SlideShare a Scribd company logo

Steps to Keep Your Site Clean

Download as PPTX, PDF
Sucuri
Sucuri

During this presentation, we'll discuss the ins and outs of website security. Using good security practices as a website owner helps keep the entire web environment as clean and safe as possible. Expect to learn about: - What website security is and how to approach the subject when making your own plan. - The various access points and attack surfaces of a website. - Simple ways to increase security for all website owners. - Intermediate ways to further secure websites. - General online security practices and preparedness.

Internet
1 of 14
Steps to a Clean Safe Site Jen Fisher, Product Support Analyst S U C U R I W E B I N A R
Jen Fisher Product Support Analyst Tweet #AskSucuri to @SucuriSecurity W E B I N A R S P E A K E R
Tweet #AskSucuri to @SucuriSecurity In this webinar you will learn: • What website security is and how to approach the subject when making your own plan • The various access points that most websites have • Simple ways to approach website security security • Intermediate ways to approach security • A few ways to increase your general security online
Why is website security important? Accounted for 90% of all websites cleaned by Sucuri in 2018. Authorities detected only 11% of infected sites in 2018, a 6% drop from 2017. Increased by 14% to 51.3%, from 37% in Q3 2016. Increased to 56.4%, from 47% in 2017. WordPress Blacklist SEO Spam General Malware Ecommerce Outdated software continues to be the greatest vulnerability to these targets.
What is website security? • Applied: to content via restrictions • Environmental: linked to security of hardware and work environments • Tangential: related to all accounts and individuals who may interact with content • Flexible: a compromise between existing risks and the level of time and interaction that you want to have • Active: Security is also a practice!
Tweet #AskSucuri to @SucuriSecurity Can’t I just buy a service? Tweet #AskSucuri to @SucuriSecurity
Tweet #AskSucuri to @SucuriSecurity Direct Points of Access What do we need to secure? Clients with hacked sites frequently ask "how did the intruder get in?“ Most sites can be accessed: • Via the hosting account • Via the control panel • Via an FTP, SFTP, or SSH connection • Via your CMS management panel, such as WP Admin • Via the database • Via the internet, publicly
Tweet #AskSucuri to @SucuriSecurity Direct Points of Access How they do they get in? Tangentially, we also need to consider the ways that these elements can be accessed: • Email, for password recovery purposes • Your computer or device and the security there • The browser used on your computer or device • The way your data is being sent (HTTPS) • The security of the server on which your content is stored
Tweet #AskSucuri to @SucuriSecurity Update, Update, Update Preventing the #1 cause of hacks As we mentioned earlier, outdated site elements are the number one cause of website infections. Updating your CMS isn’t the only thing you can do to avoid risks, however! Updates can be applied to: • Content Management Systems • Plugins • Themes • Extensions • Server-side platforms and security
Tweet #AskSucuri to @SucuriSecurity Protecting Your Website Applying updates is helpful, but a fully updated site may still be at risk. Consider: • Avoiding pirated plugins & themes • Removing content that isn't in use • Limiting, monitoring, and auditing access regularly • Using 2FA wherever possible • Using strong random passwords (password managers) • Using only one security plugin • Using non-standard usernames • Applying an SSL
Tweet #AskSucuri to @SucuriSecurity Have a “Plan B” Website security plan If your site is compromised, how can you most effectively react to mitigate the issue? Consider in advance of a compromise: • Points of access • Individuals with access • How you will update all passwords • How updated access can be sent securely • Will a backup save the day? • Assistance resources available to you
Tweet #AskSucuri to @SucuriSecurity Intermediate options • Disallow PHP execution via .htaccess • Disallow file editing in wp-config.php via .htaccess (Sucuri plugin is a good free option) • IP-based limitations to WP-Admin pages • Limited access to wp_includes, images, and uploads folders • Restrict upload capabilities • Avoid renaming file extensions (ie: wp_config.php.bak), voiding restrictions
Tweet #AskSucuri to @SucuriSecurity Fun security for fun internet users! • Use a script blocker • Antivirus programs with active protection • 2-factor authentication • Password managers • Be aware of social engineering & phishing risks • Discuss security requirements • Send sensitive info securely If you’re ever unsure, ask! Most online service providers will have documentation related to security, and the best of those will help formulate a security plan.
Submit your questions to us at any time by tweeting us @SucuriSecurity using the hashtag #AskSucuri

Recommended

Sucuri Webinar: What is SEO Spam and How to Fight It
Sucuri Webinar: What is SEO Spam and How to Fight ItSucuri Webinar: What is SEO Spam and How to Fight It
Sucuri Webinar: What is SEO Spam and How to Fight ItSucuri
 
Sucuri Webinar: Website Security Primer for Digital Marketers
Sucuri Webinar: Website Security Primer for Digital MarketersSucuri Webinar: Website Security Primer for Digital Marketers
Sucuri Webinar: Website Security Primer for Digital MarketersSucuri
 
Sucuri Webinar: WAF (Firewall) and CDN Feature Benefit Guide
Sucuri Webinar: WAF (Firewall) and CDN Feature Benefit GuideSucuri Webinar: WAF (Firewall) and CDN Feature Benefit Guide
Sucuri Webinar: WAF (Firewall) and CDN Feature Benefit GuideSucuri
 
