SlideShare a Scribd company logo

Introduction to WordPress Security

Nile Flores
Nile Flores

The document provides essential tips and advice on WordPress security, emphasizing the importance of protecting websites from random hacks, often executed by bots. Key recommendations include keeping WordPress core, themes, and plugins updated, implementing a backup strategy, using strong passwords, and utilizing security plugins. Additional resources and guidance for securing WordPress sites are also offered, targeting both novice and experienced users.

Technology
1 of 27
Downloaded 16 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
Introduction to WordPress Security By Nile Flores @blondishnet http://blondish.net
Objective ❏ Answer why security is important ❏ Basic WordPress security tips ❏ Some related general security tips that work hand-in-hand with WordPress security ❏ WordPress security plugin suggestions ❏ Resources to learn more about security
Introduction to WordPress Security
Introduction to WordPress Security
Introduction to WordPress Security
Introduction to WordPress Security
Why is WordPress security important? Your website may be your livelihood. Like getting insurance and putting an alarm on your home or car, implementing security techniques or “hardening” your site protects your investment.
Why you? It’s not about you. It’s not even about how much traffic you get. The hacks are usually with bots and done randomly.
Ways In ❏ Your Internet Service Provider/ includes Wifi ❏ Your Email ❏ Your Web Hosting Account ❏ Web Scripts/ Software (Yes, this includes WordPress)
Why do people hack? ❏ Make money ❏ Curiosity
So, how does WordPress get compromised? ❏ Brute Force through your login ❏ Theme files ❏ Plugin files ❏ WordPress core files ❏ FTP/ Cpanel/ Plesk ❏ Bot attack/ DDoS
Security is an ongoing process. Technology is always advancing, so you’re never going to be 100% secure.
HOWEVER… Remember that “insurance” part I mentioned?
#1 Piece of WordPress Security Advice ALWAYS keep your WordPress core, themes, and plugins up-to-date!
#2 Most Important Thing ALWAYS back up your website. Oh, and don’t just save the backup in one place. Store them in a couple places.
More WordPress Security Tips
Your Username Your username should never be “admin”
Your Password ❏ You should never use “password” for your password ❏ Use sites like LastPass.com to save passwords ❏ Use different passwords for different websites
Passwords (continued…) Try using a plugin that contains two-factor authentication. Clef Two-Factor Authentication is a cool one to use - http://bit.ly/1GK2OqB
WordPress Database Prefix Change your database prefix. (By default it’s wp_ )
Security Advice for Multiple Users ❏ Set their roles ❏ Don’t allow them full access to your web hosting account ❏ Remove users who are temporary tenants ❏ Don’t send their password from the WordPress admin panel
Themes ❏ Keep your theme up-to-date ❏ Consider child theming - http://bit.ly/1cjzSdt ❏ Vett your theme ❏ Remove themes that you’re not using
Plugins ❏ Keep your plugin up-to-date ❏ Vett your plugins before using ❏ Remove plugins that you’re not using
WordPress Security Plugins ❏ Brute Protect (included in Jetpack) - http: //bruteprotect.com/ ❏ iThemes Security - http://bit.ly/1cNkPpN ❏ Wordfence - http://bit.ly/1ikXHyS ❏ Sucuri Security - http://bit.ly/1He85sW
More WordPress Security Resources ❏ Codex (Hardening WordPress) - http://bit. ly/19fxUmu ❏ How to Secure Your WordPress Blog - http: //bit.ly/1dzTESE
Not code savvy? If you don’t know code and were hacked, don’t worry… there’s always someone out there that offers Hack cleanups, and also Security audit services.
Any Questions Nile Flores http://blondish.net Subscribe to my weekly newsletter! Twitter: @blondishnet Facebook: http://facebook.com/NileFlores SlideShare: http://slideshare.net/blondishnet All About WordPress group on Facebook

More Related Content

What's hot (20)

