SlideShare ist ein Scribd-Unternehmen logo

Backing up WordPress & Basic Security presented at WordCamp Atlanta, 2013.

Carel Bekker
Carel Bekker

Backing up WordPress & Basic Security presented at WordCamp Atlanta, 2013. Security myths, 3 ways to backup WordPress, and numerous security tips, including some plugins.

Technologie
1 von 22
Downloaden Sie, um offline zu lesen
BACKING UP WORDPRESS & BASIC SECURITY Carel Bekker - @ClickHOST & @carelbekker Saturday, March 16, 13
Who is this guy? • From South Africa • In US since 1998 • 25+ years in technology • Owner of ClickHOST.com • Loves my wife, 3 children, technology, reading, travel and occasional round of golf. • linkedin.com/in/cbekker Carel Bekker - @ClickHOST 2 Saturday, March 16, 13
If only... Carel Bekker - @ClickHOST 3 Saturday, March 16, 13
What will we cover? “I’m going to show your where the windows and doors are on your WordPress house and how to lock them!” • Basics needed to protect your WordPress website or blog • Very little technical skills are needed • Some definitions • Resource list • Security Myths •3 ways to Backup WordPress •3 security tips that will safe your life, ok, at least your website Carel Bekker - @ClickHOST 4 Saturday, March 16, 13
What is malware? • Malware = malicious software. • Anything loaded onto your website (or computer) that you didn’t authorize. • Malware, short for malicious (or malevolent) software, is software used or created by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software. - wikipedia.org Carel Bekker - @ClickHOST 5 Saturday, March 16, 13
Other definitions • SQL Injections: Entering SQL statements into form fields. • Cross-site contamination: WordPress sites infecting sites in the same hosting account. • Phishing or Spoofing: Email or website that looks like the real thing • Social engineering, e.g., Wired reporter story Carel Bekker - @ClickHOST 6 Saturday, March 16, 13
Security Myths • #1: Who would want to hack my website • #2: I will see when my website is hacked • #3: My website is 100% secure • #4: My hosting provider will have a backup for me • #5: I use strong passwords -- I’m ok Carel Bekker - @ClickHOST 7 Saturday, March 16, 13
Backing up WordPress Carel Bekker - @ClickHOST 8 Saturday, March 16, 13
Backup Basics • What is a backup? • Reliable recent copy of your website. • Should be easy to restore from your backup. • Why should I backup? • Bad things happen, especially in the WWW = wild, wild west. • How often & when should I backup? • Before any major updates to your website • Before updating WordPress, plugins or themes • Daily, Weekly, Monthly. • 1-2 different backup copies. Carel Bekker - @ClickHOST 9 Saturday, March 16, 13
Use a WordPress plugin • Installa plugin to backup your WordPress website. • Most offer option to backup to: hosting account, cloud, local or email the backup. • Numerous FREE WordPress backup plugins: • One-click installers like Softaculous • BackWPup (free and pro versions) • WordPress Backup to Dropbox • or Paid plugins: • BackupBuddy ($$$) • VaultPress ($$) Carel Bekker - @ClickHOST 10 Saturday, March 16, 13
DIY Backups • Use tools provided by hosting company • cPanel most common control panel • Select the Database to download. • Only backup the database. • Backup will be downloaded to your local directory. • You can then upload the database to restore your WordPress website. • Paid services: CodeGuard, SiteAutoBackup, Carel Bekker - @ClickHOST 11 Saturday, March 16, 13
Ask your hosting provider • This is not specific to WordPress. • Some hosting providers provide automatic backups • Full account backups • Some offer free restore services • Others charge a fee to restore a from a backup • Ask your hosting provider to setup a backup schedule • Don’t keep too many backups in your hosting account • Download to your local machine Carel Bekker - @ClickHOST 12 Saturday, March 16, 13
Top Tips to Secure WordPress Carel Bekker - @ClickHOST 13 Saturday, March 16, 13
Don’t use ADMIN • Don’t use admin as your username. • This is the default when installing • Almost as bad as using password for your password :) • How to fix this! • Create a new administrator user. • Log out, then log in as the new admin user. • Delete the old “admin” user. Carel Bekker - @ClickHOST 14 Saturday, March 16, 13
Update! Update! • New versions/updates include security fixes and new functionality. • Always keep your WordPress installation current! • Keep your plugins updated. • Try to keep your theme current too, however be careful and only upgrade if you are sure that a child theme was used. • Make a backup BEFORE you update WordPress, plugins or themes. Carel Bekker - @ClickHOST 15 Saturday, March 16, 13
Passwords • Use strong passwords, not 123456 or Password • Use Pass-phrases, correcthorsebatterystaple • Better yet, use a password manager: • Generate very strong passwords • No need to remember 100’s of password • Easy to use with browser addons. • LastPass.com, 1password.com, RoboForm. Carel Bekker - @ClickHOST 16 Saturday, March 16, 13
Anti-spam techniques • How do I prevent comment spam? Unwanted comments in my blog posts. • Don’t allow comments. • Also to moderate all comments. • Use a comment system plugin: • Disqus • Livefyre • Use Facebook Comment system. • Comment spam control plugins: • Akismet ($5/month) • Growmap Anti Spambot (free) Carel Bekker - @ClickHOST 17 Saturday, March 16, 13
Security plugins • Most include: • One-click hardening • File monitoring • Personal Firewall (IP blocking) • Security plugins: • Sucuri (w/ membership) • WordFence (free and paid) • IPVenger (beta) • Login LockDown Carel Bekker - @ClickHOST 18 Saturday, March 16, 13
Random security tips • Make sure you have anti-virus installed on your computer • Even on a Mac (Sophos) • Email spam filtering • Only download themes, and plugins from trusted sources. • WordPress and reputable theme/plugin sources • Delete unused themes, and plugins! (not just de-activate) • Delete unused WordPress installations. Carel Bekker - @ClickHOST 19 Saturday, March 16, 13
Questions?? Carel Bekker - @ClickHOST 20 Saturday, March 16, 13
Resources • More great WordCamp presentations: • WordPress End-User Security, Dre Armeda • Building secure WordPress sites, Sakin Shrestha • or goto wordpress.tv and search for security • WordPress Codex: http://codex.wordpress.org/WordPress_Backups • WordPress Backup options: http://www.clickhost.com/wordpress-backup/ • Search clickhost.com/blog for WordPress • How to make your WordPress installation Secure • WordPress Security: 5 Steps To Reduce Your Risk • Three sure fire ways to prevent being hacked! Carel Bekker - @ClickHOST 21 Saturday, March 16, 13
Carel Bekker President&Owner carel@clickhost.com Twitter: @clickhost, @carelbekker Tel: 404.220.8110 Friends don’t let friends host on Go Daddy! Carel Bekker - @ClickHOST 22 Saturday, March 16, 13