Sucuri Webinar: How Websites Get Hacked
Sucuri Webinar: How Websites Get HackedSucuri Webinar: How Websites Get Hacked
Sucuri Webinar: How Websites Get HackedSucuri
 
What Are the Most Common Types of Hacks?
What Are the Most Common Types of Hacks?What Are the Most Common Types of Hacks?
What Are the Most Common Types of Hacks?Sucuri
 
Sucuri Webinar: How Caching Options Can Impact Your Website Speed
Sucuri Webinar: How Caching Options Can Impact Your Website SpeedSucuri Webinar: How Caching Options Can Impact Your Website Speed
Sucuri Webinar: How Caching Options Can Impact Your Website SpeedSucuri
 
Webinar: Personal Online Privacy - Sucuri Security
Webinar: Personal Online Privacy - Sucuri SecurityWebinar: Personal Online Privacy - Sucuri Security
Webinar: Personal Online Privacy - Sucuri SecuritySucuri
 
Why Do Hackers Hack?
Why Do Hackers Hack?Why Do Hackers Hack?
Why Do Hackers Hack?Sucuri
 

Recommended

Sucuri Webinar: What is SEO Spam and How to Fight It
Sucuri Webinar: What is SEO Spam and How to Fight ItSucuri Webinar: What is SEO Spam and How to Fight It
Sucuri Webinar: What is SEO Spam and How to Fight ItSucuri
 
Sucuri Webinar: Website Security Primer for Digital Marketers
Sucuri Webinar: Website Security Primer for Digital MarketersSucuri Webinar: Website Security Primer for Digital Marketers
Sucuri Webinar: Website Security Primer for Digital MarketersSucuri
 
Sucuri Webinar: WAF (Firewall) and CDN Feature Benefit Guide
Sucuri Webinar: WAF (Firewall) and CDN Feature Benefit GuideSucuri Webinar: WAF (Firewall) and CDN Feature Benefit Guide
Sucuri Webinar: WAF (Firewall) and CDN Feature Benefit GuideSucuri
 
Sucuri Webinar: How Websites Get Hacked
Sucuri Webinar: How Websites Get HackedSucuri Webinar: How Websites Get Hacked
Sucuri Webinar: How Websites Get HackedSucuri
 
What Are the Most Common Types of Hacks?
What Are the Most Common Types of Hacks?What Are the Most Common Types of Hacks?
What Are the Most Common Types of Hacks?Sucuri
 
Sucuri Webinar: How Caching Options Can Impact Your Website Speed
Sucuri Webinar: How Caching Options Can Impact Your Website SpeedSucuri Webinar: How Caching Options Can Impact Your Website Speed
Sucuri Webinar: How Caching Options Can Impact Your Website SpeedSucuri
 
Webinar: Personal Online Privacy - Sucuri Security
Webinar: Personal Online Privacy - Sucuri SecurityWebinar: Personal Online Privacy - Sucuri Security
Webinar: Personal Online Privacy - Sucuri SecuritySucuri
 
Why Do Hackers Hack?
Why Do Hackers Hack?Why Do Hackers Hack?
Why Do Hackers Hack?Sucuri
 
Sucuri Webinar: How to clean hacked WordPress sites
Sucuri Webinar: How to clean hacked WordPress sitesSucuri Webinar: How to clean hacked WordPress sites
Sucuri Webinar: How to clean hacked WordPress sitesSucuri
 
Sucuri Webinar: Preventing Cross-Site Contamination for Beginners
Sucuri Webinar: Preventing Cross-Site Contamination for BeginnersSucuri Webinar: Preventing Cross-Site Contamination for Beginners
Sucuri Webinar: Preventing Cross-Site Contamination for BeginnersSucuri
 
Sucuri Webinar: Is SSL enough to secure your website?
Sucuri Webinar: Is SSL enough to secure your website?Sucuri Webinar: Is SSL enough to secure your website?
Sucuri Webinar: Is SSL enough to secure your website?Sucuri
 
Sucuri Webinar: How to Clean a Hacked Magento Website
Sucuri Webinar: How to Clean a Hacked Magento WebsiteSucuri Webinar: How to Clean a Hacked Magento Website
Sucuri Webinar: How to Clean a Hacked Magento WebsiteSucuri
 
Sucuri Webinar: How To Know For Sure You Can Trust A Plugin
Sucuri Webinar: How To Know For Sure You Can Trust A PluginSucuri Webinar: How To Know For Sure You Can Trust A Plugin
Sucuri Webinar: How To Know For Sure You Can Trust A PluginSucuri
 
Sucuri Webinar: Simple Steps To Secure Your Online Store
Sucuri Webinar: Simple Steps To Secure Your Online StoreSucuri Webinar: Simple Steps To Secure Your Online Store
Sucuri Webinar: Simple Steps To Secure Your Online StoreSucuri
 
Sucuri Webinar: Hacked Website Trend Report Q1/2016
Sucuri Webinar: Hacked Website Trend Report Q1/2016Sucuri Webinar: Hacked Website Trend Report Q1/2016
Sucuri Webinar: Hacked Website Trend Report Q1/2016Sucuri
 
