SlideShare ist ein Scribd-Unternehmen logo

WordPress security & performance a beginners guide

Mickey Mellen
Mickey Mellen

We will cover how to create a secure WordPress environment, including an overview of security plugins, and backup solutions. We’ll provide numerous tips to help you keep your WordPress environments secure. We’ll also cover some introductory WordPress performance settings. This will not be a very technical or detailed overview, but will include tips and techniques that most WordPress users can follow to improve their site’s performance.

Bildung
1 von 22
WORDPRESS SECURITY & PERFORMANCE A BEGINNERS GUIDE Carel Bekker: President/Owner
Copyright & trademark ClickHOST.com What we’ll cover 2 ClickHOST Overview WordPress Security tips WordPress performance tips
Copyright & trademark ClickHOST.com ClickHOST Blazing fast & secure Website Hosting based SSD storage WordPress Hosting Flex/VPS Hosting Domain Names Amazon Web Services Managed Hosting Free Malware monitoring Free Premium Spam Filtering Free Cloudflare WAF 3
Personal Security Web Hosting WordPress
Copyright & trademark ClickHOST.com Personal Security •Use https access where possible •Don’t use public (including Starbucks) WiFi unless you have to. •Remember your smart phone connects automatically •Make sure you use a industrial strength spam filter like, Gmail or SpamExperts. 6
Copyright & trademark ClickHOST.com Personal Security •Use a Password Manager •LastPass •Backup! •Local -TimeMachine •Cloud - Crashplan 7
Copyright & trademark ClickHOST.com Backup Basics 8 • What is a backup? •Reliable recent copy of your website. •Should be easy to restore from your backup. • Why should I backup? •Bad things happen, especially in the WWW = wild, wild west. • How often & when should I backup? •Before any major updates to your website •Before updating WordPress, plugins or themes •Daily,Weekly, Monthly. •1-2 different backup copies.
Copyright & trademark ClickHOST.com Website Security Myths • 1:Who would want to hack my website • 2: I will see when my website is hacked • 3: My website is 100% secure • 4: My hosting provider will have a backup for me • 5: I use strong passwords -- I’m ok 9
Copyright & trademark ClickHOST.com 10 Top Tips to Secure WordPress
Copyright & trademark ClickHOST.com WordPress Security • Easy tips: • Update! • Limit access to wp-admin. • Change wp-admin URL. • Avoid potential cross contamination. • Delete unused WordPress installations. • Delete unused themes • Deactivate and delete unused plugins • JetPack -> Protect 11
Copyright & trademark ClickHOST.com WordPress Security 12 • Don’t use admin as your username. • This is the default when installing • Almost as bad as using password for your password :) • How to fix this! • Create a new administrator user. • Log out, then log in as the new admin user. • Delete the old “admin” user.
Copyright & trademark ClickHOST.com WordPress Security Plugins • Most include: • One-click hardening • File monitoring • Personal Firewall (IP blocking) • Install at least one Security plugin • Sucuri • iThemes • Wordfence • Akismet for spam control • Tip: Set Alerts only for successful actions. Not failed actions. 13
Copyright & trademark ClickHOST.com WAF • WAF:Web Application Firewall • Sucuri CloudProxy • Cloudflare • AWS WAF • Note:All traffic flows via WAF 14
Copyright & trademark ClickHOST.com 15 WordPress performance tips
Copyright & trademark ClickHOST.com WordPress Stack •To understand WordPress performance, you need to understand the WordPress stack. •HTML/PHP •MYSQL •Linux •Which component is the slowest? •WordPress content is mostly dynamically generated version static HTML. 16
Copyright & trademark ClickHOST.com Should I use a CDN? •What is a CDN? •Content Deliver Network. •Requested resources are geographically closer to you. •Why should you use a CDN? •Users in different parts of the world. •Need faster loading. •Answer: It depends… 17
Copyright & trademark ClickHOST.com CDNs •Cloudflare •Akamai •MaxCDN •Amazon Cloudfront •Great tip: JetPack Photon. Images only. 18
Copyright & trademark ClickHOST.com Caching •What is caching? •Load cached version of HTML from memory. •Minify Javascript, CSS files — compress & combine. •Use Basics settings for best performance. •Plugins: •W3Total Cache •SuperCache •WPRocket 19
Copyright & trademark ClickHOST.com Easy Performance tips •Use SSD hosting for fast DB access •Enabled gzip compression •Fewer plugins are better •De-active rarely used plugins. •Use Lightweight themes or frameworks •Optimize images: smush.it or compressor.io. •Use JetPack->Photon image CDN. •Prevent access to wp-admin — reduces PHP load during brute force attacks. 20
Copyright & trademark ClickHOST.com Real Performance - AWS! 21
Copyright & trademark ClickHOST.com Carel Bekker President&Owner carel@clickhost.com http://www.clickhost.com/ Tel: 404.220.8110 Mobile: 404.216.5201 22

