SlideShare uma empresa Scribd logo

WordCamp St. Louis 2011 WordPress Security Presentation

A
acrofford

The slides from the presentation I gave at WordCamp Fayetteville on Guest Blogging.

TecnologiaNegócios
1 de 36
Baixar para ler offline
WORDPRESS SECURITY Tips and Tricks to Secure Your Site
A LITTLE ABOUT ANDY CROFFORD CONTACT INFO Email: acrofford@gmail.com Twitter: @andycrofford WEBSITES AppTa.co - http://appta.co TechKing - http://testking.com/techking Mobile Orchard - http://mobileorchard.com ThemeFuse - http://theme fuse.com
HTTP://J.MP/WORDCAMPSTL Slides available for download
#WCSTLSEC #hashtag
WHY IS WORDPRESS SECURITY IMPORTANT?
YOU VALUE YOUR SITE AND ITS CONTENTS
WHY IS WORDPRESS INSECURE?
IT IS OPEN SOURCE AND ANYONE HAS ACCESS TO THE CODE
PLUGINS CAN LEAVE THE DOOR OPEN
SO WHAT CAN YOU DO?
1. KEEP WORDPRESS UP TO DATE
2. UPDATE PLUGINS REGULARLY
3. DO NOT USE ADMIN AS YOUR USERNAME
4. USE A SECURE PASSWORD
CHECK YOUR PASSWORD STRENGTH AT: HTTP://WWW.PASSWORDMETER.COM
5. KEEP YOUR THEME UPDATED
6. RESTRICT ACCESS TO THE ADMIN LOGIN PAGE BY IP ADDRESS
.HTACCESS AuthUserFile /dev/null AuthGroupFile /dev/null AuthName "Access Control" AuthType Basic order deny,allow deny from all #IP address to whitelist allow from xxx.xxx.xxx.xxx Replace xxx.xxx.xxx.xxx with your IP address.
.HTACCESS AuthUserFile /dev/null AuthGroupFile /dev/null AuthName "Access Control" AuthType Basic order deny,allow deny from all #IP address to whitelist allow from xxx.xxx.xxx.* Replace xxx.xxx.xxx.* with your IP address.
7. MOVE YOUR WP- CONFIG.PHP FILE
8. CHANGE THE WORDPRESS TABLE PREFIX
UPDATE $TABLE_PREFIX
9. USE SECRET KEYS
SECRET KEY GENERATOR https://api.wordpress.org/secret-key/1.1/salt
SECURE KEYS
10. HIDE LOGIN ERROR MESSAGES
HIDE LOGIN ERRORS add_filter('login_errors', create_function('$a', "return null;"));
11. BACKUP, BACKUP, BACKUP
UTILIZE SECURITY PLUGINS
1. LOGIN LOCK DOWN http://j.mp/wp-lockdown
2. STEALTH LOGIN http://j.mp/wp-stealth
3. ADMIN SSL http://j.mp/wp-adminssl
4. BACKWPUP http://j.mp/backwpup
PAID BACKUP SERVICES • VaultPress - http://www.vaultpress.com • Backup Buddy - http://j.mp/wp-backup buddy
QUESTIONS?
GET 6 MONTHS FREE SHARED HOSTING FROM SITE5 (WWW.SITE5.COM) WORDCAMP

Recomendados

E resources
E resourcesE resources
E resources
Sujit Chandak
 
Ldv tour
Ldv tourLdv tour
Ldv tour
latterdayvillage
 
Ing. industrial tec. de culiacan
Ing. industrial tec. de culiacanIng. industrial tec. de culiacan
Ing. industrial tec. de culiacan
TecnologicoCuliacan
 
Ibitgs syllabus 2011-2012
Ibitgs syllabus 2011-2012Ibitgs syllabus 2011-2012
Ibitgs syllabus 2011-2012
Yvonne Mafunga
 
Itgs scheme 2011-2012
Itgs scheme 2011-2012Itgs scheme 2011-2012
Itgs scheme 2011-2012
Yvonne Mafunga
 