Logs: Understanding Them to Better Manage Your WordPress Site
Logs: Understanding Them to Better Manage Your WordPress SiteLogs: Understanding Them to Better Manage Your WordPress Site
Logs: Understanding Them to Better Manage Your WordPress SiteSucuri
 
Sucuri Webinar: Website Security for Web Agencies
Sucuri Webinar: Website Security for Web AgenciesSucuri Webinar: Website Security for Web Agencies
Sucuri Webinar: Website Security for Web AgenciesSucuri
 
Sucuri Webinar: Defending Your Google Brand Reputation and Analytics Reports
Sucuri Webinar: Defending Your Google Brand Reputation and Analytics ReportsSucuri Webinar: Defending Your Google Brand Reputation and Analytics Reports
Sucuri Webinar: Defending Your Google Brand Reputation and Analytics ReportsSucuri
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Sucuri
 
Sucuri Webinar: Impacts of a website compromise
Sucuri Webinar: Impacts of a website compromiseSucuri Webinar: Impacts of a website compromise
Sucuri Webinar: Impacts of a website compromiseSucuri
 
Sucuri Webinar: Tis the Season for Credit Card Scraping and Malware Trends
Sucuri Webinar: Tis the Season for Credit Card Scraping and Malware Trends Sucuri Webinar: Tis the Season for Credit Card Scraping and Malware Trends
Sucuri Webinar: Tis the Season for Credit Card Scraping and Malware Trends Sucuri
 
2018 Hacked Website Trends
2018 Hacked Website Trends2018 Hacked Website Trends
2018 Hacked Website TrendsSucuri
 
Sucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri
 
Sucuri Webinar: Leveraging Sucuri's API
Sucuri Webinar: Leveraging Sucuri's APISucuri Webinar: Leveraging Sucuri's API
Sucuri Webinar: Leveraging Sucuri's APISucuri
 
Webinar: CWAF for Mid Market/Enterprise Organizations
Webinar: CWAF for Mid Market/Enterprise OrganizationsWebinar: CWAF for Mid Market/Enterprise Organizations
Webinar: CWAF for Mid Market/Enterprise OrganizationsSucuri
 
WordPress Security - Learning From Hacks
WordPress Security - Learning From HacksWordPress Security - Learning From Hacks
WordPress Security - Learning From HacksTony Perez
 
Hacked - What do you do now?
Hacked - What do you do now?Hacked - What do you do now?
Hacked - What do you do now?Tony Perez
 
WordPress Security Begins With Good Posture
WordPress Security Begins With Good PostureWordPress Security Begins With Good Posture
WordPress Security Begins With Good PostureTony Perez
 
Pubcon Vegas Session - WordPress Site Security Audits
Pubcon Vegas Session - WordPress Site Security AuditsPubcon Vegas Session - WordPress Site Security Audits
Pubcon Vegas Session - WordPress Site Security AuditsKristine Schachinger SEO and Online Marketing
 
Securing your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupSecuring your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupOyster Bay Marauders LLC
 

More Related Content

What's hot

Sucuri Webinar: How to clean hacked WordPress sites
Sucuri Webinar: How to clean hacked WordPress sitesSucuri Webinar: How to clean hacked WordPress sites
Sucuri Webinar: How to clean hacked WordPress sitesSucuri
 
Sucuri Webinar: Preventing Cross-Site Contamination for Beginners
Sucuri Webinar: Preventing Cross-Site Contamination for BeginnersSucuri Webinar: Preventing Cross-Site Contamination for Beginners
Sucuri Webinar: Preventing Cross-Site Contamination for BeginnersSucuri
 
Sucuri Webinar: Is SSL enough to secure your website?
Sucuri Webinar: Is SSL enough to secure your website?Sucuri Webinar: Is SSL enough to secure your website?
Sucuri Webinar: Is SSL enough to secure your website?Sucuri
 
Sucuri Webinar: How to Clean a Hacked Magento Website
Sucuri Webinar: How to Clean a Hacked Magento WebsiteSucuri Webinar: How to Clean a Hacked Magento Website
Sucuri Webinar: How to Clean a Hacked Magento WebsiteSucuri
 
Sucuri Webinar: How To Know For Sure You Can Trust A Plugin
Sucuri Webinar: How To Know For Sure You Can Trust A PluginSucuri Webinar: How To Know For Sure You Can Trust A Plugin
Sucuri Webinar: How To Know For Sure You Can Trust A PluginSucuri
 
Sucuri Webinar: Simple Steps To Secure Your Online Store
Sucuri Webinar: Simple Steps To Secure Your Online StoreSucuri Webinar: Simple Steps To Secure Your Online Store
Sucuri Webinar: Simple Steps To Secure Your Online StoreSucuri
 
Sucuri Webinar: Hacked Website Trend Report Q1/2016
Sucuri Webinar: Hacked Website Trend Report Q1/2016Sucuri Webinar: Hacked Website Trend Report Q1/2016
Sucuri Webinar: Hacked Website Trend Report Q1/2016Sucuri
 
Logs: Understanding Them to Better Manage Your WordPress Site
Logs: Understanding Them to Better Manage Your WordPress SiteLogs: Understanding Them to Better Manage Your WordPress Site
Logs: Understanding Them to Better Manage Your WordPress SiteSucuri
 
