6. Is WordPress secure?
• No such thing as 100% secure
• Updated regularly to address
security issues
• Do your part
7. Websites are a Responsibility
• Easy, but complicated
• You control how secure your
site is
• Ongoing attention and upkeep
is a minimal requirement
8. 1. Use Strong Passwords
• Use password generators
• Keep track using 1Password or LastPass
• This includes site, database, FTP, etc.
• strongpasswordgenerator.com
9. 2. Update, Update, Update!
• Keep WordPress up to date
• Keep plugins up to date
• Easy to do from the Dashboard
10. 3. Solid Backup Plan
• Backup before updating
• Restore from backup if hacked
• WPB2D, Backup Buddy, VaultPress
11. 4. Don’t use “admin”
• Gives hackers a leg up
• Use a different username
• Delete if it exists
12. 5. Delete unused files
• Delete unused themes
• Delete unused plugins
• Can be a security risk, even if
deactivated
13. 6. Limit permissions
• Give users minimal required access
• set file permissions at 644 and
folders at 755
• http://codex.wordpress.org/
Changing_File_Permissions