Empfohlen

WP REST API: Actionable.co
WP REST API: Actionable.coWP REST API: Actionable.co
WP REST API: Actionable.co
Shawn Hooper
 
WordCamp ATL 2017 - Beginner Session - Plugins
WordCamp ATL 2017 - Beginner Session - PluginsWordCamp ATL 2017 - Beginner Session - Plugins
WordCamp ATL 2017 - Beginner Session - Plugins
Mickey Mellen
 
Serverless WordPress using AWS Services - WordCamp Atlanta 2017
Serverless WordPress using AWS Services - WordCamp Atlanta 2017Serverless WordPress using AWS Services - WordCamp Atlanta 2017
Serverless WordPress using AWS Services - WordCamp Atlanta 2017
Carel Bekker
 
WordCamp ATL 2017 - SEO in 2017
WordCamp ATL 2017 - SEO in 2017WordCamp ATL 2017 - SEO in 2017
WordCamp ATL 2017 - SEO in 2017
Mickey Mellen
 
Self hosted WordPress
Self hosted WordPressSelf hosted WordPress
Self hosted WordPress
Carel Bekker
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 

Empfohlen

WP REST API: Actionable.co
WP REST API: Actionable.coWP REST API: Actionable.co
WP REST API: Actionable.co
Shawn Hooper
 