Sucuri Webinar: Website Security for Web Agencies
Sucuri Webinar: Website Security for Web AgenciesSucuri Webinar: Website Security for Web Agencies
Sucuri Webinar: Website Security for Web AgenciesSucuri
 
Sucuri Webinar: Defending Your Google Brand Reputation and Analytics Reports
Sucuri Webinar: Defending Your Google Brand Reputation and Analytics ReportsSucuri Webinar: Defending Your Google Brand Reputation and Analytics Reports
Sucuri Webinar: Defending Your Google Brand Reputation and Analytics ReportsSucuri
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Sucuri
 
Sucuri Webinar: Impacts of a website compromise
Sucuri Webinar: Impacts of a website compromiseSucuri Webinar: Impacts of a website compromise
Sucuri Webinar: Impacts of a website compromiseSucuri
 
Sucuri Webinar: Tis the Season for Credit Card Scraping and Malware Trends
Sucuri Webinar: Tis the Season for Credit Card Scraping and Malware Trends Sucuri Webinar: Tis the Season for Credit Card Scraping and Malware Trends
Sucuri Webinar: Tis the Season for Credit Card Scraping and Malware Trends Sucuri
 
2018 Hacked Website Trends
2018 Hacked Website Trends2018 Hacked Website Trends
2018 Hacked Website TrendsSucuri
 
Sucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri
 
Sucuri Webinar: Leveraging Sucuri's API
Sucuri Webinar: Leveraging Sucuri's APISucuri Webinar: Leveraging Sucuri's API
Sucuri Webinar: Leveraging Sucuri's APISucuri
 
Webinar: CWAF for Mid Market/Enterprise Organizations
Webinar: CWAF for Mid Market/Enterprise OrganizationsWebinar: CWAF for Mid Market/Enterprise Organizations
Webinar: CWAF for Mid Market/Enterprise OrganizationsSucuri
 
WordPress Security - Learning From Hacks
WordPress Security - Learning From HacksWordPress Security - Learning From Hacks
WordPress Security - Learning From HacksTony Perez
 
Hacked - What do you do now?
Hacked - What do you do now?Hacked - What do you do now?
Hacked - What do you do now?Tony Perez
 
WordPress Security Begins With Good Posture
WordPress Security Begins With Good PostureWordPress Security Begins With Good Posture
WordPress Security Begins With Good PostureTony Perez
 

What's hot (20)

Sucuri Webinar: How to clean hacked WordPress sites
Sucuri Webinar: How to clean hacked WordPress sitesSucuri Webinar: How to clean hacked WordPress sites
Sucuri Webinar: How to clean hacked WordPress sites
 
Sucuri Webinar: Preventing Cross-Site Contamination for Beginners
Sucuri Webinar: Preventing Cross-Site Contamination for BeginnersSucuri Webinar: Preventing Cross-Site Contamination for Beginners
Sucuri Webinar: Preventing Cross-Site Contamination for Beginners
 
Sucuri Webinar: Is SSL enough to secure your website?
Sucuri Webinar: Is SSL enough to secure your website?Sucuri Webinar: Is SSL enough to secure your website?
Sucuri Webinar: Is SSL enough to secure your website?
 
Sucuri Webinar: How to Clean a Hacked Magento Website
Sucuri Webinar: How to Clean a Hacked Magento WebsiteSucuri Webinar: How to Clean a Hacked Magento Website
Sucuri Webinar: How to Clean a Hacked Magento Website
 
Sucuri Webinar: How To Know For Sure You Can Trust A Plugin
Sucuri Webinar: How To Know For Sure You Can Trust A PluginSucuri Webinar: How To Know For Sure You Can Trust A Plugin
Sucuri Webinar: How To Know For Sure You Can Trust A Plugin
 
Sucuri Webinar: Simple Steps To Secure Your Online Store
Sucuri Webinar: Simple Steps To Secure Your Online StoreSucuri Webinar: Simple Steps To Secure Your Online Store
Sucuri Webinar: Simple Steps To Secure Your Online Store
 
Sucuri Webinar: Hacked Website Trend Report Q1/2016
Sucuri Webinar: Hacked Website Trend Report Q1/2016Sucuri Webinar: Hacked Website Trend Report Q1/2016
Sucuri Webinar: Hacked Website Trend Report Q1/2016
 
Logs: Understanding Them to Better Manage Your WordPress Site
Logs: Understanding Them to Better Manage Your WordPress SiteLogs: Understanding Them to Better Manage Your WordPress Site
Logs: Understanding Them to Better Manage Your WordPress Site
 
Sucuri Webinar: Website Security for Web Agencies
Sucuri Webinar: Website Security for Web AgenciesSucuri Webinar: Website Security for Web Agencies
Sucuri Webinar: Website Security for Web Agencies
 
Sucuri Webinar: Defending Your Google Brand Reputation and Analytics Reports
Sucuri Webinar: Defending Your Google Brand Reputation and Analytics ReportsSucuri Webinar: Defending Your Google Brand Reputation and Analytics Reports
Sucuri Webinar: Defending Your Google Brand Reputation and Analytics Reports
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?
 
