Upload
michele-butcher
View
502
Download
0
Embed Size (px)
Citation preview
• WordPress Specialist, Site Cleaner, and Trainer for WP Security Lock
• WordPress Evangelist for InMotion Hosting
• Geek behind Can’t Speak Geek
• Beginners and Intermediate WordPress Instructor
Michele Butcher
If you are writing your own content, be comfortable with
the dashboard when you make the decision to do it alone.
Ask for tutorials or search the web to learn before you try to do it alone.
The first thing to remember is that if you do not click save
at the end, it did not happen.
Save and save often
• Always save to someplace OTHER than your server
• Save them to Dropbox, AWS, email, or your local machine
• Have them scheduled to be made daily or at least weekly
Backup and backup often!
Updates are important!Update core. Update themes update plugins!
The biggest reasons of updates is typically security or feature related.
The biggest source of nearly all hacks is due to lack of updating.
When you see the little red circle beside the Dashboard button means
you have updates needing to be done
Always make a backup before you update for safe measures.
When it comes to updating if you use Envato products (ThemeForest and
CodeCanyon) always check the box in the downloads to be notified of updates.
That is the only way you will know if any of their products need to be updated.
This is why the RevSlider infection was so widespread. Many did not even know the plugin was built into their theme.
It is more important to secure all the things BEFORE something happens!
Many have yet to learn this!Every single day hackers find new ways to get your information.
Todays features are tomorrow’s vulnerabilities.
Stop them before they stop you
• They guess your login information
• Denial of Service Attack (DDoS)
• Through a file in a theme, plugin, or anything on your server where they found an exploit
• Through your FTP and/or cPanel configuration
How do they get in?
Never ever never use “admin” as a username or “password” as
password on any of the things. NEVER!!!!
Any questions?
Adm1n and Pa55w0rd do not count either!
Only give users the access they need
Just because they want to be an admin does not mean they should.
Guest bloggers should rarely every be anything more than a contributor.
Sometimes they do not need access to all the things
If it is a temporary login, delete the user when they are done
doing all of their thingsIf they do have posts, you can convert them to different users
or make them a subscriber with limited access.
Set up file detection to make sure nothing ever
sneaks in.Many security plugins like iThemes Security and
WordFence will alert you when files have been changed
• iThemes Security (Free and Pro version
• Sucuri Firewall
• WordFence Security
• Jetpack with Brute Protect and Vault Press
Security Plugins I recommend
Only keep the plugins and themes you have active on
your site.An uninstalled plugin or theme is not a potential vulnerability.
Use the plugins repo favorites option to keep a list of your favorite plugins
Malware Scanning? Do I need it?
• Google Webmaster Tools
• Sucuri Scanner (Built in iThemes Security now)
• VirusTotal
If you feel your site could be infected, first do a malware scan. There are also plugins that can scan your site manually.
Do your due diligence when looking at new themes and plugins. Do not pick one just because it is shiny and pretty.
Do not add every theme you think is pretty when you decide to change a theme.
Only keep the theme you are using and one backup theme on your site.
The more themes that are on a site, the more open chances you have to a vulnerability
Don't ever let your site get too lonely.
No one knows your website better than you do. Check on the front end just as much as your backend.
If you have questions take to the web
There are many resources you have at your fingertips that can help you do more with your website.
• codex.WordPress.org • WordPress forums for themes, plugins, and core • Twitter • Facebook • Third Party websites
Back everything up and back it up often!
No one wants to lose their information stored on their computer.
Bitcasa Caronbinte External Harddrives