SlideShare ist ein Scribd-Unternehmen logo

Hardening WordPress - Friends of Search 2014 (WordPress Security)

Bastian Grimm
Bastian Grimm

My talk at "Friends of Search 2014" in Amsterdam covering the most important security fixes & tweaks for WordPress blogs.

Technologie
1 von 29
FRIENDS OF SEARCH HARDENING WORDPRESS VARIOUS TWEAKS FOR BETTER WP SECURITY
WHAT REALLY MATTERS: TOP 3! IF YOU HAVE 5 MINS TO SPARE, JUST DO THESE…
#1 Update your blogs regularly! http://wordpress.org/extend/plugins/wp-updates-notifier/
Change update behavior… Be sure to REALLY know what you’re doing there…! # Disables ALL core updates: define('WP_AUTO_UPDATE_CORE', false); # Enables all core updates, including minor and majors: define('WP_AUTO_UPDATE_CORE', true); # Default: Enables core updates for minor releases: define('WP_AUTO_UPDATE_CORE', 'minor'); Want something more fine-grained? Check AUTO_UPDATE_$TYPE filter (e.g. auto_update_plugin, auto_update_theme, etc.) which is used for specific updates. http://github.com/georgestephanis/update-control/
WWW.INFINITEWP.COM
WWW.MANAGEWP.COM
#2 Get rid of stuff you don’t use! Remove all inactive plug-ins as well as themes!
#3 Backup Database & Files, often! http://wordpress.org/extend/plugins/backwpup/
SECURITY STARTS AT SETUP MAKE THINGS RIGHT FROM THE BEGINNING…!
#4 Setup WordPress properly Use unique keys and salts to add random elements for encryption! Use a cryptic prefix to prevent automated scripts and SQL injections. $table_prefix = ‘wp_VzQCxSJv7uL_ ‘; https://api.wordpress.org/secret-key/1.1/salt/
#5 Protect your wp-config.php <files wp-config.php> order deny,allow deny from all </files> This needs to go into your WP roots’ .htaccess file to prevent external access Even better… move wpconfig.php outside of „www“. Also do chmod 400/440
#6 Remove the default „admin“ Setup new user as admin; logout. Login w/ new admin; delete old one. Make sure to use a STRONG password, pleeaaasssseeee! http://www.random.org/passwords/
#7 Protect your Login (and wp-admin) Recommended: Try the “Lockdown WP Admin” plug-in to protect PHP files in wpadmin as well as the login itself. Don’t just put an .htaccess for basic passwd. protection. It’s a lot of pain… http://wordpress.org/extend/plugins/lockdown-wp-admin/
#8 Lock-out multiple failed logins Limit Login Attempts http://wordpress.org/extend/plugins/limit-login-attempts/
#9 Even better: Two-factor Verification Info: http://gdig.de/1t - Download: http://gdig.de/1u
#9 Even better: Two-factor Verification Google Authenticator http://wordpress.org/plugins/google-authenticator/
#9 Even better: Two-factor Verification Provide your login credentials and get auth-code from your mobile phones‘ G-Auth-App.
WWW.DUOSECURITY.COM
WWW.DUOSECURITY.COM
WWW.GETCLEF.COM
#10 Block malicious URL requests domain.com/?q=%2e%2e or domain.com/path/base64_ will return HTTP 403 (Forbidden). http://wordpress.org/plugins/block-bad-queries/
ADDITIONAL TWEAKS THINGS YOU COULD DO IN YOUR CONFIG AS WELL…
#11 SSL Logins & Administration define('FORCE_SSL_LOGIN', true); Set FORCE_SSL_LOGIN to “true” to force all logins to happen over SSL. (still allows non-SSL admin sessions) define('FORCE_SSL_ADMIN', true); Use FORCE_SSL_ADMIN to force all logins and all admin sessions to happen over SSL (can be slow…)
#12 Move the “wp-content” folder define('WP_CONTENT_DIR', $_SERVER['DOCUMENT_ROOT'].'/blog/my-wp-content'); WP_CONTENT_DIR points to “new” the full local path (no trailing slash) define('WP_CONTENT_URL', 'http://domain.com/blog/my-wp-content'); WP_CONTENT_URL points to “new” full URI (no trailing slash either)
#13 Disable File Editing define('DISALLOW_FILE_EDIT', true); Set DISALLOW_FILE_EDIT to “true” to disable editing files from dashboard. By default, admins are allowed to edit PHP files. Setting the above is equivalent to removing the 'edit_themes', 'edit_plugins' and 'edit_files' capabilities of all users.
#14 Fix File & Folder Permissions WP-Security Scan Very important: chmod your wp-config.php to be read-only! http://wordpress.org/extend/plugins/wp-security-scan/
WORDPRESS.ORG/PLUGINS/WORDFENCE/
WORDPRESS.ORG/PLUGINS/BETTER-WP-SECURITY/
@basgr SEO Trainings, Seminars & Strategy Consulting Berlin-based Full-Service Performance Marketing Agency WordPress Security, Consulting & Development www.bg.vu/fos14

Empfohlen

Technical SEO: Crawl Space Management - SEOZone Istanbul 2014
Technical SEO: Crawl Space Management - SEOZone Istanbul 2014Technical SEO: Crawl Space Management - SEOZone Istanbul 2014
Technical SEO: Crawl Space Management - SEOZone Istanbul 2014Bastian Grimm
 
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)Hardening WordPress - SAScon Manchester 2013 (WordPress Security)
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)Bastian Grimm
 
40 WordPress Tips: Security, Engagement, SEO & Performance - SMX Sydney 2013
40 WordPress Tips: Security, Engagement, SEO & Performance - SMX Sydney 201340 WordPress Tips: Security, Engagement, SEO & Performance - SMX Sydney 2013
40 WordPress Tips: Security, Engagement, SEO & Performance - SMX Sydney 2013Bastian Grimm
 
SEO Tools of the Trade - Barcelona Affiliate Conference 2014
SEO Tools of the Trade - Barcelona Affiliate Conference 2014SEO Tools of the Trade - Barcelona Affiliate Conference 2014
SEO Tools of the Trade - Barcelona Affiliate Conference 2014Bastian Grimm
 