WordCamp ATL 2017 - Beginner Session - Plugins
WordCamp ATL 2017 - Beginner Session - PluginsWordCamp ATL 2017 - Beginner Session - Plugins
WordCamp ATL 2017 - Beginner Session - Plugins
Mickey Mellen
 
Serverless WordPress using AWS Services - WordCamp Atlanta 2017
Serverless WordPress using AWS Services - WordCamp Atlanta 2017Serverless WordPress using AWS Services - WordCamp Atlanta 2017
Serverless WordPress using AWS Services - WordCamp Atlanta 2017
Carel Bekker
 
WordCamp ATL 2017 - SEO in 2017
WordCamp ATL 2017 - SEO in 2017WordCamp ATL 2017 - SEO in 2017
WordCamp ATL 2017 - SEO in 2017
Mickey Mellen
 
Self hosted WordPress
Self hosted WordPressSelf hosted WordPress
Self hosted WordPress
Carel Bekker
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
apidays
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
wesley chun
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
hans926745
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Remote DBA Services
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
Antenna Manufacturer Coco
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 

Weitere ähnliche Inhalte

Kürzlich hochgeladen

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 

Kürzlich hochgeladen (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

Empfohlen

How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Applitools
 

Empfohlen (20)

How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
 
ChatGPT webinar slides
ChatGPT webinar slidesChatGPT webinar slides
ChatGPT webinar slides
 

Backing up WordPress & Basic Security presented at WordCamp Atlanta, 2013.