Empfohlen

WordPress on Amazon ec2
WordPress on Amazon ec2WordPress on Amazon ec2
WordPress on Amazon ec2
belsien
 
8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website
SiteGround.com
 
WordPress Security Basics
WordPress Security BasicsWordPress Security Basics
WordPress Security Basics
Ryan Plas
 
How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014
Primary Image Ltd
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites
Catch Themes
 
WordPress security for everyone
WordPress security for everyoneWordPress security for everyone
WordPress security for everyone
Vladimír Smitka
 
WordCamp Philippines 2009: WordPress In The Wild
WordCamp Philippines 2009: WordPress In The WildWordCamp Philippines 2009: WordPress In The Wild
WordCamp Philippines 2009: WordPress In The Wild
rebelpixel
 
Word Camp Ph 2009 Word Press In The Wild
Word Camp Ph 2009 Word Press In The WildWord Camp Ph 2009 Word Press In The Wild
Word Camp Ph 2009 Word Press In The Wild
rebelpixel
 

Empfohlen

WordPress on Amazon ec2
WordPress on Amazon ec2WordPress on Amazon ec2
WordPress on Amazon ec2
belsien
 
8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website
SiteGround.com
 
WordPress Security Basics
WordPress Security BasicsWordPress Security Basics
WordPress Security Basics
Ryan Plas
 
How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014
Primary Image Ltd
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites
Catch Themes
 
WordPress security for everyone
WordPress security for everyoneWordPress security for everyone
WordPress security for everyone
Vladimír Smitka
 
WordCamp Philippines 2009: WordPress In The Wild
WordCamp Philippines 2009: WordPress In The WildWordCamp Philippines 2009: WordPress In The Wild
WordCamp Philippines 2009: WordPress In The Wild
rebelpixel
 
Word Camp Ph 2009 Word Press In The Wild
Word Camp Ph 2009 Word Press In The WildWord Camp Ph 2009 Word Press In The Wild
Word Camp Ph 2009 Word Press In The Wild
rebelpixel
 
Locking down word press
Locking down word pressLocking down word press
Locking down word press
Zachary Russell
 
WordPress.org & Optimizing Security for your WordPress sites
WordPress.org & Optimizing Security for your WordPress sitesWordPress.org & Optimizing Security for your WordPress sites
WordPress.org & Optimizing Security for your WordPress sites
GovLoop
 
A crash course in scaling wordpress
A crash course in scaling wordpress A crash course in scaling wordpress
A crash course in scaling wordpress
GovLoop
 
Getting started with WordPress
Getting started with WordPressGetting started with WordPress
Getting started with WordPress
Kristen Symonds
 
WordPress Security is like a HHAM Sandwich
WordPress Security is like a HHAM SandwichWordPress Security is like a HHAM Sandwich
WordPress Security is like a HHAM Sandwich
Red8 Interactive
 
Battling the WSOD - A Tech Support Tale
Battling the WSOD - A Tech Support TaleBattling the WSOD - A Tech Support Tale
Battling the WSOD - A Tech Support Tale
Kayleigh Thorpe
 
WordPress Security
WordPress SecurityWordPress Security
WordPress Security
Ivan Storck
 
WordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupWordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User Meetup
Chris Burgess
 
WordPress Security Implementation Guideline - Presentation for OWASP Romania ...
WordPress Security Implementation Guideline - Presentation for OWASP Romania ...WordPress Security Implementation Guideline - Presentation for OWASP Romania ...
WordPress Security Implementation Guideline - Presentation for OWASP Romania ...
Dan Vasile
 