On-Page SEO EXTREME - SEOZone Istanbul 2013
On-Page SEO EXTREME - SEOZone Istanbul 2013On-Page SEO EXTREME - SEOZone Istanbul 2013
On-Page SEO EXTREME - SEOZone Istanbul 2013Bastian Grimm
 
Seozone - 5 tips
Seozone - 5 tips Seozone - 5 tips
Seozone - 5 tips Anna Morrison
 
What's in my SEO Toolbox: Linkbuilding Edition - SMX Milan 2014
What's in my SEO Toolbox: Linkbuilding Edition - SMX Milan 2014What's in my SEO Toolbox: Linkbuilding Edition - SMX Milan 2014
What's in my SEO Toolbox: Linkbuilding Edition - SMX Milan 2014Bastian Grimm
 
Structured Data & Schema.org - SMX Milan 2014
Structured Data & Schema.org - SMX Milan 2014Structured Data & Schema.org - SMX Milan 2014
Structured Data & Schema.org - SMX Milan 2014Bastian Grimm
 

Empfohlen

Technical SEO: Crawl Space Management - SEOZone Istanbul 2014
Technical SEO: Crawl Space Management - SEOZone Istanbul 2014Technical SEO: Crawl Space Management - SEOZone Istanbul 2014
Technical SEO: Crawl Space Management - SEOZone Istanbul 2014Bastian Grimm
 
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)Hardening WordPress - SAScon Manchester 2013 (WordPress Security)
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)Bastian Grimm
 
40 WordPress Tips: Security, Engagement, SEO & Performance - SMX Sydney 2013
40 WordPress Tips: Security, Engagement, SEO & Performance - SMX Sydney 201340 WordPress Tips: Security, Engagement, SEO & Performance - SMX Sydney 2013
40 WordPress Tips: Security, Engagement, SEO & Performance - SMX Sydney 2013Bastian Grimm
 
SEO Tools of the Trade - Barcelona Affiliate Conference 2014
SEO Tools of the Trade - Barcelona Affiliate Conference 2014SEO Tools of the Trade - Barcelona Affiliate Conference 2014
SEO Tools of the Trade - Barcelona Affiliate Conference 2014Bastian Grimm
 
On-Page SEO EXTREME - SEOZone Istanbul 2013
On-Page SEO EXTREME - SEOZone Istanbul 2013On-Page SEO EXTREME - SEOZone Istanbul 2013
On-Page SEO EXTREME - SEOZone Istanbul 2013Bastian Grimm
 
Seozone - 5 tips
Seozone - 5 tips Seozone - 5 tips
Seozone - 5 tips Anna Morrison
 
What's in my SEO Toolbox: Linkbuilding Edition - SMX Milan 2014
What's in my SEO Toolbox: Linkbuilding Edition - SMX Milan 2014What's in my SEO Toolbox: Linkbuilding Edition - SMX Milan 2014
What's in my SEO Toolbox: Linkbuilding Edition - SMX Milan 2014Bastian Grimm
 
Structured Data & Schema.org - SMX Milan 2014
Structured Data & Schema.org - SMX Milan 2014Structured Data & Schema.org - SMX Milan 2014
Structured Data & Schema.org - SMX Milan 2014Bastian Grimm
 
10 Tips to make your Website lightning-fast - SMX Stockholm 2012
10 Tips to make your Website lightning-fast - SMX Stockholm 201210 Tips to make your Website lightning-fast - SMX Stockholm 2012
10 Tips to make your Website lightning-fast - SMX Stockholm 2012Bastian Grimm
 
The Need for Speed (5 Performance Optimization Tipps) - brightonSEO 2014
The Need for Speed (5 Performance Optimization Tipps) - brightonSEO 2014The Need for Speed (5 Performance Optimization Tipps) - brightonSEO 2014
The Need for Speed (5 Performance Optimization Tipps) - brightonSEO 2014Bastian Grimm
 
International Site Speed Tweaks - ISS 2017 Barcelona
International Site Speed Tweaks - ISS 2017 BarcelonaInternational Site Speed Tweaks - ISS 2017 Barcelona
International Site Speed Tweaks - ISS 2017 BarcelonaBastian Grimm
 
SEO Social Blog: Wordpress SEO with Joost de Valk
SEO Social Blog: Wordpress SEO with Joost de ValkSEO Social Blog: Wordpress SEO with Joost de Valk
SEO Social Blog: Wordpress SEO with Joost de ValkSEO Social Blog
 
Your WordPress Website Is/Not Hacked
Your WordPress Website Is/Not HackedYour WordPress Website Is/Not Hacked
Your WordPress Website Is/Not HackedAngela Bowman
 
Your WordPress Site is and is not Hacked - You don't know until you check
Your WordPress Site is and is not Hacked - You don't know until you checkYour WordPress Site is and is not Hacked - You don't know until you check
Your WordPress Site is and is not Hacked - You don't know until you checkAngela Bowman
 
Plugins at WordCamp Phoenix
Plugins at WordCamp PhoenixPlugins at WordCamp Phoenix
Plugins at WordCamp PhoenixAndrew Ryno
 
Really Awesome WordPress Plugins You Should Know About
Really Awesome WordPress Plugins You Should Know AboutReally Awesome WordPress Plugins You Should Know About
Really Awesome WordPress Plugins You Should Know AboutAngela Bowman
 
CONSEJOS PARA OPTIMIZAR EL BLOG
CONSEJOS PARA OPTIMIZAR EL BLOGCONSEJOS PARA OPTIMIZAR EL BLOG
CONSEJOS PARA OPTIMIZAR EL BLOGlomasbuscadoengoogle
 
SEO Tips For Bloggers
SEO Tips For BloggersSEO Tips For Bloggers
SEO Tips For Bloggersguest3c5779
 
Matt
MattMatt
Mattamitagarwal
 
Whitehat Seo Tips For Bloggers
Whitehat Seo Tips For BloggersWhitehat Seo Tips For Bloggers
Whitehat Seo Tips For BloggersClaudio Juliana
 
Whitehat seo tips for bloggers
Whitehat seo tips for bloggersWhitehat seo tips for bloggers
Whitehat seo tips for bloggersimarketingtrends
 
Make your website load really really fast - seo campus 2017
Make your website load really really fast - seo campus 2017Make your website load really really fast - seo campus 2017
Make your website load really really fast - seo campus 2017SEO Camp Association
 