  • 1. BACKING UP WORDPRESS & BASIC SECURITY Carel Bekker - @ClickHOST & @carelbekker Saturday, March 16, 13
  • 2. Who is this guy? • From South Africa • In US since 1998 • 25+ years in technology • Owner of ClickHOST.com • Loves my wife, 3 children, technology, reading, travel and occasional round of golf. • linkedin.com/in/cbekker Carel Bekker - @ClickHOST 2 Saturday, March 16, 13
  • 3. If only... Carel Bekker - @ClickHOST 3 Saturday, March 16, 13
  • 4. What will we cover? “I’m going to show your where the windows and doors are on your WordPress house and how to lock them!” • Basics needed to protect your WordPress website or blog • Very little technical skills are needed • Some definitions • Resource list • Security Myths •3 ways to Backup WordPress •3 security tips that will safe your life, ok, at least your website Carel Bekker - @ClickHOST 4 Saturday, March 16, 13
  • 5. What is malware? • Malware = malicious software. • Anything loaded onto your website (or computer) that you didn’t authorize. • Malware, short for malicious (or malevolent) software, is software used or created by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software. - wikipedia.org Carel Bekker - @ClickHOST 5 Saturday, March 16, 13
  • 6. Other definitions • SQL Injections: Entering SQL statements into form fields. • Cross-site contamination: WordPress sites infecting sites in the same hosting account. • Phishing or Spoofing: Email or website that looks like the real thing • Social engineering, e.g., Wired reporter story Carel Bekker - @ClickHOST 6 Saturday, March 16, 13
  • 7. Security Myths • #1: Who would want to hack my website • #2: I will see when my website is hacked • #3: My website is 100% secure • #4: My hosting provider will have a backup for me • #5: I use strong passwords -- I’m ok Carel Bekker - @ClickHOST 7 Saturday, March 16, 13
  • 8. Backing up WordPress Carel Bekker - @ClickHOST 8 Saturday, March 16, 13
  • 9. Backup Basics • What is a backup? • Reliable recent copy of your website. • Should be easy to restore from your backup. • Why should I backup? • Bad things happen, especially in the WWW = wild, wild west. • How often & when should I backup? • Before any major updates to your website • Before updating WordPress, plugins or themes • Daily, Weekly, Monthly. • 1-2 different backup copies. Carel Bekker - @ClickHOST 9 Saturday, March 16, 13
  • 10. Use a WordPress plugin • Installa plugin to backup your WordPress website. • Most offer option to backup to: hosting account, cloud, local or email the backup. • Numerous FREE WordPress backup plugins: • One-click installers like Softaculous • BackWPup (free and pro versions) • WordPress Backup to Dropbox • or Paid plugins: • BackupBuddy ($$$) • VaultPress ($$) Carel Bekker - @ClickHOST 10 Saturday, March 16, 13
  • 11. DIY Backups • Use tools provided by hosting company • cPanel most common control panel • Select the Database to download. • Only backup the database. • Backup will be downloaded to your local directory. • You can then upload the database to restore your WordPress website. • Paid services: CodeGuard, SiteAutoBackup, Carel Bekker - @ClickHOST 11 Saturday, March 16, 13
  • 12. Ask your hosting provider • This is not specific to WordPress. • Some hosting providers provide automatic backups • Full account backups • Some offer free restore services • Others charge a fee to restore a from a backup • Ask your hosting provider to setup a backup schedule • Don’t keep too many backups in your hosting account • Download to your local machine Carel Bekker - @ClickHOST 12 Saturday, March 16, 13
  • 13. Top Tips to Secure WordPress Carel Bekker - @ClickHOST 13 Saturday, March 16, 13
  • 14. Don’t use ADMIN • Don’t use admin as your username. • This is the default when installing • Almost as bad as using password for your password :) • How to fix this! • Create a new administrator user. • Log out, then log in as the new admin user. • Delete the old “admin” user. Carel Bekker - @ClickHOST 14 Saturday, March 16, 13
  • 15. Update! Update! • New versions/updates include security fixes and new functionality. • Always keep your WordPress installation current! • Keep your plugins updated. • Try to keep your theme current too, however be careful and only upgrade if you are sure that a child theme was used. • Make a backup BEFORE you update WordPress, plugins or themes. Carel Bekker - @ClickHOST 15 Saturday, March 16, 13
  • 16. Passwords • Use strong passwords, not 123456 or Password • Use Pass-phrases, correcthorsebatterystaple • Better yet, use a password manager: • Generate very strong passwords • No need to remember 100’s of password • Easy to use with browser addons. • LastPass.com, 1password.com, RoboForm. Carel Bekker - @ClickHOST 16 Saturday, March 16, 13
  • 17. Anti-spam techniques • How do I prevent comment spam? Unwanted comments in my blog posts. • Don’t allow comments. • Also to moderate all comments. • Use a comment system plugin: • Disqus • Livefyre • Use Facebook Comment system. • Comment spam control plugins: • Akismet ($5/month) • Growmap Anti Spambot (free) Carel Bekker - @ClickHOST 17 Saturday, March 16, 13
  • 18. Security plugins • Most include: • One-click hardening • File monitoring • Personal Firewall (IP blocking) • Security plugins: • Sucuri (w/ membership) • WordFence (free and paid) • IPVenger (beta) • Login LockDown Carel Bekker - @ClickHOST 18 Saturday, March 16, 13
  • 19. Random security tips • Make sure you have anti-virus installed on your computer • Even on a Mac (Sophos) • Email spam filtering • Only download themes, and plugins from trusted sources. • WordPress and reputable theme/plugin sources • Delete unused themes, and plugins! (not just de-activate) • Delete unused WordPress installations. Carel Bekker - @ClickHOST 19 Saturday, March 16, 13
  • 20. Questions?? Carel Bekker - @ClickHOST 20 Saturday, March 16, 13
  • 21. Resources • More great WordCamp presentations: • WordPress End-User Security, Dre Armeda • Building secure WordPress sites, Sakin Shrestha • or goto wordpress.tv and search for security • WordPress Codex: http://codex.wordpress.org/WordPress_Backups • WordPress Backup options: http://www.clickhost.com/wordpress-backup/ • Search clickhost.com/blog for WordPress • How to make your WordPress installation Secure • WordPress Security: 5 Steps To Reduce Your Risk • Three sure fire ways to prevent being hacked! Carel Bekker - @ClickHOST 21 Saturday, March 16, 13
  • 22. Carel Bekker President&Owner carel@clickhost.com Twitter: @clickhost, @carelbekker Tel: 404.220.8110 Friends don’t let friends host on Go Daddy! Carel Bekker - @ClickHOST 22 Saturday, March 16, 13