SlideShare ist ein Scribd-Unternehmen logo

Introduction to WordPress Security

Nile Flores
Nile Flores

This document provides an introduction to WordPress security. It outlines why security is important to protect websites and investments. It then gives basic security tips, such as keeping WordPress, themes, and plugins updated, using strong passwords, installing security plugins, and backing up websites. The document also discusses common ways websites can be compromised and provides additional resources for learning about WordPress security.

Technologie
1 von 35
Downloaden Sie, um offline zu lesen
Introduction to WordPress Security By Nile Flores @blondishnet
Objective ❏ Answer why security is important ❏ Basic WordPress security tips ❏ Some related general security tips that work hand-in-hand with WordPress security ❏ WordPress security plugin suggestions ❏ Resources to learn more about security
Examples of what we don’t want to see happen to our websites
Why is WordPress security important? Your website may be your livelihood. It’s like getting insurance or putting an alarm on your home or car. Implementing security techniques or “hardening” your site protects your investment.
Why you? It’s not about you. It’s not even about how much traffic you get. The hacks are usually with bots and done randomly.
Ways In ❏ Your Internet Service Provider/ includes Wifi ❏ Your Email ❏ Your Web Hosting Account ❏ Web Scripts/ Software (Yes, this includes WordPress) A lot of these are due to bad passwords or lack of updating.
❏ Make money ❏ Curiosity Why do people hack?
❏ Brute Force through your login ❏ Theme files ❏ Plugin files ❏ WordPress core files ❏ FTP/ Cpanel/ Plesk ❏ Bot attack/ DDoS So, how does WordPress get compromised?
WordPress core is secure, but technology is always advancing, so you’re never going to be 100% secure. Security is an ongoing process.
HOWEVER… Remember that “insurance” part I mentioned?!
Matt Mullenweg, CEO & Co-founder of WordPress “Upgrading is taking your vitamins.” https://wordpress.org/news/2009/09/keep-wordpress-secure/
ALWAYS keep your WordPress core, themes, and plugins up-to-date!1 WordPress Security Advice
ALWAYS backup your website. Save the backup in more than one place. UpdraftPlus - https://wordpress.org/plugins/updraftplus/ 2 WordPress Security Advice
Site Health Check
Your Username Your username should never be “admin”. If it’s currently that username, you can use the Username Changer plugin to correct the issue. https://wordpress.org/plugins/username-changer/
Your Password ❏ You should never use “password” for your password ❏ Use sites like LastPass.com to save passwords ❏ Use different passwords for different websites
Try using a security plugin that contains two-factor authentication. Some security plugins offer this option. Or try a password manager like LastPass.com or 1Password.com Your Password (continued…)
WordPress Database Prefix Change your database prefix, in the database, and in the wp-config.php file. By default it’s wp_ Brozzme DB Prefix & Tools Addons plugin changes both (only use & then remove when done) - https://wordpress.org/plugins/brozzme-db-prefix-change/ Note: Some web hosts will do this for you if you’re using the Quick Installer option for new WordPress installations.
SSL SSL, Secure Sockets Layer allows your information to pass through your internet browser and onto the web server using encryption. In other words: You are delivering a safer website experience by protecting people from having their data stolen. ❏ Why You Should Have SSL on Your WordPress Website - https://bit.ly/38BSPX5 ❏ Free SSL at Lets Encrypt available - https://letsencrypt.org/
CDN CDN, or Content Network Delivery service helps with delivering a faster site to wherever in the world your website visitor is coming from. Also, CDNs often provide a layer of protection in blocking bad bots from possibly overloading your site with hits (also known as DDOS attack.) Cloudflare.com offers a free version that can provide that extra layer.
Firewall Firewall blocked bad bots from overloading your site. It’s the door or wall that controls incoming and outgoing traffic, especially deciding what is trusted or not trusted. Many security plugins offer a simple firewall in their free version, but a more in-depth one in their premium/ pro/ paid version.
Security Advice for Multiple Users ❏ Set their roles ❏ Don’t allow them full access to your web hosting account ❏ Remove users who are temporary tenants ❏ Don’t send their password from the WordPress admin panel
❏ Keep your theme up-to-date ❏ Consider child theming - https://bit.ly/2SWMFtK ❏ Choose your theme carefully ❏ Remove themes that you’re not using What to Look for When Choosing a WordPress Theme - https://blondish.net/choosing-wordpress-theme/ Themes
Plugins ❏ Keep your plugin up-to-date ❏ Carefully choose your plugins before installing them ❏ Remove plugins that you’re not using What to Look for When Choosing a WordPress Plugin - https://blondish.net/choosing-wordpress-plugin/
WordPress Security Plugins ❏ Shield Security - https://bit.ly/39Hjce7 ❏ Wordfence - http://bit.ly/1ikXHyS ❏ Brute Protect (included in Jetpack) - http://bruteprotect.com/
❏ Hardening (Securing) WordPress - https://bit.ly/2vHd8Ue ❏ How to Secure Your WordPress Blog - http://bit.ly/1dzTESE ❏ Steps to Remove WordPress Infection - https://bit.ly/2SSE3Er More WordPress Security Resources
If you don’t know code and were hacked, don’t worry! There’s always someone out there that offers Hack cleanups, and also Security audit services.😉 Not code savvy?
Nile Flores - http://blondish.net Twitter: @blondishnet Slides on SlideShare: https://slideshare.net/blondishnet Thank you!