How I learned to stop worrying and love the .htaccess file
How I learned to stop worrying and love the .htaccess fileHow I learned to stop worrying and love the .htaccess file
How I learned to stop worrying and love the .htaccess fileRoxana Stingu
 
Don't sh** in the Pool
Don't sh** in the PoolDon't sh** in the Pool
Don't sh** in the PoolChris Jean
 
SMX Advanced 2018 SEO for Javascript Frameworks by Patrick Stox
SMX Advanced 2018 SEO for Javascript Frameworks by Patrick StoxSMX Advanced 2018 SEO for Javascript Frameworks by Patrick Stox
SMX Advanced 2018 SEO for Javascript Frameworks by Patrick Stoxpatrickstox
 
Joomla wireframing Template - Joomladay Netherlands 2014 #jd14nl
Joomla wireframing Template - Joomladay Netherlands 2014 #jd14nlJoomla wireframing Template - Joomladay Netherlands 2014 #jd14nl
Joomla wireframing Template - Joomladay Netherlands 2014 #jd14nlPhilip Locke
 
Joost's Wordpress Affiliate Session @ LAC 2010
Joost's Wordpress Affiliate Session @ LAC 2010Joost's Wordpress Affiliate Session @ LAC 2010
Joost's Wordpress Affiliate Session @ LAC 2010a4u
 
Prebrowsing - Velocity NY 2013
Prebrowsing - Velocity NY 2013Prebrowsing - Velocity NY 2013
Prebrowsing - Velocity NY 2013Steve Souders
 
Ne explanation of the last tenth of the quran
Ne explanation of the last tenth of the quranNe explanation of the last tenth of the quran
Ne explanation of the last tenth of the quranLoveofpeople
 
Tekijänoikeusaineistot luokittelutavan valinta
Tekijänoikeusaineistot luokittelutavan valintaTekijänoikeusaineistot luokittelutavan valinta
Tekijänoikeusaineistot luokittelutavan valintaSanna Brauer
 

Weitere ähnliche Inhalte

Was ist angesagt?

10 Tips to make your Website lightning-fast - SMX Stockholm 2012
10 Tips to make your Website lightning-fast - SMX Stockholm 201210 Tips to make your Website lightning-fast - SMX Stockholm 2012
10 Tips to make your Website lightning-fast - SMX Stockholm 2012Bastian Grimm
 
The Need for Speed (5 Performance Optimization Tipps) - brightonSEO 2014
The Need for Speed (5 Performance Optimization Tipps) - brightonSEO 2014The Need for Speed (5 Performance Optimization Tipps) - brightonSEO 2014
The Need for Speed (5 Performance Optimization Tipps) - brightonSEO 2014Bastian Grimm
 
International Site Speed Tweaks - ISS 2017 Barcelona
International Site Speed Tweaks - ISS 2017 BarcelonaInternational Site Speed Tweaks - ISS 2017 Barcelona
International Site Speed Tweaks - ISS 2017 BarcelonaBastian Grimm
 
SEO Social Blog: Wordpress SEO with Joost de Valk
SEO Social Blog: Wordpress SEO with Joost de ValkSEO Social Blog: Wordpress SEO with Joost de Valk
SEO Social Blog: Wordpress SEO with Joost de ValkSEO Social Blog
 
Your WordPress Website Is/Not Hacked
Your WordPress Website Is/Not HackedYour WordPress Website Is/Not Hacked
Your WordPress Website Is/Not HackedAngela Bowman
 
Your WordPress Site is and is not Hacked - You don't know until you check
Your WordPress Site is and is not Hacked - You don't know until you checkYour WordPress Site is and is not Hacked - You don't know until you check
Your WordPress Site is and is not Hacked - You don't know until you checkAngela Bowman
 
Plugins at WordCamp Phoenix
Plugins at WordCamp PhoenixPlugins at WordCamp Phoenix
Plugins at WordCamp PhoenixAndrew Ryno
 
Really Awesome WordPress Plugins You Should Know About
Really Awesome WordPress Plugins You Should Know AboutReally Awesome WordPress Plugins You Should Know About
Really Awesome WordPress Plugins You Should Know AboutAngela Bowman
 
SEO Tips For Bloggers
SEO Tips For BloggersSEO Tips For Bloggers
SEO Tips For Bloggersguest3c5779
 
Whitehat Seo Tips For Bloggers
Whitehat Seo Tips For BloggersWhitehat Seo Tips For Bloggers
Whitehat Seo Tips For BloggersClaudio Juliana
 
Whitehat seo tips for bloggers
Whitehat seo tips for bloggersWhitehat seo tips for bloggers
Whitehat seo tips for bloggersimarketingtrends
 
Make your website load really really fast - seo campus 2017
Make your website load really really fast - seo campus 2017Make your website load really really fast - seo campus 2017
Make your website load really really fast - seo campus 2017SEO Camp Association
 
How I learned to stop worrying and love the .htaccess file
How I learned to stop worrying and love the .htaccess fileHow I learned to stop worrying and love the .htaccess file
How I learned to stop worrying and love the .htaccess fileRoxana Stingu
 
Don't sh** in the Pool
Don't sh** in the PoolDon't sh** in the Pool
Don't sh** in the PoolChris Jean
 
SMX Advanced 2018 SEO for Javascript Frameworks by Patrick Stox
SMX Advanced 2018 SEO for Javascript Frameworks by Patrick StoxSMX Advanced 2018 SEO for Javascript Frameworks by Patrick Stox
SMX Advanced 2018 SEO for Javascript Frameworks by Patrick Stoxpatrickstox
 
Joomla wireframing Template - Joomladay Netherlands 2014 #jd14nl
Joomla wireframing Template - Joomladay Netherlands 2014 #jd14nlJoomla wireframing Template - Joomladay Netherlands 2014 #jd14nl
Joomla wireframing Template - Joomladay Netherlands 2014 #jd14nlPhilip Locke
 
Joost's Wordpress Affiliate Session @ LAC 2010
Joost's Wordpress Affiliate Session @ LAC 2010Joost's Wordpress Affiliate Session @ LAC 2010
Joost's Wordpress Affiliate Session @ LAC 2010a4u
 
Prebrowsing - Velocity NY 2013
Prebrowsing - Velocity NY 2013Prebrowsing - Velocity NY 2013
Prebrowsing - Velocity NY 2013Steve Souders
 

