Website Security

The Big Picture with Simple Steps to Take

WordCamp Europe 2016 Logo

WordCamp Europe, 2016
Slides: https://adcwp.me/wceu2016

Aaron D. Campbell

Aaron D. Campbell – http://AaronDCampbell.com/
aaron@ithemes.com – @AaronCampbell
http://profiles.wordpress.org/aaroncampbell/

Security is Scary

Or is it?

Types of Attacks

  • Brute Force
  • SQL Injection (SQLi)
  • Cross Site Scripting (XSS)
  • Cross-site Request Forgery (CSRF)
  • Inclusion Vulnerabilities (LFI and RFI)
  • Directory Traversal
  • Far FAR too many to list

Drastically Improve Security

 

With a Little Effort
and
Some Smart Decisions

Choose a Quality Host

Choose Quality Software

Plugins & Themes, as well as on your computer

Use a Password Manager

Makes it easier to have long, random, unique passwords everywhere.

Lastpass or 1Password are great options

Two Factor Auth

Add to WordPress using iThemes Security Pro or Two Factor

Use with Authy, Google Authenticator, or LastPass Authenticator

It’s not if you get attacked, but rather how you prevent it from being successful.

Make it Hard on Them

  • Choose a Good Host
  • Choose Good Software
  • Use a Password Manager
  • Use Two Factor Authentication

 

See? Easy!

Q & A

Aaron D. Campbell – http://AaronDCampbell.com/
aaron@ithemes.com – @AaronCampbell
http://profiles.wordpress.org/aaroncampbell/

Slides: https://adcwp.me/wceu2016

This presentation is running on WordPress using the Presenter plugin

https://adcwp.me/wceu2016