Empfohlen

Introduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedIntroduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedNile Flores
 
Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress SecurityNile Flores
 
Introduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedIntroduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedNile Flores
 
Teaching Your Clients How to Use WordPress
Teaching Your Clients How to Use WordPressTeaching Your Clients How to Use WordPress
Teaching Your Clients How to Use WordPressNile Flores
 
Getting Started with Wordpress
Getting Started with WordpressGetting Started with Wordpress
Getting Started with WordpressTom Semmes
 
Creating a WordPress Website that Works from the Start
Creating a WordPress Website that Works from the StartCreating a WordPress Website that Works from the Start
Creating a WordPress Website that Works from the StartNile Flores
 
Wordpress introduction
Wordpress introductionWordpress introduction
Wordpress introductionMukund Kumar Bharti
 
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin Thomas
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin ThomasCtrl+F5 Bangalore 2017: Super charge you word press website by Justin Thomas
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin ThomasResellerClub
 

Empfohlen

Introduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedIntroduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedNile Flores
 
Introduction to WordPress Security
Introduction to WordPress SecurityIntroduction to WordPress Security
Introduction to WordPress SecurityNile Flores
 
Introduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedIntroduction to Optimizing WordPress for Website Speed
Introduction to Optimizing WordPress for Website SpeedNile Flores
 
Teaching Your Clients How to Use WordPress
Teaching Your Clients How to Use WordPressTeaching Your Clients How to Use WordPress
Teaching Your Clients How to Use WordPressNile Flores
 
Getting Started with Wordpress
Getting Started with WordpressGetting Started with Wordpress
Getting Started with WordpressTom Semmes
 
Creating a WordPress Website that Works from the Start
Creating a WordPress Website that Works from the StartCreating a WordPress Website that Works from the Start
Creating a WordPress Website that Works from the StartNile Flores
 
Wordpress introduction
Wordpress introductionWordpress introduction
Wordpress introductionMukund Kumar Bharti
 
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin Thomas
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin ThomasCtrl+F5 Bangalore 2017: Super charge you word press website by Justin Thomas
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin ThomasResellerClub
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPressEunus Hosen
 
Squeeze Maximum Performance From Your Joomla Website
Squeeze Maximum Performance From Your Joomla WebsiteSqueeze Maximum Performance From Your Joomla Website
Squeeze Maximum Performance From Your Joomla WebsiteSiteGround.com
 
Speed up Your Joomla Site for Ultimate Performance
Speed up Your Joomla Site for Ultimate PerformanceSpeed up Your Joomla Site for Ultimate Performance
Speed up Your Joomla Site for Ultimate PerformanceJoomlaDay Australia
 
WordPress website optimization
WordPress website optimizationWordPress website optimization
WordPress website optimizationDaniel Kanchev
 
Gaining (and Not Betraying) User Trust in WordPress eCommerce
Gaining (and Not Betraying) User Trust in WordPress eCommerceGaining (and Not Betraying) User Trust in WordPress eCommerce
Gaining (and Not Betraying) User Trust in WordPress eCommerceAndrew Wikel
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPressCraig Bailey
 
