We will cover how to create a secure WordPress environment, including an overview of security plugins, and backup solutions. We’ll provide numerous tips to help you keep your WordPress environments secure.
We’ll also cover some introductory WordPress performance settings. This will not be a very technical or detailed overview, but will include tips and techniques that most WordPress users can follow to improve their site’s performance.
6. Copyright & trademark ClickHOST.com
Personal Security
•Use https access where possible
•Don’t use public (including Starbucks) WiFi
unless you have to.
•Remember your smart phone connects
automatically
•Make sure you use a industrial strength spam
filter like, Gmail or SpamExperts.
6
7. Copyright & trademark ClickHOST.com
Personal Security
•Use a Password Manager
•LastPass
•Backup!
•Local -TimeMachine
•Cloud - Crashplan
7
8. Copyright & trademark ClickHOST.com
Backup Basics
8
• What is a backup?
•Reliable recent copy of your website.
•Should be easy to restore from your backup.
• Why should I backup?
•Bad things happen, especially in the WWW = wild, wild west.
• How often & when should I backup?
•Before any major updates to your website
•Before updating WordPress, plugins or themes
•Daily,Weekly, Monthly.
•1-2 different backup copies.
9. Copyright & trademark ClickHOST.com
Website Security Myths
• 1:Who would want to hack my website
• 2: I will see when my website is hacked
• 3: My website is 100% secure
• 4: My hosting provider will have a backup for me
• 5: I use strong passwords -- I’m ok
9
12. Copyright & trademark ClickHOST.com
WordPress Security
12
• Don’t use admin as your username.
• This is the default when installing
• Almost as bad as using password for your password :)
• How to fix this!
• Create a new administrator user.
• Log out, then log in as the new admin user.
• Delete the old “admin” user.
13. Copyright & trademark ClickHOST.com
WordPress Security Plugins
• Most include:
• One-click hardening
• File monitoring
• Personal Firewall (IP blocking)
• Install at least one Security plugin
• Sucuri
• iThemes
• Wordfence
• Akismet for spam control
• Tip: Set Alerts only for successful actions. Not failed actions.
13
16. Copyright & trademark ClickHOST.com
WordPress Stack
•To understand WordPress performance, you
need to understand the WordPress stack.
•HTML/PHP
•MYSQL
•Linux
•Which component is the slowest?
•WordPress content is mostly dynamically
generated version static HTML.
16
17. Copyright & trademark ClickHOST.com
Should I use a CDN?
•What is a CDN?
•Content Deliver Network.
•Requested resources are geographically closer to you.
•Why should you use a CDN?
•Users in different parts of the world.
•Need faster loading.
•Answer: It depends…
17