Ignite - selfhosting WordPress - tips and tricks
Ignite - selfhosting WordPress - tips and tricksIgnite - selfhosting WordPress - tips and tricks
Ignite - selfhosting WordPress - tips and tricks
evilzenscientist
 
Dan Catalin Vasile - Hacking the Wordpress Ecosystem
Dan Catalin Vasile - Hacking the Wordpress EcosystemDan Catalin Vasile - Hacking the Wordpress Ecosystem
Dan Catalin Vasile - Hacking the Wordpress Ecosystem
Dan Vasile
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Vasile
 
WordPress Security WordCamp OC 2013
WordPress Security WordCamp OC 2013WordPress Security WordCamp OC 2013
WordPress Security WordCamp OC 2013
Brad Williams
 
Wordpress vs Google Blogger/ Wampserver
Wordpress vs Google Blogger/ WampserverWordpress vs Google Blogger/ Wampserver
Wordpress vs Google Blogger/ Wampserver
Kshitij Wagle
 
Managing Multisite: Lessons from a Large Network
Managing Multisite: Lessons from a Large NetworkManaging Multisite: Lessons from a Large Network
Managing Multisite: Lessons from a Large Network
William Earnhardt
 
Leeward WordPress Meetup- Caching and Website Speed
Leeward WordPress Meetup- Caching and Website SpeedLeeward WordPress Meetup- Caching and Website Speed
Leeward WordPress Meetup- Caching and Website Speed
Arlen Nagata
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
SiteGround.com
 
Why wordpress is not completely safe
Why wordpress is not completely safeWhy wordpress is not completely safe
Why wordpress is not completely safe
Brainwork Technologies
 
Hands on workshop on word press
Hands on workshop on word pressHands on workshop on word press
Hands on workshop on word press
Mohammad Shoriful Islam Ronju
 
How to install wordpress
How to install wordpress How to install wordpress
How to install wordpress
Deepanshu Kapoor
 
Jepang
JepangJepang
Jepang
Banser Sahara
 
EXTENDING THE CLOTHESLINE (EDITED FOR CONTENT)
EXTENDING THE CLOTHESLINE (EDITED FOR CONTENT)EXTENDING THE CLOTHESLINE (EDITED FOR CONTENT)
EXTENDING THE CLOTHESLINE (EDITED FOR CONTENT)
Tim Lotito
 

Weitere ähnliche Inhalte

Was ist angesagt?

Managing Multisite: Lessons from a Large Network
Managing Multisite: Lessons from a Large NetworkManaging Multisite: Lessons from a Large Network
Managing Multisite: Lessons from a Large Network
William Earnhardt
 

Was ist angesagt? (20)

Locking down word press
Locking down word pressLocking down word press
Locking down word press
 
WordPress.org & Optimizing Security for your WordPress sites
WordPress.org & Optimizing Security for your WordPress sitesWordPress.org & Optimizing Security for your WordPress sites
WordPress.org & Optimizing Security for your WordPress sites
 
A crash course in scaling wordpress
A crash course in scaling wordpress A crash course in scaling wordpress
A crash course in scaling wordpress
 
Getting started with WordPress
Getting started with WordPressGetting started with WordPress
Getting started with WordPress
 
WordPress Security is like a HHAM Sandwich
WordPress Security is like a HHAM SandwichWordPress Security is like a HHAM Sandwich
WordPress Security is like a HHAM Sandwich
 
Battling the WSOD - A Tech Support Tale
Battling the WSOD - A Tech Support TaleBattling the WSOD - A Tech Support Tale
Battling the WSOD - A Tech Support Tale
 
WordPress Security
WordPress SecurityWordPress Security
WordPress Security
 
WordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupWordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User Meetup
 
WordPress Security Implementation Guideline - Presentation for OWASP Romania ...
WordPress Security Implementation Guideline - Presentation for OWASP Romania ...WordPress Security Implementation Guideline - Presentation for OWASP Romania ...
WordPress Security Implementation Guideline - Presentation for OWASP Romania ...
 