Basic Plugin Recommendations to get your WordPress Website Started
Basic Plugin Recommendations to get your WordPress Website StartedBasic Plugin Recommendations to get your WordPress Website Started
Basic Plugin Recommendations to get your WordPress Website StartedNile Flores
 
How to Clear WordPress Cache?
How to Clear WordPress Cache?How to Clear WordPress Cache?
How to Clear WordPress Cache?HTS Hosting
 
Installing WordPress The Right Way
Installing WordPress The Right WayInstalling WordPress The Right Way
Installing WordPress The Right WayChris Burgess
 
I Can Haz More Performanz?
I Can Haz More Performanz?I Can Haz More Performanz?
I Can Haz More Performanz?Andy Melichar
 
WordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupWordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupChris Burgess
 
Basic Wordpress Session
Basic Wordpress SessionBasic Wordpress Session
Basic Wordpress SessionVipul Garg
 
Minimize website page loading time – 20+ advanced SEO tips
Minimize website page loading time – 20+ advanced SEO tipsMinimize website page loading time – 20+ advanced SEO tips
Minimize website page loading time – 20+ advanced SEO tipsCgColors
 
Introduction to Wordpress
Introduction to WordpressIntroduction to Wordpress
Introduction to WordpressReuben Rock
 
WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and SecurityThink Media Inc.
 
Basic WordPress Workshop Presentation
Basic WordPress Workshop PresentationBasic WordPress Workshop Presentation
Basic WordPress Workshop PresentationFelix Albutra
 
Staying Connected: Securing Your WordPress Website
Staying Connected: Securing Your WordPress WebsiteStaying Connected: Securing Your WordPress Website
Staying Connected: Securing Your WordPress WebsiteRaymund Mitchell
 
How To Make Your Wordpress Website Load Faster - 20 Tips
How To Make Your Wordpress Website Load Faster - 20 TipsHow To Make Your Wordpress Website Load Faster - 20 Tips
How To Make Your Wordpress Website Load Faster - 20 TipsWorkurious
 
Introduction to Wordpress (Research Based)
Introduction to Wordpress (Research Based)Introduction to Wordpress (Research Based)
Introduction to Wordpress (Research Based)Anjum Hashir
 
Wordpress horsepower
Wordpress horsepowerWordpress horsepower
Wordpress horsepowerRoss Johnson
 
WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User SecurityDre Armeda
 
WordPress security
WordPress securityWordPress security
WordPress securityShelley Magnezi
 

Weitere ähnliche Inhalte

Was ist angesagt?

Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPressEunus Hosen
 
Squeeze Maximum Performance From Your Joomla Website
Squeeze Maximum Performance From Your Joomla WebsiteSqueeze Maximum Performance From Your Joomla Website
Squeeze Maximum Performance From Your Joomla WebsiteSiteGround.com
 
Speed up Your Joomla Site for Ultimate Performance
Speed up Your Joomla Site for Ultimate PerformanceSpeed up Your Joomla Site for Ultimate Performance
Speed up Your Joomla Site for Ultimate PerformanceJoomlaDay Australia
 
WordPress website optimization
WordPress website optimizationWordPress website optimization
WordPress website optimizationDaniel Kanchev
 
Gaining (and Not Betraying) User Trust in WordPress eCommerce
Gaining (and Not Betraying) User Trust in WordPress eCommerceGaining (and Not Betraying) User Trust in WordPress eCommerce
Gaining (and Not Betraying) User Trust in WordPress eCommerceAndrew Wikel
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPressCraig Bailey
 
Basic Plugin Recommendations to get your WordPress Website Started
Basic Plugin Recommendations to get your WordPress Website StartedBasic Plugin Recommendations to get your WordPress Website Started
Basic Plugin Recommendations to get your WordPress Website StartedNile Flores
 
How to Clear WordPress Cache?
How to Clear WordPress Cache?How to Clear WordPress Cache?
How to Clear WordPress Cache?HTS Hosting
 
Installing WordPress The Right Way
Installing WordPress The Right WayInstalling WordPress The Right Way
Installing WordPress The Right WayChris Burgess
 