Rop clasificación pedro mattar
Rop clasificación pedro mattarRop clasificación pedro mattar
Rop clasificación pedro mattar
Edwin Martinez
 
National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...
National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...
National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...
Sujit Chandak
 
Staff study talk/ on search engine & internet in 2008
Staff study talk/ on search engine & internet in 2008Staff study talk/ on search engine & internet in 2008
Staff study talk/ on search engine & internet in 2008
Sujit Chandak
 

Recomendados

E resources
E resourcesE resources
E resources
Sujit Chandak
 
Ldv tour
Ldv tourLdv tour
Ldv tour
latterdayvillage
 
Ing. industrial tec. de culiacan
Ing. industrial tec. de culiacanIng. industrial tec. de culiacan
Ing. industrial tec. de culiacan
TecnologicoCuliacan
 
Ibitgs syllabus 2011-2012
Ibitgs syllabus 2011-2012Ibitgs syllabus 2011-2012
Ibitgs syllabus 2011-2012
Yvonne Mafunga
 
Itgs scheme 2011-2012
Itgs scheme 2011-2012Itgs scheme 2011-2012
Itgs scheme 2011-2012
Yvonne Mafunga
 
Rop clasificación pedro mattar
Rop clasificación pedro mattarRop clasificación pedro mattar
Rop clasificación pedro mattar
Edwin Martinez
 
National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...
National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...
National Literature in a Multilingual Nation. Sujit chandak pre ph d presenta...
Sujit Chandak
 
Staff study talk/ on search engine & internet in 2008
Staff study talk/ on search engine & internet in 2008Staff study talk/ on search engine & internet in 2008
Staff study talk/ on search engine & internet in 2008
Sujit Chandak
 
OOD Principles and Patterns
OOD Principles and PatternsOOD Principles and Patterns
OOD Principles and Patterns
Nguyen Tung
 
perhitungan bekisting
perhitungan bekistingperhitungan bekisting
perhitungan bekisting
rudi rudi aprilia
 
Raj Gaurav Singh Resume WS
Raj Gaurav Singh Resume WSRaj Gaurav Singh Resume WS
Raj Gaurav Singh Resume WS
Gaurav Singh
 
Architecture Patterns - Open Discussion
Architecture Patterns - Open DiscussionArchitecture Patterns - Open Discussion
Architecture Patterns - Open Discussion
Nguyen Tung
 
SaaS Introduction-May2014
SaaS Introduction-May2014SaaS Introduction-May2014
SaaS Introduction-May2014
Nguyen Tung
 
Microservice Architecture
Microservice ArchitectureMicroservice Architecture
Microservice Architecture
Nguyen Tung
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
Nanddeep Nachan
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
apidays
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
Remote DBA Services
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
johnbeverley2021
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
danishmna97
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Khushali Kathiriya
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
apidays
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
The Digital Insurer
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Andrey Devyatkin
 

Mais conteúdo relacionado

Destaque

Raj Gaurav Singh Resume WS
Raj Gaurav Singh Resume WSRaj Gaurav Singh Resume WS
Raj Gaurav Singh Resume WS
Gaurav Singh
 

Destaque (6)

OOD Principles and Patterns
OOD Principles and PatternsOOD Principles and Patterns
OOD Principles and Patterns
 
perhitungan bekisting
perhitungan bekistingperhitungan bekisting
perhitungan bekisting
 
Raj Gaurav Singh Resume WS
Raj Gaurav Singh Resume WSRaj Gaurav Singh Resume WS
Raj Gaurav Singh Resume WS
 
Architecture Patterns - Open Discussion
Architecture Patterns - Open DiscussionArchitecture Patterns - Open Discussion
Architecture Patterns - Open Discussion
 
SaaS Introduction-May2014
SaaS Introduction-May2014SaaS Introduction-May2014
SaaS Introduction-May2014
 
Microservice Architecture
Microservice ArchitectureMicroservice Architecture
Microservice Architecture
 

Último

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 

Último (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 

WordCamp St. Louis 2011 WordPress Security Presentation