Ignite - selfhosting WordPress - tips and tricks
Ignite - selfhosting WordPress - tips and tricksIgnite - selfhosting WordPress - tips and tricks
Ignite - selfhosting WordPress - tips and tricks
 
Dan Catalin Vasile - Hacking the Wordpress Ecosystem
Dan Catalin Vasile - Hacking the Wordpress EcosystemDan Catalin Vasile - Hacking the Wordpress Ecosystem
Dan Catalin Vasile - Hacking the Wordpress Ecosystem
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
 
WordPress Security WordCamp OC 2013
WordPress Security WordCamp OC 2013WordPress Security WordCamp OC 2013
WordPress Security WordCamp OC 2013
 
Wordpress vs Google Blogger/ Wampserver
Wordpress vs Google Blogger/ WampserverWordpress vs Google Blogger/ Wampserver
Wordpress vs Google Blogger/ Wampserver
 
Managing Multisite: Lessons from a Large Network
Managing Multisite: Lessons from a Large NetworkManaging Multisite: Lessons from a Large Network
Managing Multisite: Lessons from a Large Network
 
Leeward WordPress Meetup- Caching and Website Speed
Leeward WordPress Meetup- Caching and Website SpeedLeeward WordPress Meetup- Caching and Website Speed
Leeward WordPress Meetup- Caching and Website Speed
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
 
Why wordpress is not completely safe
Why wordpress is not completely safeWhy wordpress is not completely safe
Why wordpress is not completely safe
 
Hands on workshop on word press
Hands on workshop on word pressHands on workshop on word press
Hands on workshop on word press
 
How to install wordpress
How to install wordpress How to install wordpress
How to install wordpress
 

Andere mochten auch

EXTENDING THE CLOTHESLINE (EDITED FOR CONTENT)
EXTENDING THE CLOTHESLINE (EDITED FOR CONTENT)EXTENDING THE CLOTHESLINE (EDITED FOR CONTENT)
EXTENDING THE CLOTHESLINE (EDITED FOR CONTENT)
Tim Lotito
 
Gli Ebrei
Gli EbreiGli Ebrei
Gli Ebrei
elena
 
Breathing Apparatus Training.
Breathing Apparatus Training.Breathing Apparatus Training.
Breathing Apparatus Training.
A.k.M Salauddin
 
Gli Ebrei
Gli EbreiGli Ebrei
Gli Ebrei
elena
 
Interneta un TV operatoru salīdzinājums
Interneta un TV operatoru salīdzinājumsInterneta un TV operatoru salīdzinājums
Interneta un TV operatoru salīdzinājums
JurisZ
 

Andere mochten auch (16)

Jepang
JepangJepang
Jepang
 
EXTENDING THE CLOTHESLINE (EDITED FOR CONTENT)
EXTENDING THE CLOTHESLINE (EDITED FOR CONTENT)EXTENDING THE CLOTHESLINE (EDITED FOR CONTENT)
EXTENDING THE CLOTHESLINE (EDITED FOR CONTENT)
 
DIGITAL MARKETING MATTERS / AAF IC:CR Education Day 2015
DIGITAL MARKETING MATTERS / AAF IC:CR Education Day 2015DIGITAL MARKETING MATTERS / AAF IC:CR Education Day 2015
DIGITAL MARKETING MATTERS / AAF IC:CR Education Day 2015
 
Gli Ebrei
Gli EbreiGli Ebrei
Gli Ebrei
 
Breathing Apparatus Training.
Breathing Apparatus Training.Breathing Apparatus Training.
Breathing Apparatus Training.
 
Smell and taste 4º
Smell and taste 4ºSmell and taste 4º
Smell and taste 4º
 
Gli Ebrei
Gli EbreiGli Ebrei
Gli Ebrei
 
The best tools to make things happen
The best tools to make things happenThe best tools to make things happen
The best tools to make things happen
 
Understanding history
Understanding historyUnderstanding history
Understanding history
 
TelyCam Product Line
TelyCam Product LineTelyCam Product Line
TelyCam Product Line
 
Interneta un TV operatoru salīdzinājums
Interneta un TV operatoru salīdzinājumsInterneta un TV operatoru salīdzinājums
Interneta un TV operatoru salīdzinājums
 
세월호 기자회견 자료(2016.7.7)
세월호 기자회견 자료(2016.7.7)세월호 기자회견 자료(2016.7.7)
세월호 기자회견 자료(2016.7.7)
 
B-to-B (B2B) engagement in digital marketing
B-to-B (B2B) engagement in digital marketingB-to-B (B2B) engagement in digital marketing
B-to-B (B2B) engagement in digital marketing
 