I Can Haz More Performanz?
I Can Haz More Performanz?I Can Haz More Performanz?
I Can Haz More Performanz?Andy Melichar
 
WordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupWordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupChris Burgess
 
Basic Wordpress Session
Basic Wordpress SessionBasic Wordpress Session
Basic Wordpress SessionVipul Garg
 
Minimize website page loading time – 20+ advanced SEO tips
Minimize website page loading time – 20+ advanced SEO tipsMinimize website page loading time – 20+ advanced SEO tips
Minimize website page loading time – 20+ advanced SEO tipsCgColors
 
Introduction to Wordpress
Introduction to WordpressIntroduction to Wordpress
Introduction to WordpressReuben Rock
 
WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and SecurityThink Media Inc.
 
Basic WordPress Workshop Presentation
Basic WordPress Workshop PresentationBasic WordPress Workshop Presentation
Basic WordPress Workshop PresentationFelix Albutra
 
Staying Connected: Securing Your WordPress Website
Staying Connected: Securing Your WordPress WebsiteStaying Connected: Securing Your WordPress Website
Staying Connected: Securing Your WordPress WebsiteRaymund Mitchell
 
How To Make Your Wordpress Website Load Faster - 20 Tips
How To Make Your Wordpress Website Load Faster - 20 TipsHow To Make Your Wordpress Website Load Faster - 20 Tips
How To Make Your Wordpress Website Load Faster - 20 TipsWorkurious
 
Introduction to Wordpress (Research Based)
Introduction to Wordpress (Research Based)Introduction to Wordpress (Research Based)
Introduction to Wordpress (Research Based)Anjum Hashir
 
Wordpress horsepower
Wordpress horsepowerWordpress horsepower
Wordpress horsepowerRoss Johnson
 

Was ist angesagt? (20)

Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPress
 
Squeeze Maximum Performance From Your Joomla Website
Squeeze Maximum Performance From Your Joomla WebsiteSqueeze Maximum Performance From Your Joomla Website
Squeeze Maximum Performance From Your Joomla Website
 
Speed up Your Joomla Site for Ultimate Performance
Speed up Your Joomla Site for Ultimate PerformanceSpeed up Your Joomla Site for Ultimate Performance
Speed up Your Joomla Site for Ultimate Performance
 
WordPress website optimization
WordPress website optimizationWordPress website optimization
WordPress website optimization
 
Gaining (and Not Betraying) User Trust in WordPress eCommerce
Gaining (and Not Betraying) User Trust in WordPress eCommerceGaining (and Not Betraying) User Trust in WordPress eCommerce
Gaining (and Not Betraying) User Trust in WordPress eCommerce
 
Introduction to WordPress
Introduction to WordPressIntroduction to WordPress
Introduction to WordPress
 
Basic Plugin Recommendations to get your WordPress Website Started
Basic Plugin Recommendations to get your WordPress Website StartedBasic Plugin Recommendations to get your WordPress Website Started
Basic Plugin Recommendations to get your WordPress Website Started
 
How to Clear WordPress Cache?
How to Clear WordPress Cache?How to Clear WordPress Cache?
How to Clear WordPress Cache?
 
Installing WordPress The Right Way
Installing WordPress The Right WayInstalling WordPress The Right Way
Installing WordPress The Right Way
 
I Can Haz More Performanz?
I Can Haz More Performanz?I Can Haz More Performanz?
I Can Haz More Performanz?
 
WordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User MeetupWordPress Security Basics - Melbourne WordPress User Meetup
WordPress Security Basics - Melbourne WordPress User Meetup
 
Basic Wordpress Session
Basic Wordpress SessionBasic Wordpress Session
Basic Wordpress Session
 
Minimize website page loading time – 20+ advanced SEO tips
Minimize website page loading time – 20+ advanced SEO tipsMinimize website page loading time – 20+ advanced SEO tips
Minimize website page loading time – 20+ advanced SEO tips
 
Introduction to Wordpress
Introduction to WordpressIntroduction to Wordpress
Introduction to Wordpress
 
WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and Security
 
Basic WordPress Workshop Presentation
Basic WordPress Workshop PresentationBasic WordPress Workshop Presentation
Basic WordPress Workshop Presentation
 
Staying Connected: Securing Your WordPress Website
Staying Connected: Securing Your WordPress WebsiteStaying Connected: Securing Your WordPress Website
Staying Connected: Securing Your WordPress Website
 