Sucuri Webinar: Impacts of a website compromise
Sucuri Webinar: Impacts of a website compromiseSucuri Webinar: Impacts of a website compromise
Sucuri Webinar: Impacts of a website compromise
 
Sucuri Webinar: Tis the Season for Credit Card Scraping and Malware Trends
Sucuri Webinar: Tis the Season for Credit Card Scraping and Malware Trends Sucuri Webinar: Tis the Season for Credit Card Scraping and Malware Trends
Sucuri Webinar: Tis the Season for Credit Card Scraping and Malware Trends
 
2018 Hacked Website Trends
2018 Hacked Website Trends2018 Hacked Website Trends
2018 Hacked Website Trends
 
Sucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best PerformanceSucuri Webinar: How to Optimize Your Website for Best Performance
Sucuri Webinar: How to Optimize Your Website for Best Performance
 
Sucuri Webinar: Leveraging Sucuri's API
Sucuri Webinar: Leveraging Sucuri's APISucuri Webinar: Leveraging Sucuri's API
Sucuri Webinar: Leveraging Sucuri's API
 
Webinar: CWAF for Mid Market/Enterprise Organizations
Webinar: CWAF for Mid Market/Enterprise OrganizationsWebinar: CWAF for Mid Market/Enterprise Organizations
Webinar: CWAF for Mid Market/Enterprise Organizations
 
WordPress Security - Learning From Hacks
WordPress Security - Learning From HacksWordPress Security - Learning From Hacks
WordPress Security - Learning From Hacks
 
Hacked - What do you do now?
Hacked - What do you do now?Hacked - What do you do now?
Hacked - What do you do now?
 
WordPress Security Begins With Good Posture
WordPress Security Begins With Good PostureWordPress Security Begins With Good Posture
WordPress Security Begins With Good Posture
 

Similar to Steps to Keep Your Site Clean

Securing your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupSecuring your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupOyster Bay Marauders LLC
 
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure WebsiteJoomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure WebsiteImperva Incapsula
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites Catch Themes
 
Passwords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to goPasswords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to goMichael Furman
 
So Your Company Hired A Pentester
So Your Company Hired A PentesterSo Your Company Hired A Pentester
So Your Company Hired A PentesterNorthBayWeb
 
Lesson 6 web based attacks
Lesson 6 web based attacksLesson 6 web based attacks
Lesson 6 web based attacksFrank Victory
 
Security Testing
Security TestingSecurity Testing
Security TestingISsoft
 
Professional WordPress Security: Beyond Security Plugins
Professional WordPress Security: Beyond Security PluginsProfessional WordPress Security: Beyond Security Plugins
Professional WordPress Security: Beyond Security PluginsChris Burgess
 
Owasp healthcare cms
Owasp healthcare cmsOwasp healthcare cms
Owasp healthcare cmsuisgslide
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing Priyanka Aash
 
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...IBM Security
 
WPSecurity best practices of securing a word press website
WPSecurity best practices of securing a word press websiteWPSecurity best practices of securing a word press website
WPSecurity best practices of securing a word press websiteDeola Kayode
 
How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014Primary Image Ltd
 
Reducing the Impact of Cyber Attacks
Reducing the Impact of Cyber AttacksReducing the Impact of Cyber Attacks
Reducing the Impact of Cyber AttacksJames Cash
 
Web Security Overview
Web Security OverviewWeb Security Overview
Web Security OverviewNoah Jaehnert
 
Be Securious – Hack Your Own Site for Better Security
Be Securious – Hack Your Own Site for Better SecurityBe Securious – Hack Your Own Site for Better Security
Be Securious – Hack Your Own Site for Better Securitysecuriously
 
Website essentials things every library website should have
Website essentials things every library website should haveWebsite essentials things every library website should have
Website essentials things every library website should haveBrian Pichman
 
The state of web applications (in)security @ ITDays 2016
The state of web applications (in)security @ ITDays 2016The state of web applications (in)security @ ITDays 2016
The state of web applications (in)security @ ITDays 2016Tudor Damian
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017TriNimbus
 

Similar to Steps to Keep Your Site Clean (20)

Pubcon Vegas Session - WordPress Site Security Audits
Pubcon Vegas Session - WordPress Site Security AuditsPubcon Vegas Session - WordPress Site Security Audits
Pubcon Vegas Session - WordPress Site Security Audits
 
Securing your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP MeetupSecuring your WordPress website - New Port Richey WP Meetup
Securing your WordPress website - New Port Richey WP Meetup
 
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure WebsiteJoomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
 
Building Secure WordPress Sites
Building Secure WordPress Sites Building Secure WordPress Sites
Building Secure WordPress Sites
 
Passwords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to goPasswords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to go
 
So Your Company Hired A Pentester
So Your Company Hired A PentesterSo Your Company Hired A Pentester
So Your Company Hired A Pentester
 
Lesson 6 web based attacks
Lesson 6 web based attacksLesson 6 web based attacks
Lesson 6 web based attacks
 
Security Testing
Security TestingSecurity Testing
Security Testing
 
Professional WordPress Security: Beyond Security Plugins
Professional WordPress Security: Beyond Security PluginsProfessional WordPress Security: Beyond Security Plugins
Professional WordPress Security: Beyond Security Plugins
 
Owasp healthcare cms
Owasp healthcare cmsOwasp healthcare cms
Owasp healthcare cms
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing
 