Was ist angesagt? (20)

10 Tips to make your Website lightning-fast - SMX Stockholm 2012
10 Tips to make your Website lightning-fast - SMX Stockholm 201210 Tips to make your Website lightning-fast - SMX Stockholm 2012
10 Tips to make your Website lightning-fast - SMX Stockholm 2012
 
The Need for Speed (5 Performance Optimization Tipps) - brightonSEO 2014
The Need for Speed (5 Performance Optimization Tipps) - brightonSEO 2014The Need for Speed (5 Performance Optimization Tipps) - brightonSEO 2014
The Need for Speed (5 Performance Optimization Tipps) - brightonSEO 2014
 
International Site Speed Tweaks - ISS 2017 Barcelona
International Site Speed Tweaks - ISS 2017 BarcelonaInternational Site Speed Tweaks - ISS 2017 Barcelona
International Site Speed Tweaks - ISS 2017 Barcelona
 
SEO Social Blog: Wordpress SEO with Joost de Valk
SEO Social Blog: Wordpress SEO with Joost de ValkSEO Social Blog: Wordpress SEO with Joost de Valk
SEO Social Blog: Wordpress SEO with Joost de Valk
 
Your WordPress Website Is/Not Hacked
Your WordPress Website Is/Not HackedYour WordPress Website Is/Not Hacked
Your WordPress Website Is/Not Hacked
 
Your WordPress Site is and is not Hacked - You don't know until you check
Your WordPress Site is and is not Hacked - You don't know until you checkYour WordPress Site is and is not Hacked - You don't know until you check
Your WordPress Site is and is not Hacked - You don't know until you check
 
Plugins at WordCamp Phoenix
Plugins at WordCamp PhoenixPlugins at WordCamp Phoenix
Plugins at WordCamp Phoenix
 
Really Awesome WordPress Plugins You Should Know About
Really Awesome WordPress Plugins You Should Know AboutReally Awesome WordPress Plugins You Should Know About
Really Awesome WordPress Plugins You Should Know About
 
CONSEJOS PARA OPTIMIZAR EL BLOG
CONSEJOS PARA OPTIMIZAR EL BLOGCONSEJOS PARA OPTIMIZAR EL BLOG
CONSEJOS PARA OPTIMIZAR EL BLOG
 
SEO Tips For Bloggers
SEO Tips For BloggersSEO Tips For Bloggers
SEO Tips For Bloggers
 
Matt
MattMatt
Matt
 
Whitehat Seo Tips For Bloggers
Whitehat Seo Tips For BloggersWhitehat Seo Tips For Bloggers
Whitehat Seo Tips For Bloggers
 
Whitehat seo tips for bloggers
Whitehat seo tips for bloggersWhitehat seo tips for bloggers
Whitehat seo tips for bloggers
 
Make your website load really really fast - seo campus 2017
Make your website load really really fast - seo campus 2017Make your website load really really fast - seo campus 2017
Make your website load really really fast - seo campus 2017
 
How I learned to stop worrying and love the .htaccess file
How I learned to stop worrying and love the .htaccess fileHow I learned to stop worrying and love the .htaccess file
How I learned to stop worrying and love the .htaccess file
 
Don't sh** in the Pool
Don't sh** in the PoolDon't sh** in the Pool
Don't sh** in the Pool
 
SMX Advanced 2018 SEO for Javascript Frameworks by Patrick Stox
SMX Advanced 2018 SEO for Javascript Frameworks by Patrick StoxSMX Advanced 2018 SEO for Javascript Frameworks by Patrick Stox
SMX Advanced 2018 SEO for Javascript Frameworks by Patrick Stox
 
Joomla wireframing Template - Joomladay Netherlands 2014 #jd14nl
Joomla wireframing Template - Joomladay Netherlands 2014 #jd14nlJoomla wireframing Template - Joomladay Netherlands 2014 #jd14nl
Joomla wireframing Template - Joomladay Netherlands 2014 #jd14nl
 
Joost's Wordpress Affiliate Session @ LAC 2010
Joost's Wordpress Affiliate Session @ LAC 2010Joost's Wordpress Affiliate Session @ LAC 2010
Joost's Wordpress Affiliate Session @ LAC 2010
 
Prebrowsing - Velocity NY 2013
Prebrowsing - Velocity NY 2013Prebrowsing - Velocity NY 2013
Prebrowsing - Velocity NY 2013
 

Andere mochten auch

Ne explanation of the last tenth of the quran
Ne explanation of the last tenth of the quranNe explanation of the last tenth of the quran
Ne explanation of the last tenth of the quranLoveofpeople
 
Tekijänoikeusaineistot luokittelutavan valinta
Tekijänoikeusaineistot luokittelutavan valintaTekijänoikeusaineistot luokittelutavan valinta
Tekijänoikeusaineistot luokittelutavan valintaSanna Brauer
 
Internationalizing Ubuntu apps
Internationalizing Ubuntu appsInternationalizing Ubuntu apps
Internationalizing Ubuntu appsDavid Planella
 
Rasmus Lassen, Byggechef i Københavns Ejendomme
Rasmus Lassen, Byggechef i Københavns EjendommeRasmus Lassen, Byggechef i Københavns Ejendomme
Rasmus Lassen, Byggechef i Københavns EjendommeMikkel Rohde Madsen
 
Ciencias del Deporte
Ciencias del Deporte Ciencias del Deporte
Ciencias del Deporte Erika_Bello
 
Generalsekretærfrokost 23.05.16
Generalsekretærfrokost 23.05.16Generalsekretærfrokost 23.05.16
Generalsekretærfrokost 23.05.16Frivillighet Norge
 
BIM ir SOLIDWORKS
BIM ir SOLIDWORKSBIM ir SOLIDWORKS
BIM ir SOLIDWORKSIN RE UAB
 
“Η Logo στην εκπαίδευση: Μια κοινότητα πρακτικής και μάθησης” - i2fest 2015
“Η Logo στην εκπαίδευση: Μια κοινότητα πρακτικής και μάθησης” - i2fest 2015“Η Logo στην εκπαίδευση: Μια κοινότητα πρακτικής και μάθησης” - i2fest 2015
“Η Logo στην εκπαίδευση: Μια κοινότητα πρακτικής και μάθησης” - i2fest 2015Katerina Glezou
 