PASIÓN POR EL TRABAJO & ACTITUD
PASIÓN POR EL TRABAJO & ACTITUDPASIÓN POR EL TRABAJO & ACTITUD
PASIÓN POR EL TRABAJO & ACTITUD
 
урок по химии 2
урок по химии 2урок по химии 2
урок по химии 2
 
El factor motivacional, etica profecional
El factor motivacional, etica profecionalEl factor motivacional, etica profecional
El factor motivacional, etica profecional
 

Ähnlich wie WordPress security & performance a beginners guide

WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013
Thor Kristiansen
 
Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress Security
Nile Flores
 

Ähnlich wie WordPress security & performance a beginners guide (20)

WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013
 
20 tips to Improving Your WordPress Site...for Beginners
20 tips to Improving Your WordPress Site...for Beginners20 tips to Improving Your WordPress Site...for Beginners
20 tips to Improving Your WordPress Site...for Beginners
 
WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
 
Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress Security
 
Getting started with wordpress hosting and security
Getting started with wordpress hosting and securityGetting started with wordpress hosting and security
Getting started with wordpress hosting and security
 
WordPress Resources Nov 2014
WordPress Resources Nov 2014WordPress Resources Nov 2014
WordPress Resources Nov 2014
 
Top Ten WordPress Security Tips for 2012
Top Ten WordPress Security Tips for 2012Top Ten WordPress Security Tips for 2012
Top Ten WordPress Security Tips for 2012
 
Up and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web DesignUp and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web Design
 
Higher Order WordPress Security
Higher Order WordPress SecurityHigher Order WordPress Security
Higher Order WordPress Security
 
WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and Security
 
WordPress Security and Best Practices
WordPress Security and Best PracticesWordPress Security and Best Practices
WordPress Security and Best Practices
 
Joomla! security jday2015
Joomla! security jday2015Joomla! security jday2015
Joomla! security jday2015
 
Joomla! security jday2015
Joomla! security jday2015Joomla! security jday2015
Joomla! security jday2015
 
The moment my site got hacked
The moment my site got hackedThe moment my site got hacked
The moment my site got hacked
 
WordCamp Boston WordPress plugins-8-2014
WordCamp Boston WordPress plugins-8-2014WordCamp Boston WordPress plugins-8-2014
WordCamp Boston WordPress plugins-8-2014
 
CollabSphere SC 103 : Domino on the Web : Yes, It's (Probably) Hackable
CollabSphere SC 103 : Domino on the Web : Yes, It's (Probably) HackableCollabSphere SC 103 : Domino on the Web : Yes, It's (Probably) Hackable
CollabSphere SC 103 : Domino on the Web : Yes, It's (Probably) Hackable
 
OWASP Thailand 2016 - Joomla Security
OWASP Thailand 2016 - Joomla Security OWASP Thailand 2016 - Joomla Security
OWASP Thailand 2016 - Joomla Security
 
How secure is WordPress ?
How secure is WordPress ?How secure is WordPress ?
How secure is WordPress ?
 
How to create a WordPress Site
How to create a WordPress Site How to create a WordPress Site
How to create a WordPress Site
 
Securing the cloud
Securing the cloudSecuring the cloud
Securing the cloud
 

Mehr von Mickey Mellen

Google AdWords - An Inside Look At The World's Most Powerful Online Ad Platform
Google AdWords - An Inside Look At The World's Most Powerful Online Ad PlatformGoogle AdWords - An Inside Look At The World's Most Powerful Online Ad Platform
Google AdWords - An Inside Look At The World's Most Powerful Online Ad Platform
Mickey Mellen
 
Meetup: Tools to grow your business
Meetup: Tools to grow your businessMeetup: Tools to grow your business
Meetup: Tools to grow your business
Mickey Mellen
 

Mehr von Mickey Mellen (20)

A Brighter Web: Finding new clients for your business
A Brighter Web: Finding new clients for your businessA Brighter Web: Finding new clients for your business
A Brighter Web: Finding new clients for your business
 
Website Accessibility: Help your users, help your rankings
Website Accessibility: Help your users, help your rankingsWebsite Accessibility: Help your users, help your rankings
Website Accessibility: Help your users, help your rankings
 
Woodstock WordPress Meetup
Woodstock WordPress MeetupWoodstock WordPress Meetup
Woodstock WordPress Meetup
 