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
 
WPSecurity best practices of securing a word press website
WPSecurity best practices of securing a word press websiteWPSecurity best practices of securing a word press website
WPSecurity best practices of securing a word press website
 
How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014How to Secure your WordPress Website - WordCamp UK 2014
How to Secure your WordPress Website - WordCamp UK 2014
 
Reducing the Impact of Cyber Attacks
Reducing the Impact of Cyber AttacksReducing the Impact of Cyber Attacks
Reducing the Impact of Cyber Attacks
 
Web Security Overview
Web Security OverviewWeb Security Overview
Web Security Overview
 
Be Securious – Hack Your Own Site for Better Security
Be Securious – Hack Your Own Site for Better SecurityBe Securious – Hack Your Own Site for Better Security
Be Securious – Hack Your Own Site for Better Security
 
Website essentials things every library website should have
Website essentials things every library website should haveWebsite essentials things every library website should have
Website essentials things every library website should have
 
The state of web applications (in)security @ ITDays 2016
The state of web applications (in)security @ ITDays 2016The state of web applications (in)security @ ITDays 2016
The state of web applications (in)security @ ITDays 2016
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
 

More from Sucuri

Sucuri Webinar: Sucuri Introduces the Sales Enablement Department
Sucuri Webinar: Sucuri Introduces the Sales Enablement DepartmentSucuri Webinar: Sucuri Introduces the Sales Enablement Department
Sucuri Webinar: Sucuri Introduces the Sales Enablement DepartmentSucuri
 
Sucuri Webinar: Getting Started with Sucuri
Sucuri Webinar: Getting Started with SucuriSucuri Webinar: Getting Started with Sucuri
Sucuri Webinar: Getting Started with SucuriSucuri
 
Webinar: eCommerce Compliance - PCI meets GDPR
Webinar: eCommerce Compliance - PCI meets GDPRWebinar: eCommerce Compliance - PCI meets GDPR
Webinar: eCommerce Compliance - PCI meets GDPRSucuri
 
Webinar: 10 Consejos para Mejorar la Postura de Seguridad de tu Sitio Web
Webinar: 10 Consejos para Mejorar la Postura de Seguridad de tu Sitio WebWebinar: 10 Consejos para Mejorar la Postura de Seguridad de tu Sitio Web
Webinar: 10 Consejos para Mejorar la Postura de Seguridad de tu Sitio WebSucuri
 
Ecommerce Website Security
Ecommerce Website SecurityEcommerce Website Security
Ecommerce Website SecuritySucuri
 
Otimização de Websites para Ganho de Performance & Resiliência
Otimização de Websites para Ganho de Performance & ResiliênciaOtimização de Websites para Ganho de Performance & Resiliência
Otimização de Websites para Ganho de Performance & ResiliênciaSucuri
 
Guia de Segurança para WordPress
Guia de Segurança para WordPressGuia de Segurança para WordPress
Guia de Segurança para WordPressSucuri
 
Gambiarra e PHP. Por que você deveria usar um WAF?
Gambiarra e PHP. Por que você deveria usar um WAF?Gambiarra e PHP. Por que você deveria usar um WAF?
Gambiarra e PHP. Por que você deveria usar um WAF?Sucuri
 
Segurança para Agências: Proteja seus Clientes
Segurança para Agências: Proteja seus ClientesSegurança para Agências: Proteja seus Clientes
Segurança para Agências: Proteja seus ClientesSucuri
 
Seguridad para Agencias de Desarrollo Web: Protege tus Clientes y tu Negocio
Seguridad para Agencias de Desarrollo Web: Protege tus Clientes y tu NegocioSeguridad para Agencias de Desarrollo Web: Protege tus Clientes y tu Negocio
Seguridad para Agencias de Desarrollo Web: Protege tus Clientes y tu NegocioSucuri
 
WHDusa 2017: Bridging the Divide between Human Behavior & Security
WHDusa 2017: Bridging the Divide between Human Behavior & SecurityWHDusa 2017: Bridging the Divide between Human Behavior & Security
WHDusa 2017: Bridging the Divide between Human Behavior & SecuritySucuri
 
Sucuri Webinar: Beginner's Guide to CDNs
Sucuri Webinar: Beginner's Guide to CDNsSucuri Webinar: Beginner's Guide to CDNs
Sucuri Webinar: Beginner's Guide to CDNsSucuri
 

More from Sucuri (12)

Sucuri Webinar: Sucuri Introduces the Sales Enablement Department
Sucuri Webinar: Sucuri Introduces the Sales Enablement DepartmentSucuri Webinar: Sucuri Introduces the Sales Enablement Department
Sucuri Webinar: Sucuri Introduces the Sales Enablement Department
 
Sucuri Webinar: Getting Started with Sucuri
Sucuri Webinar: Getting Started with SucuriSucuri Webinar: Getting Started with Sucuri
Sucuri Webinar: Getting Started with Sucuri
 
Webinar: eCommerce Compliance - PCI meets GDPR
Webinar: eCommerce Compliance - PCI meets GDPRWebinar: eCommerce Compliance - PCI meets GDPR
Webinar: eCommerce Compliance - PCI meets GDPR
 