SOLIDWORKS Plastics LT
SOLIDWORKS Plastics LTSOLIDWORKS Plastics LT
SOLIDWORKS Plastics LTIN RE UAB
 
Agep welcome leipzig
Agep welcome leipzigAgep welcome leipzig
Agep welcome leipzigbfnd
 
history of cinema powerpoint in Malayalam
history of cinema powerpoint in Malayalamhistory of cinema powerpoint in Malayalam
history of cinema powerpoint in MalayalamAndur Sahadevan
 
KM-Report may-2015
KM-Report may-2015KM-Report may-2015
KM-Report may-2015Mobidays
 
Motivarea si evaluarea angajaților
Motivarea si evaluarea angajațilorMotivarea si evaluarea angajaților
Motivarea si evaluarea angajațilorOdooRomania
 
Content marketing: Sjarlatan eller superhelt?
Content marketing: Sjarlatan eller superhelt?Content marketing: Sjarlatan eller superhelt?
Content marketing: Sjarlatan eller superhelt?Sindre Holme
 
Quien sera
Quien seraQuien sera
Quien serafrani
 
e ID
e IDe ID
e ID
 
Российский фронт битвы гигантов
Российский фронт битвы гигантовРоссийский фронт битвы гигантов
Российский фронт битвы гигантовMik Chernomordikov
 
British Royal House
British Royal HouseBritish Royal House
British Royal HouseLorena GL
 

Andere mochten auch (20)

Ne explanation of the last tenth of the quran
Ne explanation of the last tenth of the quranNe explanation of the last tenth of the quran
Ne explanation of the last tenth of the quran
 
Tekijänoikeusaineistot luokittelutavan valinta
Tekijänoikeusaineistot luokittelutavan valintaTekijänoikeusaineistot luokittelutavan valinta
Tekijänoikeusaineistot luokittelutavan valinta
 
Internationalizing Ubuntu apps
Internationalizing Ubuntu appsInternationalizing Ubuntu apps
Internationalizing Ubuntu apps
 
Rasmus Lassen, Byggechef i Københavns Ejendomme
Rasmus Lassen, Byggechef i Københavns EjendommeRasmus Lassen, Byggechef i Københavns Ejendomme
Rasmus Lassen, Byggechef i Københavns Ejendomme
 
Ciencias del Deporte
Ciencias del Deporte Ciencias del Deporte
Ciencias del Deporte
 
Generalsekretærfrokost 23.05.16
Generalsekretærfrokost 23.05.16Generalsekretærfrokost 23.05.16
Generalsekretærfrokost 23.05.16
 
BIM ir SOLIDWORKS
BIM ir SOLIDWORKSBIM ir SOLIDWORKS
BIM ir SOLIDWORKS
 
“Η Logo στην εκπαίδευση: Μια κοινότητα πρακτικής και μάθησης” - i2fest 2015
“Η Logo στην εκπαίδευση: Μια κοινότητα πρακτικής και μάθησης” - i2fest 2015“Η Logo στην εκπαίδευση: Μια κοινότητα πρακτικής και μάθησης” - i2fest 2015
“Η Logo στην εκπαίδευση: Μια κοινότητα πρακτικής και μάθησης” - i2fest 2015
 
SOLIDWORKS Plastics LT
SOLIDWORKS Plastics LTSOLIDWORKS Plastics LT
SOLIDWORKS Plastics LT
 
Agep welcome leipzig
Agep welcome leipzigAgep welcome leipzig
Agep welcome leipzig
 
history of cinema powerpoint in Malayalam
history of cinema powerpoint in Malayalamhistory of cinema powerpoint in Malayalam
history of cinema powerpoint in Malayalam
 
KM-Report may-2015
KM-Report may-2015KM-Report may-2015
KM-Report may-2015
 
Motivarea si evaluarea angajaților
Motivarea si evaluarea angajațilorMotivarea si evaluarea angajaților
Motivarea si evaluarea angajaților
 
Content marketing: Sjarlatan eller superhelt?
Content marketing: Sjarlatan eller superhelt?Content marketing: Sjarlatan eller superhelt?
Content marketing: Sjarlatan eller superhelt?
 
Quien sera
Quien seraQuien sera
Quien sera
 
e ID
e IDe ID
e ID
 
vmchecker @SCS
vmchecker @SCSvmchecker @SCS
vmchecker @SCS
 
Российский фронт битвы гигантов
Российский фронт битвы гигантовРоссийский фронт битвы гигантов
Российский фронт битвы гигантов
 
British Royal House
British Royal HouseBritish Royal House
British Royal House
 
CCR&R Part Two (Planning)
CCR&R Part Two (Planning)CCR&R Part Two (Planning)
CCR&R Part Two (Planning)
 

Ähnlich wie Hardening WordPress - Friends of Search 2014 (WordPress Security)

Securing Word Press Blog
Securing Word Press BlogSecuring Word Press Blog
Securing Word Press BlogChetan Gole
 
Complete Wordpress Security By CHETAN SONI - Cyber Security Expert
Complete Wordpress Security By CHETAN SONI - Cyber Security ExpertComplete Wordpress Security By CHETAN SONI - Cyber Security Expert
Complete Wordpress Security By CHETAN SONI - Cyber Security ExpertChetan Soni
 
WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User SecurityDre Armeda
 
Responsible [digital] Home Ownership
Responsible [digital] Home OwnershipResponsible [digital] Home Ownership
Responsible [digital] Home OwnershipDenise (Dee) Teal
 
Security Presentation for Boulder WordPress Meetup
Security Presentation for Boulder WordPress MeetupSecurity Presentation for Boulder WordPress Meetup
Security Presentation for Boulder WordPress MeetupAngela Bowman
 
Developers, Be a Bada$$ with WP-CLI
Developers, Be a Bada$$ with WP-CLIDevelopers, Be a Bada$$ with WP-CLI
Developers, Be a Bada$$ with WP-CLIWP Engine
 
Wordpress Security & Hardening Steps
Wordpress Security & Hardening StepsWordpress Security & Hardening Steps
Wordpress Security & Hardening StepsPlasterdog Web Design
 
Locking Down Your WordPress Site
Locking Down Your WordPress SiteLocking Down Your WordPress Site
Locking Down Your WordPress SiteFrank Corso
 
