12.jpg)
Basic Security
Pick a hoster wisely
Split domain and hosting
Back up (and back up again!)
Keep WP, plugins up-to-date
Move wp-config.php up/out
File permissions (755/644)
![Page 13: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/13.jpg)
Basic Security
.htaccess to restrict wp-admin
![Page 14: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/14.jpg)
Basic Security
.htaccess to restrict wp-admin
Regularly check server logs
![Page 15: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/15.jpg)
Basic Security
.htaccess to restrict wp-admin
Regularly check server logs
Post-Logger (vi-logger.php)
![Page 16: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/16.jpg)
Basic Security
.htaccess to restrict wp-admin
Regularly check server logs
Post-Logger (vi-logger.php)
DB table prefix: not “wp_”
![Page 17: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/17.jpg)
Basic Security
.htaccess to restrict wp-admin
Regularly check server logs
Post-Logger (vi-logger.php)
DB table prefix: not “wp_”
No user “admin”
![Page 18: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/18.jpg)
Basic Security
.htaccess to restrict wp-admin
Regularly check server logs
Post-Logger (vi-logger.php)
DB table prefix: not “wp_”
No user “admin”
Use strong passwords!
![Page 19: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/19.jpg)
Plugins to consider:
Akismet
![Page 20: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/20.jpg)
Plugins to consider:
Akismet
Bad Behavior
![Page 21: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/21.jpg)
Plugins to consider:
Akismet
Bad Behavior
http:BL (Project Honey Pot)
![Page 22: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/22.jpg)
Plugins to consider:
Akismet
Bad Behavior
http:BL (Project Honey Pot)
WP Security Scan
![Page 23: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/23.jpg)
Plugins to consider:
Akismet
Bad Behavior
http:BL (Project Honey Pot)
WP Security Scan
AntiVirus
![Page 24: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/24.jpg)
Plugins to consider:
Akismet
Bad Behavior
http:BL (Project Honey Pot)
WP Security Scan
AntiVirus
...but don't go wild on plugins!
![Page 25: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/25.jpg)
Also...
Check on your back-ups! (Do they really work?)
![Page 26: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/26.jpg)
Also...
Check on your back-ups! (Do they really work?)
Check on your DB (e.g. drop old tables, optimize... Clean Options plugin)
![Page 27: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/27.jpg)
Also...
Check on your back-ups! (Do they really work?)
Check on your DB (e.g. drop old tables, optimize...)
Security audits (e.g. Acunetix)
![Page 28: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/28.jpg)
Also...
Check on your back-ups! (Do they really work?)
Check on your DB (e.g. drop old tables, optimize...)
Security audits (e.g. Acunetix)
Your own computer
![Page 29: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/29.jpg)
Also...
Check on your back-ups! (Do they really work?)
Check on your DB (e.g. drop old tables, optimize...)
Security audits (e.g. Acunetix)
Your own computer
Use a staging server to test
![Page 30: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/30.jpg)
Also...
Check on your back-ups! (Do they really work?)
Check on your DB (e.g. drop old tables, optimize...)
Security audits (e.g. Acunetix)
Your own computer
Use a staging server to test
External (e.g. CloudFlare)
![Page 31: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/31.jpg)
And finally...
Support developers and designers!
![Page 32: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/32.jpg)
Questions?
![Page 33: WordPress Security Blitz](https://reader033.fdocuments.in/reader033/viewer/2022052622/559403481a28abae458b4703/html5/thumbnails/33.jpg)
Contact information
Álvaro Degives-Más:Alvaro at
RenoLanguages.com