Webinar: 10 Consejos para Mejorar la Postura de Seguridad de tu Sitio Web
Webinar: 10 Consejos para Mejorar la Postura de Seguridad de tu Sitio WebWebinar: 10 Consejos para Mejorar la Postura de Seguridad de tu Sitio Web
Webinar: 10 Consejos para Mejorar la Postura de Seguridad de tu Sitio Web
 
Ecommerce Website Security
Ecommerce Website SecurityEcommerce Website Security
Ecommerce Website Security
 
Otimização de Websites para Ganho de Performance & Resiliência
Otimização de Websites para Ganho de Performance & ResiliênciaOtimização de Websites para Ganho de Performance & Resiliência
Otimização de Websites para Ganho de Performance & Resiliência
 
Guia de Segurança para WordPress
Guia de Segurança para WordPressGuia de Segurança para WordPress
Guia de Segurança para WordPress
 
Gambiarra e PHP. Por que você deveria usar um WAF?
Gambiarra e PHP. Por que você deveria usar um WAF?Gambiarra e PHP. Por que você deveria usar um WAF?
Gambiarra e PHP. Por que você deveria usar um WAF?
 
Segurança para Agências: Proteja seus Clientes
Segurança para Agências: Proteja seus ClientesSegurança para Agências: Proteja seus Clientes
Segurança para Agências: Proteja seus Clientes
 
Seguridad para Agencias de Desarrollo Web: Protege tus Clientes y tu Negocio
Seguridad para Agencias de Desarrollo Web: Protege tus Clientes y tu NegocioSeguridad para Agencias de Desarrollo Web: Protege tus Clientes y tu Negocio
Seguridad para Agencias de Desarrollo Web: Protege tus Clientes y tu Negocio
 
WHDusa 2017: Bridging the Divide between Human Behavior & Security
WHDusa 2017: Bridging the Divide between Human Behavior & SecurityWHDusa 2017: Bridging the Divide between Human Behavior & Security
WHDusa 2017: Bridging the Divide between Human Behavior & Security
 
Sucuri Webinar: Beginner's Guide to CDNs
Sucuri Webinar: Beginner's Guide to CDNsSucuri Webinar: Beginner's Guide to CDNs
Sucuri Webinar: Beginner's Guide to CDNs
 

Recently uploaded

Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...SUHANI PANDEY
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...singhpriety023
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)Delhi Call girls
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtrahman018755
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...SUHANI PANDEY
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...roncy bisnoi
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirtrahman018755
 
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.soniya singh
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge GraphsEleniIlkou
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...tanu pandey
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.soniya singh
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubaikojalkojal131
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...SUHANI PANDEY
 

Recently uploaded (20)

Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
 
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
 

Steps to Keep Your Site Clean

  • 1. Steps to a Clean Safe Site Jen Fisher, Product Support Analyst S U C U R I W E B I N A R
  • 2. Jen Fisher Product Support Analyst Tweet #AskSucuri to @SucuriSecurity W E B I N A R S P E A K E R
  • 3. Tweet #AskSucuri to @SucuriSecurity In this webinar you will learn: • What website security is and how to approach the subject when making your own plan • The various access points that most websites have • Simple ways to approach website security security • Intermediate ways to approach security • A few ways to increase your general security online
  • 4. Why is website security important? Accounted for 90% of all websites cleaned by Sucuri in 2018. Authorities detected only 11% of infected sites in 2018, a 6% drop from 2017. Increased by 14% to 51.3%, from 37% in Q3 2016. Increased to 56.4%, from 47% in 2017. WordPress Blacklist SEO Spam General Malware Ecommerce Outdated software continues to be the greatest vulnerability to these targets.
  • 5. What is website security? • Applied: to content via restrictions • Environmental: linked to security of hardware and work environments • Tangential: related to all accounts and individuals who may interact with content • Flexible: a compromise between existing risks and the level of time and interaction that you want to have • Active: Security is also a practice!
  • 6. Tweet #AskSucuri to @SucuriSecurity Can’t I just buy a service? Tweet #AskSucuri to @SucuriSecurity
  • 7. Tweet #AskSucuri to @SucuriSecurity Direct Points of Access What do we need to secure? Clients with hacked sites frequently ask "how did the intruder get in?“ Most sites can be accessed: • Via the hosting account • Via the control panel • Via an FTP, SFTP, or SSH connection • Via your CMS management panel, such as WP Admin • Via the database • Via the internet, publicly
  • 8. Tweet #AskSucuri to @SucuriSecurity Direct Points of Access How they do they get in? Tangentially, we also need to consider the ways that these elements can be accessed: • Email, for password recovery purposes • Your computer or device and the security there • The browser used on your computer or device • The way your data is being sent (HTTPS) • The security of the server on which your content is stored
  • 9. Tweet #AskSucuri to @SucuriSecurity Update, Update, Update Preventing the #1 cause of hacks As we mentioned earlier, outdated site elements are the number one cause of website infections. Updating your CMS isn’t the only thing you can do to avoid risks, however! Updates can be applied to: • Content Management Systems • Plugins • Themes • Extensions • Server-side platforms and security
  • 10. Tweet #AskSucuri to @SucuriSecurity Protecting Your Website Applying updates is helpful, but a fully updated site may still be at risk. Consider: • Avoiding pirated plugins & themes • Removing content that isn't in use • Limiting, monitoring, and auditing access regularly • Using 2FA wherever possible • Using strong random passwords (password managers) • Using only one security plugin • Using non-standard usernames • Applying an SSL
  • 11. Tweet #AskSucuri to @SucuriSecurity Have a “Plan B” Website security plan If your site is compromised, how can you most effectively react to mitigate the issue? Consider in advance of a compromise: • Points of access • Individuals with access • How you will update all passwords • How updated access can be sent securely • Will a backup save the day? • Assistance resources available to you
  • 12. Tweet #AskSucuri to @SucuriSecurity Intermediate options • Disallow PHP execution via .htaccess • Disallow file editing in wp-config.php via .htaccess (Sucuri plugin is a good free option) • IP-based limitations to WP-Admin pages • Limited access to wp_includes, images, and uploads folders • Restrict upload capabilities • Avoid renaming file extensions (ie: wp_config.php.bak), voiding restrictions
  • 13. Tweet #AskSucuri to @SucuriSecurity Fun security for fun internet users! • Use a script blocker • Antivirus programs with active protection • 2-factor authentication • Password managers • Be aware of social engineering & phishing risks • Discuss security requirements • Send sensitive info securely If you’re ever unsure, ask! Most online service providers will have documentation related to security, and the best of those will help formulate a security plan.
  • 14. Submit your questions to us at any time by tweeting us @SucuriSecurity using the hashtag #AskSucuri

