Enviar búsqueda
Cargar
WordCamp St. Louis 2011 WordPress Security Presentation
•
0 recomendaciones
•
382 vistas
A
acrofford
Seguir
The slides from the presentation I gave at WordCamp Fayetteville on Guest Blogging.
Leer menos
Leer más
Tecnología
Empresariales
Denunciar
Compartir
Denunciar
Compartir
1 de 36
Descargar ahora
Descargar para leer sin conexión
Recomendados
E resources
E resources
Sujit Chandak
Ldv tour
Ldv tour
latterdayvillage
Ing. industrial tec. de culiacan
Ing. industrial tec. de culiacan
TecnologicoCuliacan
Ibitgs syllabus 2011-2012
Ibitgs syllabus 2011-2012
Yvonne Mafunga
Itgs scheme 2011-2012
Itgs scheme 2011-2012
Yvonne Mafunga
Rop clasificación pedro mattar
Rop clasificación pedro mattar
Edwin Martinez
National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...
National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...
Sujit Chandak
Staff study talk/ on search engine & internet in 2008
Staff study talk/ on search engine & internet in 2008
Sujit Chandak
Recomendados
E resources
E resources
Sujit Chandak
Ldv tour
Ldv tour
latterdayvillage
Ing. industrial tec. de culiacan
Ing. industrial tec. de culiacan
TecnologicoCuliacan
Ibitgs syllabus 2011-2012
Ibitgs syllabus 2011-2012
Yvonne Mafunga
Itgs scheme 2011-2012
Itgs scheme 2011-2012
Yvonne Mafunga
Rop clasificación pedro mattar
Rop clasificación pedro mattar
Edwin Martinez
National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...
National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...
Sujit Chandak
Staff study talk/ on search engine & internet in 2008
Staff study talk/ on search engine & internet in 2008
Sujit Chandak
OOD Principles and Patterns
OOD Principles and Patterns
Nguyen Tung
perhitungan bekisting
perhitungan bekisting
rudi rudi aprilia
Raj Gaurav Singh Resume WS
Raj Gaurav Singh Resume WS
Gaurav Singh
Architecture Patterns - Open Discussion
Architecture Patterns - Open Discussion
Nguyen Tung
SaaS Introduction-May2014
SaaS Introduction-May2014
Nguyen Tung
Microservice Architecture
Microservice Architecture
Nguyen Tung
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
SynarionITSolutions
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Neo4j
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
The Digital Insurer
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Edi Saputra
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
Más contenido relacionado
Destacado
OOD Principles and Patterns
OOD Principles and Patterns
Nguyen Tung
perhitungan bekisting
perhitungan bekisting
rudi rudi aprilia
Raj Gaurav Singh Resume WS
Raj Gaurav Singh Resume WS
Gaurav Singh
Architecture Patterns - Open Discussion
Architecture Patterns - Open Discussion
Nguyen Tung
SaaS Introduction-May2014
SaaS Introduction-May2014
Nguyen Tung
Microservice Architecture
Microservice Architecture
Nguyen Tung
Destacado
(6)
OOD Principles and Patterns
OOD Principles and Patterns
perhitungan bekisting
perhitungan bekisting
Raj Gaurav Singh Resume WS
Raj Gaurav Singh Resume WS
Architecture Patterns - Open Discussion
Architecture Patterns - Open Discussion
SaaS Introduction-May2014
SaaS Introduction-May2014
Microservice Architecture
Microservice Architecture
Último
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
SynarionITSolutions
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Neo4j
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
The Digital Insurer
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Edi Saputra
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Juan lago vázquez
Último
(20)
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
WordCamp St. Louis 2011 WordPress Security Presentation
1.
WORDPRESS SECURITY
Tips and Tricks to Secure Your Site
2.
A LITTLE ABOUT ANDY
CROFFORD CONTACT INFO Email: acrofford@gmail.com Twitter: @andycrofford WEBSITES AppTa.co - http://appta.co TechKing - http://testking.com/techking Mobile Orchard - http://mobileorchard.com ThemeFuse - http://theme fuse.com
3.
HTTP://J.MP/WORDCAMPSTL Slides available
for download
4.
#WCSTLSEC #hashtag
5.
WHY IS WORDPRESS SECURITY
IMPORTANT?
6.
YOU VALUE YOUR
SITE AND ITS CONTENTS
7.
WHY IS WORDPRESS
INSECURE?
8.
IT IS OPEN
SOURCE AND ANYONE HAS ACCESS TO THE CODE
9.
PLUGINS CAN LEAVE
THE DOOR OPEN
10.
SO WHAT CAN
YOU DO?
11.
1. KEEP WORDPRESS
UP TO DATE
12.
2. UPDATE PLUGINS
REGULARLY
13.
3. DO NOT
USE ADMIN AS YOUR USERNAME
14.
4. USE A
SECURE PASSWORD
15.
CHECK YOUR PASSWORD
STRENGTH AT: HTTP://WWW.PASSWORDMETER.COM
16.
5. KEEP YOUR
THEME UPDATED
17.
6. RESTRICT ACCESS
TO THE ADMIN LOGIN PAGE BY IP ADDRESS
18.
.HTACCESS AuthUserFile /dev/null AuthGroupFile /dev/null AuthName
"Access Control" AuthType Basic order deny,allow deny from all #IP address to whitelist allow from xxx.xxx.xxx.xxx Replace xxx.xxx.xxx.xxx with your IP address.
19.
.HTACCESS AuthUserFile /dev/null AuthGroupFile /dev/null AuthName
"Access Control" AuthType Basic order deny,allow deny from all #IP address to whitelist allow from xxx.xxx.xxx.* Replace xxx.xxx.xxx.* with your IP address.
20.
7. MOVE YOUR
WP- CONFIG.PHP FILE
21.
8. CHANGE THE
WORDPRESS TABLE PREFIX
22.
UPDATE $TABLE_PREFIX
23.
9. USE SECRET
KEYS
24.
SECRET KEY GENERATOR https://api.wordpress.org/secret-key/1.1/salt
25.
SECURE KEYS
26.
10. HIDE LOGIN
ERROR MESSAGES
27.
HIDE LOGIN ERRORS add_filter('login_errors',
create_function('$a', "return null;"));
28.
11. BACKUP, BACKUP,
BACKUP
29.
UTILIZE SECURITY
PLUGINS
30.
1. LOGIN LOCK
DOWN http://j.mp/wp-lockdown
31.
2. STEALTH LOGIN
http://j.mp/wp-stealth
32.
3. ADMIN SSL http://j.mp/wp-adminssl
33.
4. BACKWPUP http://j.mp/backwpup
34.
PAID BACKUP SERVICES •
VaultPress - http://www.vaultpress.com • Backup Buddy - http://j.mp/wp-backup buddy
35.
QUESTIONS?
36.
GET 6 MONTHS
FREE SHARED HOSTING FROM SITE5 (WWW.SITE5.COM) WORDCAMP
Descargar ahora