PPTX
Getting Started with Wordpress
Tom Semmes
 
PPTX
Resources and lessons for using WordPress in your business
Steven Slack
 
PPTX
Introduction to WordPress
Eunus Hosen
 
PPTX
Introduction to WordPress
Craig Bailey
 
KEY
WordPress for Beginners | WordCamp Birmingham
Brian Krogsgard
 
PPTX
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin Thomas
ResellerClub
 
PDF
The Child Theme Dilemma (EN) - Milano Edition
Torsten Landsiedel
 
PPTX
How to Clear WordPress Cache?
HTS Hosting
 
PPTX
Web development
Nikhil Charde
 
PDF
Empathetc Development
Kyle Evans
 
PPTX
WordPress Basics
Kyrie Tompkins
 
PPTX
WordCamp Denmark Keynote
Frederick Townes
 
PPTX
WordCamp Netherlands Keynote
Frederick Townes
 
PDF
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
Bhushan Jawle
 
PDF
Introduction to WordPress
Tanzeel Ahmad Mujahid
 
KEY
Word press 3 @ wordcamp
Tris Hussey
 
PPTX
Wp frameworks- WordCamp KTM #10
Suman Maharjan
 
PDF
From simple html to Wordpress
Steffen Muldbjerg
 
PDF
Wordpress CMS tutorial and guide manual
Ralph Francis Cue
 
PPT
Intro to WordPress Child Themes
vegasgeek
 
Getting Started with Wordpress
Tom Semmes
 
Resources and lessons for using WordPress in your business
Steven Slack
 
Introduction to WordPress
Eunus Hosen
 
Introduction to WordPress
Craig Bailey
 
WordPress for Beginners | WordCamp Birmingham
Brian Krogsgard
 
Ctrl+F5 Bangalore 2017: Super charge you word press website by Justin Thomas
ResellerClub
 
The Child Theme Dilemma (EN) - Milano Edition
Torsten Landsiedel
 
How to Clear WordPress Cache?
HTS Hosting
 
Web development
Nikhil Charde
 
Empathetc Development
Kyle Evans
 
WordPress Basics
Kyrie Tompkins
 
WordCamp Denmark Keynote
Frederick Townes
 
WordCamp Netherlands Keynote
Frederick Townes
 
WordPress Security : What We Learnt When We Were Hacked : WordCamp Mumbai 2017
Bhushan Jawle
 
Introduction to WordPress
Tanzeel Ahmad Mujahid
 
Word press 3 @ wordcamp
Tris Hussey
 
Wp frameworks- WordCamp KTM #10
Suman Maharjan
 
From simple html to Wordpress
Steffen Muldbjerg
 
Wordpress CMS tutorial and guide manual
Ralph Francis Cue
 
Intro to WordPress Child Themes
vegasgeek
 

Viewers also liked (20)

PPTX
PSD to WordPress
Nile Flores
 
PDF
Making Money Using WordPress
Nile Flores
 
PDF
How Blogging Can Benefit Your Business
Nile Flores
 
PDF
WordPress Custom Post Types
Nile Flores
 
PDF
How to Make the Most out of Yoast SEO
Nile Flores
 
PDF
Design and Development Techniques for Accessibility: WordCamp Tampa 2015
Robert Jolly
 
PDF
Miglioriamo le performance di wordpress
GGDBologna
 
PPTX
Using Curated Content in WordPress - Why and How
Adam W. Warner
 
PPT
Wordpress para seus Clientes
Thiago Simões (Ted k')
 
PPTX
Creating and Managing Content on Your WordPress Site
Kelly Henderson
 
PDF
Cain & Obenland — Episode 4
Konstantin Obenland
 
PDF
Power Up Your Non-Profit Website With WordPress
Raymund Mitchell
 
PPTX
Social SEO For Business
Digital Strategy Works LLC
 
PPTX
Build your website before you install wordpress.
Russell Aaron
 
PPTX
Reno-Tahoe WordCamp 2011 - WordPress End User Security - Dre Armeda
Dre Armeda
 
PDF
WordCamp Nashville: Clean Code for WordPress
mtoppa
 
PDF
Categories, Tags, Custom Post Types! Oh My!
sprclldr
 
KEY
A house with no walls: Creating a site structure for the future
Gizmo Creative Factory, Inc.
 
