Website Security

The Big Picture with Simple Steps to Take

WordCamp Atlanta, 2017
Slides: https://adcwp.me/wcatl2017

Security is Scary

Or is it?

Types of Attacks

  • Brute Force
  • SQL Injection (SQLi)
  • Cross Site Scripting (XSS)
  • Cross-site Request Forgery (CSRF)
  • Inclusion Vulnerabilities (LFI and RFI)
  • Directory Traversal
  • Far FAR too many to list

Drastically Improve Security

With a Little Effort
and
Some Smart Decisions

Choose a Quality Host

Choose Quality Software

Plugins & Themes, as well as on your computer

Use a Password Manager

Makes it easier to have long, random, unique passwords everywhere.

Lastpass or 1Password are great options

Two Factor Auth

Add to WordPress using iThemes Security Pro or Two Factor

Use with Authy, Google Authenticator, or LastPass Authenticator

SSL

It’s not if you get attacked, but rather how you prevent it from being successful.

Gerroald Barron

Make it Hard on Them

  • Choose a Good Host
  • Choose Good Software
  • Use a Password Manager
  • Use Two Factor Authentication
  • SSL

 

See? Easy!

Q & A

 

Aaron D. Campbell – @AaronCampbell
GoDaddy

Slides: https://adcwp.me/wcatl2017

This presentation is running on WordPress using the Presenter plugin