Wordpress security issues
Wordpress security issuesWordpress security issues
Wordpress security issuesDeepu Thomas
 
WordPress Optimization & Security - LAC 2013, London
WordPress Optimization & Security - LAC 2013, LondonWordPress Optimization & Security - LAC 2013, London
WordPress Optimization & Security - LAC 2013, LondonBastian Grimm
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutSiteGround.com
 
WordPress Security - WordCamp NYC 2009
WordPress Security - WordCamp NYC 2009WordPress Security - WordCamp NYC 2009
WordPress Security - WordCamp NYC 2009Brad Williams
 
WordPress Security Updated - NYC Meetup 2009
WordPress Security Updated - NYC Meetup 2009WordPress Security Updated - NYC Meetup 2009
WordPress Security Updated - NYC Meetup 2009Brad Williams
 
WordPress Security Presentation
WordPress Security PresentationWordPress Security Presentation
WordPress Security PresentationAndrew Paton
 
Advanced WordPress Optimization - iGaming Supershow 2012
Advanced WordPress Optimization - iGaming Supershow 2012Advanced WordPress Optimization - iGaming Supershow 2012
Advanced WordPress Optimization - iGaming Supershow 2012Bastian Grimm
 
Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress SecurityNile Flores
 
How to Increase Security on your Wordpress Website
How to Increase Security on your Wordpress WebsiteHow to Increase Security on your Wordpress Website
How to Increase Security on your Wordpress WebsiteMeganGood12
 

Ähnlich wie Hardening WordPress - Friends of Search 2014 (WordPress Security) (20)

Securing Word Press Blog
Securing Word Press BlogSecuring Word Press Blog
Securing Word Press Blog
 
Complete Wordpress Security By CHETAN SONI - Cyber Security Expert
Complete Wordpress Security By CHETAN SONI - Cyber Security ExpertComplete Wordpress Security By CHETAN SONI - Cyber Security Expert
Complete Wordpress Security By CHETAN SONI - Cyber Security Expert
 
WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
 
Responsible [digital] Home Ownership
Responsible [digital] Home OwnershipResponsible [digital] Home Ownership
Responsible [digital] Home Ownership
 
Security Presentation for Boulder WordPress Meetup
Security Presentation for Boulder WordPress MeetupSecurity Presentation for Boulder WordPress Meetup
Security Presentation for Boulder WordPress Meetup
 
Developers, Be a Bada$$ with WP-CLI
Developers, Be a Bada$$ with WP-CLIDevelopers, Be a Bada$$ with WP-CLI
Developers, Be a Bada$$ with WP-CLI
 
Wordpress Security & Hardening Steps
Wordpress Security & Hardening StepsWordpress Security & Hardening Steps
Wordpress Security & Hardening Steps
 
Locking Down Your WordPress Site
Locking Down Your WordPress SiteLocking Down Your WordPress Site
Locking Down Your WordPress Site
 
Wordpress security issues
Wordpress security issuesWordpress security issues
Wordpress security issues
 
WordPress Optimization & Security - LAC 2013, London
WordPress Optimization & Security - LAC 2013, LondonWordPress Optimization & Security - LAC 2013, London
WordPress Optimization & Security - LAC 2013, London
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
 
WordPress Security
WordPress SecurityWordPress Security
WordPress Security
 
WordPress Security - WordCamp NYC 2009
WordPress Security - WordCamp NYC 2009WordPress Security - WordCamp NYC 2009
WordPress Security - WordCamp NYC 2009
 
Killer word press-checklist
Killer word press-checklistKiller word press-checklist
Killer word press-checklist
 
WordPress Security
WordPress Security WordPress Security
WordPress Security
 
WordPress Security Updated - NYC Meetup 2009
WordPress Security Updated - NYC Meetup 2009WordPress Security Updated - NYC Meetup 2009
WordPress Security Updated - NYC Meetup 2009
 
WordPress Security Presentation
WordPress Security PresentationWordPress Security Presentation
WordPress Security Presentation
 
Advanced WordPress Optimization - iGaming Supershow 2012
Advanced WordPress Optimization - iGaming Supershow 2012Advanced WordPress Optimization - iGaming Supershow 2012
Advanced WordPress Optimization - iGaming Supershow 2012
 
Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress Security
 
How to Increase Security on your Wordpress Website
How to Increase Security on your Wordpress WebsiteHow to Increase Security on your Wordpress Website
How to Increase Security on your Wordpress Website
 

Mehr von Bastian Grimm

Migration Best Practices - Peak Ace on Air
Migration Best Practices - Peak Ace on AirMigration Best Practices - Peak Ace on Air
Migration Best Practices - Peak Ace on AirBastian Grimm
 
SEOday Köln 2020 - Surprise, Surprise - 5 SEO secrets
SEOday Köln 2020 - Surprise, Surprise - 5 SEO secretsSEOday Köln 2020 - Surprise, Surprise - 5 SEO secrets
SEOday Köln 2020 - Surprise, Surprise - 5 SEO secretsBastian Grimm
 
Technical SEO vs. User Experience - Bastian Grimm, Peak Ace AG
Technical SEO vs. User Experience - Bastian Grimm, Peak Ace AGTechnical SEO vs. User Experience - Bastian Grimm, Peak Ace AG
Technical SEO vs. User Experience - Bastian Grimm, Peak Ace AGBastian Grimm
 
Advanced data-driven technical SEO - SMX London 2019
Advanced data-driven technical SEO - SMX London 2019Advanced data-driven technical SEO - SMX London 2019
Advanced data-driven technical SEO - SMX London 2019Bastian Grimm
 
Migration Best Practices - SMX West 2019
Migration Best Practices - SMX West 2019Migration Best Practices - SMX West 2019
Migration Best Practices - SMX West 2019Bastian Grimm
 
Migration Best Practices - Search Y 2019, Paris
Migration Best Practices - Search Y 2019, ParisMigration Best Practices - Search Y 2019, Paris
Migration Best Practices - Search Y 2019, ParisBastian Grimm
 
Migration Best Practices - SEOkomm 2018
Migration Best Practices - SEOkomm 2018Migration Best Practices - SEOkomm 2018
Migration Best Practices - SEOkomm 2018Bastian Grimm
 