Scorecard metrics to watch
Scorecard metrics to watchScorecard metrics to watch
Scorecard metrics to watch
 
Time is money, so use some of these tools to have more of both
Time is money, so use some of these tools to have more of bothTime is money, so use some of these tools to have more of both
Time is money, so use some of these tools to have more of both
 
Planning For A Great 2020
Planning For A Great 2020Planning For A Great 2020
Planning For A Great 2020
 
Tools and Plugins to Help Get More Done and Stay Sane
Tools and Plugins to Help Get More Done and Stay SaneTools and Plugins to Help Get More Done and Stay Sane
Tools and Plugins to Help Get More Done and Stay Sane
 
Googles Latest Changes, WordCamp Atlanta 2019
Googles Latest Changes, WordCamp Atlanta 2019Googles Latest Changes, WordCamp Atlanta 2019
Googles Latest Changes, WordCamp Atlanta 2019
 
Grow your business by gaining, pursuing and closing leads the right way
Grow your business by gaining, pursuing and closing leads the right wayGrow your business by gaining, pursuing and closing leads the right way
Grow your business by gaining, pursuing and closing leads the right way
 
Meetup: Optimizing your Site for Better SEO, Better Speed, and More Conversions
Meetup: Optimizing your Site for Better SEO, Better Speed, and More ConversionsMeetup: Optimizing your Site for Better SEO, Better Speed, and More Conversions
Meetup: Optimizing your Site for Better SEO, Better Speed, and More Conversions
 
Google AdWords - An Inside Look At The World's Most Powerful Online Ad Platform
Google AdWords - An Inside Look At The World's Most Powerful Online Ad PlatformGoogle AdWords - An Inside Look At The World's Most Powerful Online Ad Platform
Google AdWords - An Inside Look At The World's Most Powerful Online Ad Platform
 
GDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal TroubleGDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal Trouble
 
A Brighter Web Meetup: Our Favorite WordPress Plugins and Tools
A Brighter Web Meetup: Our Favorite WordPress Plugins and ToolsA Brighter Web Meetup: Our Favorite WordPress Plugins and Tools
A Brighter Web Meetup: Our Favorite WordPress Plugins and Tools
 
Meetup: Fresh ideas to get your SEO improved and rank higher in Google
Meetup: Fresh ideas to get your SEO improved and rank higher in GoogleMeetup: Fresh ideas to get your SEO improved and rank higher in Google
Meetup: Fresh ideas to get your SEO improved and rank higher in Google
 
Meetup: The big change coming to WordPress in 2018 - Gutenberg
Meetup: The big change coming to WordPress in 2018 - GutenbergMeetup: The big change coming to WordPress in 2018 - Gutenberg
Meetup: The big change coming to WordPress in 2018 - Gutenberg
 
Meetup: Tools to grow your business
Meetup: Tools to grow your businessMeetup: Tools to grow your business
Meetup: Tools to grow your business
 
WordCamp Birmingham 2017 - Blogging strategies for 2018
WordCamp Birmingham 2017 - Blogging strategies for 2018WordCamp Birmingham 2017 - Blogging strategies for 2018
WordCamp Birmingham 2017 - Blogging strategies for 2018
 
Drive Engagement with Sight and Sound
Drive Engagement with Sight and Sound Drive Engagement with Sight and Sound
Drive Engagement with Sight and Sound
 
Staying on Top of the Latest News and Trends
Staying on Top of the Latest News and TrendsStaying on Top of the Latest News and Trends
Staying on Top of the Latest News and Trends
 
Meetup: Psychic SEO Keyword Research
Meetup: Psychic SEO Keyword ResearchMeetup: Psychic SEO Keyword Research
Meetup: Psychic SEO Keyword Research
 

Kürzlich hochgeladen

1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 

Kürzlich hochgeladen (20)

Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 

WordPress security & performance a beginners guide

  • 1. WORDPRESS SECURITY & PERFORMANCE A BEGINNERS GUIDE Carel Bekker: President/Owner
  • 2. Copyright & trademark ClickHOST.com What we’ll cover 2 ClickHOST Overview WordPress Security tips WordPress performance tips
  • 3. Copyright & trademark ClickHOST.com ClickHOST Blazing fast & secure Website Hosting based SSD storage WordPress Hosting Flex/VPS Hosting Domain Names Amazon Web Services Managed Hosting Free Malware monitoring Free Premium Spam Filtering Free Cloudflare WAF 3
  • 4.
  • 6. Copyright & trademark ClickHOST.com Personal Security •Use https access where possible •Don’t use public (including Starbucks) WiFi unless you have to. •Remember your smart phone connects automatically •Make sure you use a industrial strength spam filter like, Gmail or SpamExperts. 6
  • 7. Copyright & trademark ClickHOST.com Personal Security •Use a Password Manager •LastPass •Backup! •Local -TimeMachine •Cloud - Crashplan 7
  • 8. Copyright & trademark ClickHOST.com Backup Basics 8 • What is a backup? •Reliable recent copy of your website. •Should be easy to restore from your backup. • Why should I backup? •Bad things happen, especially in the WWW = wild, wild west. • How often & when should I backup? •Before any major updates to your website •Before updating WordPress, plugins or themes •Daily,Weekly, Monthly. •1-2 different backup copies.
  • 9. Copyright & trademark ClickHOST.com Website Security Myths • 1:Who would want to hack my website • 2: I will see when my website is hacked • 3: My website is 100% secure • 4: My hosting provider will have a backup for me • 5: I use strong passwords -- I’m ok 9
  • 10. Copyright & trademark ClickHOST.com 10 Top Tips to Secure WordPress
  • 11. Copyright & trademark ClickHOST.com WordPress Security • Easy tips: • Update! • Limit access to wp-admin. • Change wp-admin URL. • Avoid potential cross contamination. • Delete unused WordPress installations. • Delete unused themes • Deactivate and delete unused plugins • JetPack -> Protect 11
  • 12. Copyright & trademark ClickHOST.com WordPress Security 12 • Don’t use admin as your username. • This is the default when installing • Almost as bad as using password for your password :) • How to fix this! • Create a new administrator user. • Log out, then log in as the new admin user. • Delete the old “admin” user.
  • 13. Copyright & trademark ClickHOST.com WordPress Security Plugins • Most include: • One-click hardening • File monitoring • Personal Firewall (IP blocking) • Install at least one Security plugin • Sucuri • iThemes • Wordfence • Akismet for spam control • Tip: Set Alerts only for successful actions. Not failed actions. 13
  • 14. Copyright & trademark ClickHOST.com WAF • WAF:Web Application Firewall • Sucuri CloudProxy • Cloudflare • AWS WAF • Note:All traffic flows via WAF 14
  • 15. Copyright & trademark ClickHOST.com 15 WordPress performance tips
  • 16. Copyright & trademark ClickHOST.com WordPress Stack •To understand WordPress performance, you need to understand the WordPress stack. •HTML/PHP •MYSQL •Linux •Which component is the slowest? •WordPress content is mostly dynamically generated version static HTML. 16
  • 17. Copyright & trademark ClickHOST.com Should I use a CDN? •What is a CDN? •Content Deliver Network. •Requested resources are geographically closer to you. •Why should you use a CDN? •Users in different parts of the world. •Need faster loading. •Answer: It depends… 17
  • 18. Copyright & trademark ClickHOST.com CDNs •Cloudflare •Akamai •MaxCDN •Amazon Cloudfront •Great tip: JetPack Photon. Images only. 18
  • 19. Copyright & trademark ClickHOST.com Caching •What is caching? •Load cached version of HTML from memory. •Minify Javascript, CSS files — compress & combine. •Use Basics settings for best performance. •Plugins: •W3Total Cache •SuperCache •WPRocket 19
  • 20. Copyright & trademark ClickHOST.com Easy Performance tips •Use SSD hosting for fast DB access •Enabled gzip compression •Fewer plugins are better •De-active rarely used plugins. •Use Lightweight themes or frameworks •Optimize images: smush.it or compressor.io. •Use JetPack->Photon image CDN. •Prevent access to wp-admin — reduces PHP load during brute force attacks. 20
  • 21. Copyright & trademark ClickHOST.com Real Performance - AWS! 21
  • 22. Copyright & trademark ClickHOST.com Carel Bekker President&Owner carel@clickhost.com http://www.clickhost.com/ Tel: 404.220.8110 Mobile: 404.216.5201 22