wordpress security
DESCRIPTION
An introduction to WordPress SecurityTRANSCRIPT
![Page 1: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/1.jpg)
blogVAULT
http://blogvault.net
![Page 2: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/2.jpg)
blogVAULT
Akshat ChoudharyFounder, blogVault
WordPress Security
![Page 3: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/3.jpg)
blogVAULT
Sites get Hacked!
Why?
![Page 4: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/4.jpg)
blogVAULT
Fun and Profit
Why will some one hack a Site?
![Page 5: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/5.jpg)
blogVAULT
Fun: Because they can
![Page 6: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/6.jpg)
blogVAULT
Profit: To make money
SEOAffiliate ScamRedirect to a different sitePolitical defacementUse host for hacks
![Page 7: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/7.jpg)
blogVAULT
Vulnerabilities!
How?
![Page 8: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/8.jpg)
blogVAULT
Wordpress CorePluginsThemes
Where?
![Page 9: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/9.jpg)
blogVAULT
How do I know if I have been hacked?
![Page 10: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/10.jpg)
blogVAULT
Browser warning
![Page 11: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/11.jpg)
blogVAULT
Google Search Warning
![Page 12: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/12.jpg)
blogVAULT
Sucuri SiteCheck - Free Tool
![Page 13: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/13.jpg)
blogVAULT
Inspect Files
htaccessJavascript FilesUnknown PHP filesExisting PHP files
![Page 14: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/14.jpg)
blogVAULT
What to do when my site gets hacked?
![Page 15: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/15.jpg)
blogVAULT
Most reliable method
Recover from Backup
![Page 16: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/16.jpg)
blogVAULT
Not foolproof, costs money
Use Sucuri
![Page 17: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/17.jpg)
blogVAULT
Difficult Job. Don't take lightly.
Talk to an expert
![Page 18: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/18.jpg)
blogVAULT
Change Password
![Page 19: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/19.jpg)
blogVAULT
Removes existing sessions.
Change Authentication keys
![Page 20: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/20.jpg)
blogVAULT
Prevention is better than Cure
![Page 21: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/21.jpg)
blogVAULT
Update Wordpress / Plugins / Themes
![Page 22: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/22.jpg)
blogVAULT
Prevent SQL Injection attacks
Change Database Prefix
![Page 23: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/23.jpg)
blogVAULT
define('DISALLOW_FILE_EDIT', true);
Disable File Editor
![Page 24: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/24.jpg)
blogVAULT
Make Folders / Files Readonly
![Page 25: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/25.jpg)
blogVAULT
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cg
i
Prevent File Execution
![Page 26: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/26.jpg)
blogVAULT
Use SSL / Google Authenticator
![Page 27: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/27.jpg)
blogVAULT
Set Authentication Keysdefine('AUTH_KEY', 'put your unique phrase here');define('SECURE_AUTH_KEY', 'put your unique phrase here');define('LOGGED_IN_KEY', 'put your unique phrase here');define('NONCE_KEY', 'put your unique phrase here');define('AUTH_SALT', 'put your unique phrase here');define('SECURE_AUTH_SALT', 'put your unique phrase here');define('LOGGED_IN_SALT', 'put your unique phrase here');define('NONCE_SALT', 'put your unique phrase here');
![Page 28: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/28.jpg)
blogVAULT
remove admin user / hide wordpress version / ...
Security by Obscurity
![Page 29: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/29.jpg)
blogVAULT
e.g. use blogVAULT
Automatic Backups
![Page 30: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/30.jpg)
blogVAULT
What makes a good backup solution?
Complete - Database + FilesOffsite - Local backup is as good as noneRegular BackupHistory of backupTest the RestoreSecure Backup
![Page 31: WordPress security](https://reader035.vdocuments.us/reader035/viewer/2022081518/54c916cd4a7959057e8b4582/html5/thumbnails/31.jpg)
blogVAULT
Thank you
http://blogvault.net
We are Hiring!