How To Make Your Wordpress Website Load Faster - 20 Tips
How To Make Your Wordpress Website Load Faster - 20 TipsHow To Make Your Wordpress Website Load Faster - 20 Tips
How To Make Your Wordpress Website Load Faster - 20 Tips
 
Introduction to Wordpress (Research Based)
Introduction to Wordpress (Research Based)Introduction to Wordpress (Research Based)
Introduction to Wordpress (Research Based)
 
Wordpress horsepower
Wordpress horsepowerWordpress horsepower
Wordpress horsepower
 

Ähnlich wie Introduction to WordPress Security

WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User SecurityDre Armeda
 
WordPress Resources Nov 2014
WordPress Resources Nov 2014WordPress Resources Nov 2014
WordPress Resources Nov 2014Judy Wilson
 
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITERUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITEAcodez IT Solutions
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutSiteGround.com
 
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKEDWORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKEDStuartJDavidson.com
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressChelsea O'Brien
 
Word press security 101 2018
Word press security 101 2018 Word press security 101 2018
Word press security 101 2018 Laura Hartwig
 
Security, more important than ever!
Security, more important than ever!Security, more important than ever!
Security, more important than ever!Marko Heijnen
 
WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)Michael Carnell
 
Up and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web DesignUp and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web DesignJudy Wilson
 
Responsible [digital] Home Ownership
Responsible [digital] Home OwnershipResponsible [digital] Home Ownership
Responsible [digital] Home OwnershipDenise (Dee) Teal
 
Wordpress security issues
Wordpress security issuesWordpress security issues
Wordpress security issuesDeepu Thomas
 
WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013Thor Kristiansen
 
Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website - WordCamp GC 2011Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website - WordCamp GC 2011Vlad Lasky
 
Securing Your WordPress Website by Vlad Lasky
Securing Your WordPress Website by Vlad LaskySecuring Your WordPress Website by Vlad Lasky
Securing Your WordPress Website by Vlad Laskywordcampgc
 
WordPress Hardening: Strategies to Secure & Protect Your Website
WordPress Hardening: Strategies to Secure & Protect Your WebsiteWordPress Hardening: Strategies to Secure & Protect Your Website
WordPress Hardening: Strategies to Secure & Protect Your WebsiteReliqusConsulting
 
How to Resolve Recurring WordPress Problems?
How to Resolve Recurring WordPress Problems?How to Resolve Recurring WordPress Problems?
How to Resolve Recurring WordPress Problems?Rasin Bekkevold
 
The Ultimate Guide to Wordpress Security
The Ultimate Guide to Wordpress SecurityThe Ultimate Guide to Wordpress Security
The Ultimate Guide to Wordpress SecurityAidanChard
 

Ähnlich wie Introduction to WordPress Security (20)

WordPress End-User Security
WordPress End-User SecurityWordPress End-User Security
WordPress End-User Security
 
WordPress security
WordPress securityWordPress security
WordPress security
 
WordPress Resources Nov 2014
WordPress Resources Nov 2014WordPress Resources Nov 2014
WordPress Resources Nov 2014
 
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITERUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
 
Protect Your WordPress From The Inside Out
Protect Your WordPress From The Inside OutProtect Your WordPress From The Inside Out
Protect Your WordPress From The Inside Out
 
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKEDWORDPRESS SECURITY: HOW TO AVOID BEING HACKED
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
 
How To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your WordpressHow To Lock Down And Secure Your Wordpress
How To Lock Down And Secure Your Wordpress
 
Word press security 101 2018
Word press security 101 2018 Word press security 101 2018
Word press security 101 2018
 
Security, more important than ever!
Security, more important than ever!Security, more important than ever!
Security, more important than ever!
 
WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)
 
Up and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web DesignUp and Running with WordPress - Site Shack Nashville Web Design
Up and Running with WordPress - Site Shack Nashville Web Design
 
Responsible [digital] Home Ownership
Responsible [digital] Home OwnershipResponsible [digital] Home Ownership
Responsible [digital] Home Ownership
 
Wordpress security issues
Wordpress security issuesWordpress security issues
Wordpress security issues
 
WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013WordPress Security - WordPress Meetup Copenhagen 2013
WordPress Security - WordPress Meetup Copenhagen 2013
 
Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website - WordCamp GC 2011Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website - WordCamp GC 2011
 
Securing Your WordPress Website by Vlad Lasky
Securing Your WordPress Website by Vlad LaskySecuring Your WordPress Website by Vlad Lasky
Securing Your WordPress Website by Vlad Lasky
 
WordPress Hardening: Strategies to Secure & Protect Your Website
WordPress Hardening: Strategies to Secure & Protect Your WebsiteWordPress Hardening: Strategies to Secure & Protect Your Website
WordPress Hardening: Strategies to Secure & Protect Your Website
 
Locking down word press
Locking down word pressLocking down word press
Locking down word press
 
How to Resolve Recurring WordPress Problems?
How to Resolve Recurring WordPress Problems?How to Resolve Recurring WordPress Problems?
How to Resolve Recurring WordPress Problems?
 
The Ultimate Guide to Wordpress Security
The Ultimate Guide to Wordpress SecurityThe Ultimate Guide to Wordpress Security
The Ultimate Guide to Wordpress Security
 

Mehr von Nile Flores

Practical SEO for WordPress Bloggers
Practical SEO for WordPress BloggersPractical SEO for WordPress Bloggers
Practical SEO for WordPress BloggersNile Flores
 
Make Money with WordPress for Bloggers
Make Money with WordPress for BloggersMake Money with WordPress for Bloggers
Make Money with WordPress for BloggersNile Flores
 
Social Media 101 for WordPress
Social Media 101 for WordPressSocial Media 101 for WordPress
Social Media 101 for WordPressNile Flores
 
Google Quality Guidelines 101 for WordPress Bloggers
Google Quality Guidelines 101 for WordPress BloggersGoogle Quality Guidelines 101 for WordPress Bloggers
Google Quality Guidelines 101 for WordPress BloggersNile Flores
 
How to Make the Most out of Yoast SEO
How to Make the Most out of Yoast SEOHow to Make the Most out of Yoast SEO
How to Make the Most out of Yoast SEONile Flores
 
Troubleshooting WordPress
Troubleshooting WordPressTroubleshooting WordPress
Troubleshooting WordPressNile Flores
 
How You Can Contribute to WordPress
How You Can Contribute to WordPressHow You Can Contribute to WordPress
How You Can Contribute to WordPressNile Flores
 
Making Money Using WordPress
Making Money Using WordPressMaking Money Using WordPress
Making Money Using WordPressNile Flores
 
Podcasting for WordPress
Podcasting for WordPressPodcasting for WordPress
Podcasting for WordPressNile Flores
 
WordPress SEO: Getting Back to the Basics
WordPress SEO: Getting Back to the BasicsWordPress SEO: Getting Back to the Basics
WordPress SEO: Getting Back to the BasicsNile Flores
 
How Blogging Can Benefit Your Business
How Blogging Can Benefit Your BusinessHow Blogging Can Benefit Your Business
How Blogging Can Benefit Your BusinessNile Flores
 
WordPress Custom Post Types
WordPress Custom Post TypesWordPress Custom Post Types
WordPress Custom Post TypesNile Flores
 
PSD to WordPress
PSD to WordPressPSD to WordPress
PSD to WordPressNile Flores
 
Typography for WordPress
Typography for WordPressTypography for WordPress
Typography for WordPressNile Flores
 
WordPress for business
WordPress for businessWordPress for business
WordPress for businessNile Flores
 
Avoiding Bloggers Block
Avoiding Bloggers BlockAvoiding Bloggers Block
Avoiding Bloggers BlockNile Flores
 
Introduction to Wordpress Theme Development
Introduction to Wordpress Theme Development Introduction to Wordpress Theme Development
Introduction to Wordpress Theme Development Nile Flores
 
Rocking Out Your Site With WordPress
Rocking Out Your Site With WordPressRocking Out Your Site With WordPress
Rocking Out Your Site With WordPressNile Flores
 
Setting Up your WordPress Site like a Pro
Setting Up your WordPress Site like a ProSetting Up your WordPress Site like a Pro
Setting Up your WordPress Site like a ProNile Flores
 