Editor's Notes

  1. During this presentation, we'll discuss the ins and outs of website security! Using good security practices whether you're an internet user or a website owner is a great way to do your part to keep the entire web environment as clean and safe as possible. There are quite a few ways to increase your site’s security that are free, and relatively simple for anyone to apply
  2. These are blatantly Tony’s stats. - Roughly 33% of all sites on the internet use Wordpress as a CMS - In 2018, 90% of all sites cleaned by Sucuri were Wordpress sites - Can't rely on blacklisting - in 2018 blakclisting authorities detected only 11% of infected sites Rates of infection are on the rise You may be wondering….
  3. * here, we’ll fix the common malware definition * I’ll show you three common ways where malware hides * I’ll try to deobfuscate this magic word little bit And in the end of this webinar I’ll tell you something about… * * So what is malware >
  4. A lot of people buy a security solution and think they have mitigated *all* risks. When asking the question "is my site secure" please consider the subject to be a gradient rather than a simple "yes" or "no" question! A paid security service may be for you if: - Security isn't something you can find much time for - Site availability & brand reputation is of the utmost importance - You're new to the subject of security, and would like support to account for potentials as you learn Most paid services will not be able to address *all* security potentials, so it's important to also consider some basic security questions even if you have services through Sucuri or another website security service provider. On to the real content!
  5. Now that we've generally outlined what website security is, how do we begin to make things more secure? Outline the ways in which your site be accessed. What do we need to secure? When clients come to us with hacked sites, a frequent question that we see is "how did the intruder get in?" Most sites have multiple points of access, so we typically can't pinpoint a single security flaw. When thinking about security, it can be helpful to begin by listing all of the ways that your site files can be reached! Most sites can be accessed: - Via the hosting account - Via the control panel - Via an FTP, SFTP, or SSH connectiom - Via your CMS management panel, such as WP Admin - Via the database* This gets a little more in-depth, and we'll talk about this and public access security after we cover some basics - Publicly, via the internet
  6. Tangentially, we also need to consider the ways that *these* elements can be accessed: - Email, for password recovery purposes - Your computer or device and the security there - The browser used on your computer or device - The way your data is being sent (HTTPS) - The security of the server on which your content is stored
  7. As we mentioned earlier, outdated site elements are the number one cause of website infections. Updating your CMS isn’t the only thing you can do to avoid risks, however! Updates can be applied to: Content Management Systems Plugins Themes Extensions Server-side platforms and security
  8. Applying updates is helpful, but a fully updated site may still be at risk. Consider: Avoiding pirated plugins & themes Removing content that isn't in use Limiting, monitoring, and auditing access regularly Using 2FA wherever possible Using strong random passwords (password managers) Using only one security plugin Using non-standard usernames Applying an SSL. This won’t impact the security of your site, but it will increase safety for your visitors
  9. If your site is compromised, how can you most effectively react to mitigate the issue? This may vary from site to site, but often your host or developer can help to implement a plan for the worst-case scenario. - Keep backups! Outside of your hosting environment, if possible - Use an access management system (such as a password manager) to easily track access, update passwords easily, and share and revoke access securely
  10. ***beef these out a bit*** -Disallow file editing in WP-Config * - .htaccess limitations* - disable PHP execution in Uploads, WP-Includes (Plugin is a good free option: https://wordpress.org/plugins/sucuri-scanner/) - Avoid renaming wp-config to remove the file extension. (solidify details from Ben) - Put htaccess in wp includes, images, uploads folders. - No upload capabilities unless theyre secured (certain extensions)
  11. Script blockers Antivirus programs with active protection Be aware of and discuss the risks of social engineering or phishing * email addresses * links *phone and email requests -Discuss your security requirements Send information in secure ways If you’re ever unsure, ask! Most online service providers will have documentation related to security, and the best of those will be able to discuss security with you directly to help formulate a plan