PPTX
Work, Life, Blog Balance
Alicia Murray
 
PDF
WordPress Community: Choose your own adventure
Andrea Middleton
 
PSD to WordPress
Nile Flores
 
Making Money Using WordPress
Nile Flores
 
How Blogging Can Benefit Your Business
Nile Flores
 
WordPress Custom Post Types
Nile Flores
 
How to Make the Most out of Yoast SEO
Nile Flores
 
Design and Development Techniques for Accessibility: WordCamp Tampa 2015
Robert Jolly
 
Miglioriamo le performance di wordpress
GGDBologna
 
Using Curated Content in WordPress - Why and How
Adam W. Warner
 
Wordpress para seus Clientes
Thiago Simões (Ted k')
 
Creating and Managing Content on Your WordPress Site
Kelly Henderson
 
Cain & Obenland — Episode 4
Konstantin Obenland
 
Power Up Your Non-Profit Website With WordPress
Raymund Mitchell
 
Social SEO For Business
Digital Strategy Works LLC
 
Build your website before you install wordpress.
Russell Aaron
 
Reno-Tahoe WordCamp 2011 - WordPress End User Security - Dre Armeda
Dre Armeda
 
WordCamp Nashville: Clean Code for WordPress
mtoppa
 
Categories, Tags, Custom Post Types! Oh My!
sprclldr
 
A house with no walls: Creating a site structure for the future
Gizmo Creative Factory, Inc.
 
Work, Life, Blog Balance
Alicia Murray
 
WordPress Community: Choose your own adventure
Andrea Middleton
 
Ad

Similar to Introduction to WordPress Security (20)

PPTX
WordPress End-User Security
Dre Armeda
 
PDF
Word press security checklist
Sanjay Dabhoya
 
PDF
Secure wordpress
Prabesh Thapa
 
PDF
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
StuartJDavidson.com
 
PPTX
WordPress security
Shelley Magnezi
 
PDF
WordPress Security Basics
Ryan Plas
 
PPT
WordPress Setup and Security (Please look for the newer version!)
Michael Carnell
 
PDF
I Have My WordPress Site Now What?
Michele Butcher-Jones
 
PPTX
Word press security 101 2018
Laura Hartwig
 
PPTX
Securing your WordPress website - New Port Richey WP Meetup
Oyster Bay Marauders LLC
 
PDF
Security, more important than ever!
Marko Heijnen
 
PDF
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
Acodez IT Solutions
 
PPTX
Simple Ways to Secure and Maintain Your WordPress Website
Rich Plakas
 
PPTX
Protect Your WordPress From The Inside Out
SiteGround.com
 
PPTX
How To Lock Down And Secure Your Wordpress
Chelsea O'Brien
 
PDF
WordPress Security Best Practices 2019 Update
Zero Point Development
 
PPTX
WordPress Security - WordPress Meetup Copenhagen 2013
Thor Kristiansen
 
PDF
Word press beirut 9th meetup march
Fadi Nicolas Zahhar
 
PDF
Responsible [digital] Home Ownership
Denise (Dee) Teal
 
ODP
WordPress Security - Kulpreet Singh
guest4fe370
 
WordPress End-User Security
Dre Armeda
 
Word press security checklist
Sanjay Dabhoya
 
Secure wordpress
Prabesh Thapa
 
WORDPRESS SECURITY: HOW TO AVOID BEING HACKED
StuartJDavidson.com
 
WordPress security
Shelley Magnezi
 
WordPress Security Basics
Ryan Plas
 
WordPress Setup and Security (Please look for the newer version!)
Michael Carnell
 
I Have My WordPress Site Now What?
Michele Butcher-Jones
 
Word press security 101 2018
Laura Hartwig
 
Securing your WordPress website - New Port Richey WP Meetup
Oyster Bay Marauders LLC
 
Security, more important than ever!
Marko Heijnen
 
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
Acodez IT Solutions
 
Simple Ways to Secure and Maintain Your WordPress Website
Rich Plakas
 
Protect Your WordPress From The Inside Out
SiteGround.com
 
How To Lock Down And Secure Your Wordpress
Chelsea O'Brien
 
WordPress Security Best Practices 2019 Update
Zero Point Development
 
WordPress Security - WordPress Meetup Copenhagen 2013
Thor Kristiansen
 
Word press beirut 9th meetup march
Fadi Nicolas Zahhar
 
Responsible [digital] Home Ownership
Denise (Dee) Teal
 
WordPress Security - Kulpreet Singh
guest4fe370
 
Ad

More from Nile Flores (16)

