Enviar búsqueda
Cargar
WordCamp St. Louis 2011 WordPress Security Presentation
•
0 recomendaciones
•
382 vistas
A
acrofford
Seguir
The slides from the presentation I gave at WordCamp Fayetteville on Guest Blogging.
Leer menos
Leer más
Tecnología
Empresariales
Vista de diapositivas
Denunciar
Compartir
Vista de diapositivas
Denunciar
Compartir
1 de 36
Descargar ahora
Descargar para leer sin conexión
Recomendados
E resources
E resources
Sujit Chandak
Ldv tour
Ldv tour
latterdayvillage
Ing. industrial tec. de culiacan
Ing. industrial tec. de culiacan
TecnologicoCuliacan
Ibitgs syllabus 2011-2012
Ibitgs syllabus 2011-2012
Yvonne Mafunga
Itgs scheme 2011-2012
Itgs scheme 2011-2012
Yvonne Mafunga
Rop clasificación pedro mattar
Rop clasificación pedro mattar
Edwin Martinez
National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...
National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...
Sujit Chandak
Staff study talk/ on search engine & internet in 2008
Staff study talk/ on search engine & internet in 2008
Sujit Chandak
Recomendados
E resources
E resources
Sujit Chandak
Ldv tour
Ldv tour
latterdayvillage
Ing. industrial tec. de culiacan
Ing. industrial tec. de culiacan
TecnologicoCuliacan
Ibitgs syllabus 2011-2012
Ibitgs syllabus 2011-2012
Yvonne Mafunga
Itgs scheme 2011-2012
Itgs scheme 2011-2012
Yvonne Mafunga
Rop clasificación pedro mattar
Rop clasificación pedro mattar
Edwin Martinez
National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...
National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...
Sujit Chandak
Staff study talk/ on search engine & internet in 2008
Staff study talk/ on search engine & internet in 2008
Sujit Chandak
OOD Principles and Patterns
OOD Principles and Patterns
Nguyen Tung
perhitungan bekisting
perhitungan bekisting
rudi rudi aprilia
Raj Gaurav Singh Resume WS
Raj Gaurav Singh Resume WS
Gaurav Singh
Architecture Patterns - Open Discussion
Architecture Patterns - Open Discussion
Nguyen Tung
SaaS Introduction-May2014
SaaS Introduction-May2014
Nguyen Tung
Microservice Architecture
Microservice Architecture
Nguyen Tung
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
lior mazor
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
MIND CTI
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Andrey Devyatkin
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
Zilliz
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
apidays
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Khushali Kathiriya
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Zilliz
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
apidays
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
The Digital Insurer
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Edi Saputra
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
The Digital Insurer
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
Más contenido relacionado
Destacado
OOD Principles and Patterns
OOD Principles and Patterns
Nguyen Tung
perhitungan bekisting
perhitungan bekisting
rudi rudi aprilia
Raj Gaurav Singh Resume WS
Raj Gaurav Singh Resume WS
Gaurav Singh
Architecture Patterns - Open Discussion
Architecture Patterns - Open Discussion
Nguyen Tung
SaaS Introduction-May2014
SaaS Introduction-May2014
Nguyen Tung
Microservice Architecture
Microservice Architecture
Nguyen Tung
Destacado
(6)
OOD Principles and Patterns
OOD Principles and Patterns
perhitungan bekisting
perhitungan bekisting
Raj Gaurav Singh Resume WS
Raj Gaurav Singh Resume WS
Architecture Patterns - Open Discussion
Architecture Patterns - Open Discussion
SaaS Introduction-May2014
SaaS Introduction-May2014
Microservice Architecture
Microservice Architecture
Último
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
lior mazor
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
MIND CTI
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Andrey Devyatkin
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
Zilliz
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
apidays
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Khushali Kathiriya
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Zilliz
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
apidays
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
The Digital Insurer
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Edi Saputra
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
The Digital Insurer
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
MadyBayot
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Deepika Singh
Último
(20)
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
WordCamp St. Louis 2011 WordPress Security Presentation
1.
WORDPRESS SECURITY
Tips and Tricks to Secure Your Site
2.
A LITTLE ABOUT ANDY
CROFFORD CONTACT INFO Email: acrofford@gmail.com Twitter: @andycrofford WEBSITES AppTa.co - http://appta.co TechKing - http://testking.com/techking Mobile Orchard - http://mobileorchard.com ThemeFuse - http://theme fuse.com
3.
HTTP://J.MP/WORDCAMPSTL Slides available
for download
4.
#WCSTLSEC #hashtag
5.
WHY IS WORDPRESS SECURITY
IMPORTANT?
6.
YOU VALUE YOUR
SITE AND ITS CONTENTS
7.
WHY IS WORDPRESS
INSECURE?
8.
IT IS OPEN
SOURCE AND ANYONE HAS ACCESS TO THE CODE
9.
PLUGINS CAN LEAVE
THE DOOR OPEN
10.
SO WHAT CAN
YOU DO?
11.
1. KEEP WORDPRESS
UP TO DATE
12.
2. UPDATE PLUGINS
REGULARLY
13.
3. DO NOT
USE ADMIN AS YOUR USERNAME
14.
4. USE A
SECURE PASSWORD
15.
CHECK YOUR PASSWORD
STRENGTH AT: HTTP://WWW.PASSWORDMETER.COM
16.
5. KEEP YOUR
THEME UPDATED
17.
6. RESTRICT ACCESS
TO THE ADMIN LOGIN PAGE BY IP ADDRESS
18.
.HTACCESS AuthUserFile /dev/null AuthGroupFile /dev/null AuthName
"Access Control" AuthType Basic order deny,allow deny from all #IP address to whitelist allow from xxx.xxx.xxx.xxx Replace xxx.xxx.xxx.xxx with your IP address.
19.
.HTACCESS AuthUserFile /dev/null AuthGroupFile /dev/null AuthName
"Access Control" AuthType Basic order deny,allow deny from all #IP address to whitelist allow from xxx.xxx.xxx.* Replace xxx.xxx.xxx.* with your IP address.
20.
7. MOVE YOUR
WP- CONFIG.PHP FILE
21.
8. CHANGE THE
WORDPRESS TABLE PREFIX
22.
UPDATE $TABLE_PREFIX
23.
9. USE SECRET
KEYS
24.
SECRET KEY GENERATOR https://api.wordpress.org/secret-key/1.1/salt
25.
SECURE KEYS
26.
10. HIDE LOGIN
ERROR MESSAGES
27.
HIDE LOGIN ERRORS add_filter('login_errors',
create_function('$a', "return null;"));
28.
11. BACKUP, BACKUP,
BACKUP
29.
UTILIZE SECURITY
PLUGINS
30.
1. LOGIN LOCK
DOWN http://j.mp/wp-lockdown
31.
2. STEALTH LOGIN
http://j.mp/wp-stealth
32.
3. ADMIN SSL http://j.mp/wp-adminssl
33.
4. BACKWPUP http://j.mp/backwpup
34.
PAID BACKUP SERVICES •
VaultPress - http://www.vaultpress.com • Backup Buddy - http://j.mp/wp-backup buddy
35.
QUESTIONS?
36.
GET 6 MONTHS
FREE SHARED HOSTING FROM SITE5 (WWW.SITE5.COM) WORDCAMP
Descargar ahora