WordPress Tools and Tips for any Niche
WordPress Tools and Tips for any NicheWordPress Tools and Tips for any Niche
WordPress Tools and Tips for any NicheNile Flores
 

Mehr von Nile Flores (20)

Practical SEO for WordPress Bloggers
Practical SEO for WordPress BloggersPractical SEO for WordPress Bloggers
Practical SEO for WordPress Bloggers
 
Make Money with WordPress for Bloggers
Make Money with WordPress for BloggersMake Money with WordPress for Bloggers
Make Money with WordPress for Bloggers
 
Social Media 101 for WordPress
Social Media 101 for WordPressSocial Media 101 for WordPress
Social Media 101 for WordPress
 
Google Quality Guidelines 101 for WordPress Bloggers
Google Quality Guidelines 101 for WordPress BloggersGoogle Quality Guidelines 101 for WordPress Bloggers
Google Quality Guidelines 101 for WordPress Bloggers
 
How to Make the Most out of Yoast SEO
How to Make the Most out of Yoast SEOHow to Make the Most out of Yoast SEO
How to Make the Most out of Yoast SEO
 
Troubleshooting WordPress
Troubleshooting WordPressTroubleshooting WordPress
Troubleshooting WordPress
 
How You Can Contribute to WordPress
How You Can Contribute to WordPressHow You Can Contribute to WordPress
How You Can Contribute to WordPress
 
Making Money Using WordPress
Making Money Using WordPressMaking Money Using WordPress
Making Money Using WordPress
 
Podcasting for WordPress
Podcasting for WordPressPodcasting for WordPress
Podcasting for WordPress
 
WordPress SEO: Getting Back to the Basics
WordPress SEO: Getting Back to the BasicsWordPress SEO: Getting Back to the Basics
WordPress SEO: Getting Back to the Basics
 
How Blogging Can Benefit Your Business
How Blogging Can Benefit Your BusinessHow Blogging Can Benefit Your Business
How Blogging Can Benefit Your Business
 
WordPress Custom Post Types
WordPress Custom Post TypesWordPress Custom Post Types
WordPress Custom Post Types
 
PSD to WordPress
PSD to WordPressPSD to WordPress
PSD to WordPress
 
Typography for WordPress
Typography for WordPressTypography for WordPress
Typography for WordPress
 
WordPress for business
WordPress for businessWordPress for business
WordPress for business
 
Avoiding Bloggers Block
Avoiding Bloggers BlockAvoiding Bloggers Block
Avoiding Bloggers Block
 
Introduction to Wordpress Theme Development
Introduction to Wordpress Theme Development Introduction to Wordpress Theme Development
Introduction to Wordpress Theme Development
 
Rocking Out Your Site With WordPress
Rocking Out Your Site With WordPressRocking Out Your Site With WordPress
Rocking Out Your Site With WordPress
 
Setting Up your WordPress Site like a Pro
Setting Up your WordPress Site like a ProSetting Up your WordPress Site like a Pro
Setting Up your WordPress Site like a Pro
 
WordPress Tools and Tips for any Niche
WordPress Tools and Tips for any NicheWordPress Tools and Tips for any Niche
WordPress Tools and Tips for any Niche
 

Kürzlich hochgeladen

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 

Kürzlich hochgeladen (20)