Data-driven Technical SEO: Logfile Auditing - SEOkomm 2018
Data-driven Technical SEO: Logfile Auditing - SEOkomm 2018Data-driven Technical SEO: Logfile Auditing - SEOkomm 2018
Data-driven Technical SEO: Logfile Auditing - SEOkomm 2018Bastian Grimm
 
The need for Speed: Advanced #webperf - SEOday 2018
The need for Speed: Advanced #webperf - SEOday 2018The need for Speed: Advanced #webperf - SEOday 2018
The need for Speed: Advanced #webperf - SEOday 2018Bastian Grimm
 
OK Google, Whats next? - OMT Wiesbaden 2018
OK Google, Whats next? - OMT Wiesbaden 2018OK Google, Whats next? - OMT Wiesbaden 2018
OK Google, Whats next? - OMT Wiesbaden 2018Bastian Grimm
 
Super speed around the globe - SearchLeeds 2018
Super speed around the globe - SearchLeeds 2018Super speed around the globe - SearchLeeds 2018
Super speed around the globe - SearchLeeds 2018Bastian Grimm
 
Migration Best Practices - SMX London 2018
Migration Best Practices - SMX London 2018Migration Best Practices - SMX London 2018
Migration Best Practices - SMX London 2018Bastian Grimm
 
Welcome to a new reality - DeepCrawl Webinar 2018
Welcome to a new reality - DeepCrawl Webinar 2018Welcome to a new reality - DeepCrawl Webinar 2018
Welcome to a new reality - DeepCrawl Webinar 2018Bastian Grimm
 
Web Performance Madness - brightonSEO 2018
Web Performance Madness - brightonSEO 2018Web Performance Madness - brightonSEO 2018
Web Performance Madness - brightonSEO 2018Bastian Grimm
 
Digitale Assistenzsysteme - SMX München 2018
Digitale Assistenzsysteme - SMX München 2018Digitale Assistenzsysteme - SMX München 2018
Digitale Assistenzsysteme - SMX München 2018Bastian Grimm
 
AMP - SMX München 2018
AMP - SMX München 2018AMP - SMX München 2018
AMP - SMX München 2018Bastian Grimm
 
How fast is fast enough - SMX West 2018
How fast is fast enough - SMX West 2018How fast is fast enough - SMX West 2018
How fast is fast enough - SMX West 2018Bastian Grimm
 
Whats Next in SEO & CRO - 3XE Conference 2018 Dublin
Whats Next in SEO & CRO - 3XE Conference 2018 DublinWhats Next in SEO & CRO - 3XE Conference 2018 Dublin
Whats Next in SEO & CRO - 3XE Conference 2018 DublinBastian Grimm
 
Migration Best-Practices: So gelingt der erfolgreiche Relaunch - SEOkomm 2017
Migration Best-Practices: So gelingt der erfolgreiche Relaunch - SEOkomm 2017Migration Best-Practices: So gelingt der erfolgreiche Relaunch - SEOkomm 2017
Migration Best-Practices: So gelingt der erfolgreiche Relaunch - SEOkomm 2017Bastian Grimm
 
Digitale Assistenten - OMX 2017
Digitale Assistenten - OMX 2017Digitale Assistenten - OMX 2017
Digitale Assistenten - OMX 2017Bastian Grimm
 

Mehr von Bastian Grimm (20)

Migration Best Practices - Peak Ace on Air
Migration Best Practices - Peak Ace on AirMigration Best Practices - Peak Ace on Air
Migration Best Practices - Peak Ace on Air
 
SEOday Köln 2020 - Surprise, Surprise - 5 SEO secrets
SEOday Köln 2020 - Surprise, Surprise - 5 SEO secretsSEOday Köln 2020 - Surprise, Surprise - 5 SEO secrets
SEOday Köln 2020 - Surprise, Surprise - 5 SEO secrets
 
Technical SEO vs. User Experience - Bastian Grimm, Peak Ace AG
Technical SEO vs. User Experience - Bastian Grimm, Peak Ace AGTechnical SEO vs. User Experience - Bastian Grimm, Peak Ace AG
Technical SEO vs. User Experience - Bastian Grimm, Peak Ace AG
 
Advanced data-driven technical SEO - SMX London 2019
Advanced data-driven technical SEO - SMX London 2019Advanced data-driven technical SEO - SMX London 2019
Advanced data-driven technical SEO - SMX London 2019
 
Migration Best Practices - SMX West 2019
Migration Best Practices - SMX West 2019Migration Best Practices - SMX West 2019
Migration Best Practices - SMX West 2019
 
Migration Best Practices - Search Y 2019, Paris
Migration Best Practices - Search Y 2019, ParisMigration Best Practices - Search Y 2019, Paris
Migration Best Practices - Search Y 2019, Paris
 
Migration Best Practices - SEOkomm 2018
Migration Best Practices - SEOkomm 2018Migration Best Practices - SEOkomm 2018
Migration Best Practices - SEOkomm 2018
 
Data-driven Technical SEO: Logfile Auditing - SEOkomm 2018
Data-driven Technical SEO: Logfile Auditing - SEOkomm 2018Data-driven Technical SEO: Logfile Auditing - SEOkomm 2018
Data-driven Technical SEO: Logfile Auditing - SEOkomm 2018
 
The need for Speed: Advanced #webperf - SEOday 2018
The need for Speed: Advanced #webperf - SEOday 2018The need for Speed: Advanced #webperf - SEOday 2018
The need for Speed: Advanced #webperf - SEOday 2018
 
OK Google, Whats next? - OMT Wiesbaden 2018
OK Google, Whats next? - OMT Wiesbaden 2018OK Google, Whats next? - OMT Wiesbaden 2018
OK Google, Whats next? - OMT Wiesbaden 2018
 
Super speed around the globe - SearchLeeds 2018
Super speed around the globe - SearchLeeds 2018Super speed around the globe - SearchLeeds 2018
Super speed around the globe - SearchLeeds 2018
 
Migration Best Practices - SMX London 2018
Migration Best Practices - SMX London 2018Migration Best Practices - SMX London 2018
Migration Best Practices - SMX London 2018
 
Welcome to a new reality - DeepCrawl Webinar 2018
Welcome to a new reality - DeepCrawl Webinar 2018Welcome to a new reality - DeepCrawl Webinar 2018
Welcome to a new reality - DeepCrawl Webinar 2018
 
