Presentation slides used for Arizona WordPress Group meetup about WordPress security.

1. WordPress Security Understand and prevent security issues on your WP install.

2. WordPress Security Meetup Topics Why do hackers do what they do? What are the effects of a hack? How can a hack affect you? Hacks are confusing events. Securing WordPress: Prevent your install from being hacked.

3. Why Do Hackers Do What They Do? Money from affiliate links they inject into site Push link juice to their own sites Challenge / conquest Because they can…. To send spam email from server

4. What Are the Effects of a Hack? Insertion of links into pages and posts. Links are often hidden so you do not see them or cloaked so that only search engine spiders / googlebots see them. Redirection of posts and pages Example: Latest Media Temple Update: http://weblog.mediatemple.net/weblog/2010/07/16/1404-wordpress-redirect-exploit-2/

5. How Can a Hack Affect You? Loss of rankings, ban by search engines Destruction of your online presence > Loss of credibility Loss of revenue from online sales Financial and time cost of fixing hack

6. Hacks Are Confusing Events Since there are many factors involved in how a hacker or exploit can gain entry, there is often confusion / misinformation about how hacks occur. It is not uncommon for hosts to blame WordPress when in fact the host is to blame for a security issue Pharma hack: Only search bots are served hacked pages, so hacked pages are cloaked, so you will not see your pages showing any signs of issues. Only after you notice a loss of rankings will the issue be brought to the surface, weeks or months after the initial hack.

7. Securing WordPress: Prevention 1) Keep install, plugins, themes and scripts up to date New 3.0 Update Feature makes updating easier than ever 2) Use caution when choosing plugins to use: Mo plugins, mo problems! Poorly written plugins can pose security risks Old Plugins may not be updated regularly, check to make sure that plugin is updated on a regular basis

8. Securing WordPress: Prevention 3) Maintain regular backups of root folder Via FTP: Free FTP client http://filezilla-project.org/ Create cron jobs to automate backing up folders: You can choose backup schedule, what to backup and where to bakcup http://wpmu.org/new-years-resolution-automate-wordpress-wpmu-backups-check/

9. Securing WordPress: Prevention 4) Maintain regular backups of database WP-DBManager: http://wordpress.org/extend/plugins/wp-dbmanager/ Enables you to automate backups and optimizations and restore directly from dashboard, bypassing PHPMyAdmin 5) Use correct file permissions Use FTP client or cpanel file manager WordPress defaults to 644 for files and 755 permissions for folders

10. Securing WordPress: Prevention 6) Choose the right host Godaddy and other large hosts are bigger targets for hackers and don’t have the best record of being pro-active when they have been compromised 7) Use strong passwords and change regularly 8) Remove unused plugins and themes 9) Use file monitor to be notified of file changes: http://wordpress.org/extend/plugins/wordpress-file-monitor/

11. Typical Hack Repair Steps: (PharmaHack example) Locate and remove hacked 404.php file Locate and remove hacked content from database Replace entire set of salt keys Upload new WordPress files Restore previous versions of other files Restore database to previous version

12. Source Articles / Add. Resources WordPress Security Resources My site was hacked: WordPress Codex WordPress Security Lockdown Learn about backdoors Monitor files changes How to Fix Hacked Install / Remove Malware Removing Malware From a WordPress Blog Doncha's guide to dealing with a hacked website How To Clean a Hacked Install