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 

Introduction to WordPress Security

  • 1. Introduction to WordPress Security By Nile Flores @blondishnet
  • 2. Objective ❏ Answer why security is important ❏ Basic WordPress security tips ❏ Some related general security tips that work hand-in-hand with WordPress security ❏ WordPress security plugin suggestions ❏ Resources to learn more about security
  • 3. Examples of what we don’t want to see happen to our websites
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9. Why is WordPress security important? Your website may be your livelihood. It’s like getting insurance or putting an alarm on your home or car. Implementing security techniques or “hardening” your site protects your investment.
  • 10. Why you? It’s not about you. It’s not even about how much traffic you get. The hacks are usually with bots and done randomly.
  • 11. Ways In ❏ Your Internet Service Provider/ includes Wifi ❏ Your Email ❏ Your Web Hosting Account ❏ Web Scripts/ Software (Yes, this includes WordPress) A lot of these are due to bad passwords or lack of updating.
  • 12. ❏ Make money ❏ Curiosity Why do people hack?
  • 13. ❏ Brute Force through your login ❏ Theme files ❏ Plugin files ❏ WordPress core files ❏ FTP/ Cpanel/ Plesk ❏ Bot attack/ DDoS So, how does WordPress get compromised?
  • 14. WordPress core is secure, but technology is always advancing, so you’re never going to be 100% secure. Security is an ongoing process.
  • 15.
  • 17. Matt Mullenweg, CEO & Co-founder of WordPress “Upgrading is taking your vitamins.” https://wordpress.org/news/2009/09/keep-wordpress-secure/
  • 18. ALWAYS keep your WordPress core, themes, and plugins up-to-date!1 WordPress Security Advice
  • 19. ALWAYS backup your website. Save the backup in more than one place. UpdraftPlus - https://wordpress.org/plugins/updraftplus/ 2 WordPress Security Advice
  • 20.
  • 22. Your Username Your username should never be “admin”. If it’s currently that username, you can use the Username Changer plugin to correct the issue. https://wordpress.org/plugins/username-changer/
  • 23. Your Password ❏ You should never use “password” for your password ❏ Use sites like LastPass.com to save passwords ❏ Use different passwords for different websites
  • 24. Try using a security plugin that contains two-factor authentication. Some security plugins offer this option. Or try a password manager like LastPass.com or 1Password.com Your Password (continued…)
  • 25. WordPress Database Prefix Change your database prefix, in the database, and in the wp-config.php file. By default it’s wp_ Brozzme DB Prefix & Tools Addons plugin changes both (only use & then remove when done) - https://wordpress.org/plugins/brozzme-db-prefix-change/ Note: Some web hosts will do this for you if you’re using the Quick Installer option for new WordPress installations.
  • 26. SSL SSL, Secure Sockets Layer allows your information to pass through your internet browser and onto the web server using encryption. In other words: You are delivering a safer website experience by protecting people from having their data stolen. ❏ Why You Should Have SSL on Your WordPress Website - https://bit.ly/38BSPX5 ❏ Free SSL at Lets Encrypt available - https://letsencrypt.org/
  • 27. CDN CDN, or Content Network Delivery service helps with delivering a faster site to wherever in the world your website visitor is coming from. Also, CDNs often provide a layer of protection in blocking bad bots from possibly overloading your site with hits (also known as DDOS attack.) Cloudflare.com offers a free version that can provide that extra layer.
  • 28. Firewall Firewall blocked bad bots from overloading your site. It’s the door or wall that controls incoming and outgoing traffic, especially deciding what is trusted or not trusted. Many security plugins offer a simple firewall in their free version, but a more in-depth one in their premium/ pro/ paid version.
  • 29. Security Advice for Multiple Users ❏ Set their roles ❏ Don’t allow them full access to your web hosting account ❏ Remove users who are temporary tenants ❏ Don’t send their password from the WordPress admin panel
  • 30. ❏ Keep your theme up-to-date ❏ Consider child theming - https://bit.ly/2SWMFtK ❏ Choose your theme carefully ❏ Remove themes that you’re not using What to Look for When Choosing a WordPress Theme - https://blondish.net/choosing-wordpress-theme/ Themes
  • 31. Plugins ❏ Keep your plugin up-to-date ❏ Carefully choose your plugins before installing them ❏ Remove plugins that you’re not using What to Look for When Choosing a WordPress Plugin - https://blondish.net/choosing-wordpress-plugin/
  • 32. WordPress Security Plugins ❏ Shield Security - https://bit.ly/39Hjce7 ❏ Wordfence - http://bit.ly/1ikXHyS ❏ Brute Protect (included in Jetpack) - http://bruteprotect.com/
  • 33. ❏ Hardening (Securing) WordPress - https://bit.ly/2vHd8Ue ❏ How to Secure Your WordPress Blog - http://bit.ly/1dzTESE ❏ Steps to Remove WordPress Infection - https://bit.ly/2SSE3Er More WordPress Security Resources
  • 34. If you don’t know code and were hacked, don’t worry! There’s always someone out there that offers Hack cleanups, and also Security audit services.😉 Not code savvy?
  • 35. Nile Flores - http://blondish.net Twitter: @blondishnet Slides on SlideShare: https://slideshare.net/blondishnet Thank you!