Web Performance Madness - brightonSEO 2018
Web Performance Madness - brightonSEO 2018Web Performance Madness - brightonSEO 2018
Web Performance Madness - brightonSEO 2018
 
Digitale Assistenzsysteme - SMX München 2018
Digitale Assistenzsysteme - SMX München 2018Digitale Assistenzsysteme - SMX München 2018
Digitale Assistenzsysteme - SMX München 2018
 
AMP - SMX München 2018
AMP - SMX München 2018AMP - SMX München 2018
AMP - SMX München 2018
 
How fast is fast enough - SMX West 2018
How fast is fast enough - SMX West 2018How fast is fast enough - SMX West 2018
How fast is fast enough - SMX West 2018
 
Whats Next in SEO & CRO - 3XE Conference 2018 Dublin
Whats Next in SEO & CRO - 3XE Conference 2018 DublinWhats Next in SEO & CRO - 3XE Conference 2018 Dublin
Whats Next in SEO & CRO - 3XE Conference 2018 Dublin
 
Migration Best-Practices: So gelingt der erfolgreiche Relaunch - SEOkomm 2017
Migration Best-Practices: So gelingt der erfolgreiche Relaunch - SEOkomm 2017Migration Best-Practices: So gelingt der erfolgreiche Relaunch - SEOkomm 2017
Migration Best-Practices: So gelingt der erfolgreiche Relaunch - SEOkomm 2017
 
Digitale Assistenten - OMX 2017
Digitale Assistenten - OMX 2017Digitale Assistenten - OMX 2017
Digitale Assistenten - OMX 2017
 

Kürzlich hochgeladen

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 

Kürzlich hochgeladen (20)

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 

Hardening WordPress - Friends of Search 2014 (WordPress Security)

  • 1. FRIENDS OF SEARCH HARDENING WORDPRESS VARIOUS TWEAKS FOR BETTER WP SECURITY
  • 2. WHAT REALLY MATTERS: TOP 3! IF YOU HAVE 5 MINS TO SPARE, JUST DO THESE…
  • 3. #1 Update your blogs regularly! http://wordpress.org/extend/plugins/wp-updates-notifier/
  • 4. Change update behavior… Be sure to REALLY know what you’re doing there…! # Disables ALL core updates: define('WP_AUTO_UPDATE_CORE', false); # Enables all core updates, including minor and majors: define('WP_AUTO_UPDATE_CORE', true); # Default: Enables core updates for minor releases: define('WP_AUTO_UPDATE_CORE', 'minor'); Want something more fine-grained? Check AUTO_UPDATE_$TYPE filter (e.g. auto_update_plugin, auto_update_theme, etc.) which is used for specific updates. http://github.com/georgestephanis/update-control/
  • 7. #2 Get rid of stuff you don’t use! Remove all inactive plug-ins as well as themes!
  • 8. #3 Backup Database & Files, often! http://wordpress.org/extend/plugins/backwpup/
  • 9. SECURITY STARTS AT SETUP MAKE THINGS RIGHT FROM THE BEGINNING…!
  • 10. #4 Setup WordPress properly Use unique keys and salts to add random elements for encryption! Use a cryptic prefix to prevent automated scripts and SQL injections. $table_prefix = ‘wp_VzQCxSJv7uL_ ‘; https://api.wordpress.org/secret-key/1.1/salt/
  • 11. #5 Protect your wp-config.php <files wp-config.php> order deny,allow deny from all </files> This needs to go into your WP roots’ .htaccess file to prevent external access Even better… move wpconfig.php outside of „www“. Also do chmod 400/440
  • 12. #6 Remove the default „admin“ Setup new user as admin; logout. Login w/ new admin; delete old one. Make sure to use a STRONG password, pleeaaasssseeee! http://www.random.org/passwords/
  • 13. #7 Protect your Login (and wp-admin) Recommended: Try the “Lockdown WP Admin” plug-in to protect PHP files in wpadmin as well as the login itself. Don’t just put an .htaccess for basic passwd. protection. It’s a lot of pain… http://wordpress.org/extend/plugins/lockdown-wp-admin/
  • 14. #8 Lock-out multiple failed logins Limit Login Attempts http://wordpress.org/extend/plugins/limit-login-attempts/
  • 15. #9 Even better: Two-factor Verification Info: http://gdig.de/1t - Download: http://gdig.de/1u
  • 16. #9 Even better: Two-factor Verification Google Authenticator http://wordpress.org/plugins/google-authenticator/
  • 17. #9 Even better: Two-factor Verification Provide your login credentials and get auth-code from your mobile phones‘ G-Auth-App.
  • 21. #10 Block malicious URL requests domain.com/?q=%2e%2e or domain.com/path/base64_ will return HTTP 403 (Forbidden). http://wordpress.org/plugins/block-bad-queries/
  • 22. ADDITIONAL TWEAKS THINGS YOU COULD DO IN YOUR CONFIG AS WELL…
  • 23. #11 SSL Logins & Administration define('FORCE_SSL_LOGIN', true); Set FORCE_SSL_LOGIN to “true” to force all logins to happen over SSL. (still allows non-SSL admin sessions) define('FORCE_SSL_ADMIN', true); Use FORCE_SSL_ADMIN to force all logins and all admin sessions to happen over SSL (can be slow…)
  • 24. #12 Move the “wp-content” folder define('WP_CONTENT_DIR', $_SERVER['DOCUMENT_ROOT'].'/blog/my-wp-content'); WP_CONTENT_DIR points to “new” the full local path (no trailing slash) define('WP_CONTENT_URL', 'http://domain.com/blog/my-wp-content'); WP_CONTENT_URL points to “new” full URI (no trailing slash either)
  • 25. #13 Disable File Editing define('DISALLOW_FILE_EDIT', true); Set DISALLOW_FILE_EDIT to “true” to disable editing files from dashboard. By default, admins are allowed to edit PHP files. Setting the above is equivalent to removing the 'edit_themes', 'edit_plugins' and 'edit_files' capabilities of all users.
  • 26. #14 Fix File & Folder Permissions WP-Security Scan Very important: chmod your wp-config.php to be read-only! http://wordpress.org/extend/plugins/wp-security-scan/
  • 29. @basgr SEO Trainings, Seminars & Strategy Consulting Berlin-based Full-Service Performance Marketing Agency WordPress Security, Consulting & Development www.bg.vu/fos14