PDF
Practical SEO for WordPress Bloggers
Nile Flores
 
PDF
Make Money with WordPress for Bloggers
Nile Flores
 
PDF
Social Media 101 for WordPress
Nile Flores
 
PDF
Google Quality Guidelines 101 for WordPress Bloggers
Nile Flores
 
PDF
Troubleshooting WordPress
Nile Flores
 
PDF
How You Can Contribute to WordPress
Nile Flores
 
PDF
Basic Plugin Recommendations to get your WordPress Website Started
Nile Flores
 
PDF
Podcasting for WordPress
Nile Flores
 
PDF
WordPress SEO: Getting Back to the Basics
Nile Flores
 
PPTX
Typography for WordPress
Nile Flores
 
PPT
WordPress for business
Nile Flores
 
PDF
Avoiding Bloggers Block
Nile Flores
 
PPTX
Introduction to Wordpress Theme Development
Nile Flores
 
PPT
Rocking Out Your Site With WordPress
Nile Flores
 
PPT
Setting Up your WordPress Site like a Pro
Nile Flores
 
PPTX
WordPress Tools and Tips for any Niche
Nile Flores
 
Practical SEO for WordPress Bloggers
Nile Flores
 
Make Money with WordPress for Bloggers
Nile Flores
 
Social Media 101 for WordPress
Nile Flores
 
Google Quality Guidelines 101 for WordPress Bloggers
Nile Flores
 
Troubleshooting WordPress
Nile Flores
 
How You Can Contribute to WordPress
Nile Flores
 
Basic Plugin Recommendations to get your WordPress Website Started
Nile Flores
 
Podcasting for WordPress
Nile Flores
 
WordPress SEO: Getting Back to the Basics
Nile Flores
 
Typography for WordPress
Nile Flores
 
WordPress for business
Nile Flores
 
Avoiding Bloggers Block
Nile Flores
 
Introduction to Wordpress Theme Development
Nile Flores
 
Rocking Out Your Site With WordPress
Nile Flores
 
Setting Up your WordPress Site like a Pro
Nile Flores
 
WordPress Tools and Tips for any Niche
Nile Flores
 

Recently uploaded (20)

PDF
TrustArc Webinar - Data Privacy Trends 2025: Mid-Year Insights & Program Stra...
TrustArc
 
PDF
Français Patch Tuesday - Juillet
Ivanti
 
PDF
Predicting the unpredictable: re-engineering recommendation algorithms for fr...
Speck&Tech
 
PDF
Building Real-Time Digital Twins with IBM Maximo & ArcGIS Indoors
Safe Software
 
PDF
The Builder’s Playbook - 2025 State of AI Report.pdf
jeroen339954
 
PPTX
WooCommerce Workshop: Bring Your Laptop
Laura Hartwig
 
PDF
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
PPTX
Building a Production-Ready Barts Health Secure Data Environment Tooling, Acc...
Barts Health
 
PPTX
Building and Operating a Private Cloud with CloudStack and LINBIT CloudStack ...
ShapeBlue
 
PPTX
Building Search Using OpenSearch: Limitations and Workarounds
Sease
 
PDF
Women in Automation Presents: Reinventing Yourself — Bold Career Pivots That ...
DianaGray10
 
PPTX
UiPath Academic Alliance Educator Panels: Session 2 - Business Analyst Content
DianaGray10
 
PDF
Rethinking Security Operations - SOC Evolution Journey.pdf
Haris Chughtai
 
PDF
Blockchain Transactions Explained For Everyone
CIFDAQ
 
PPTX
Top iOS App Development Company in the USA for Innovative Apps
SynapseIndia
 
PDF
Impact of IEEE Computer Society in Advancing Emerging Technologies including ...
Hironori Washizaki
 
PPT
Interview paper part 3, It is based on Interview Prep
SoumyadeepGhosh39
 
PDF
Chris Elwell Woburn, MA - Passionate About IT Innovation
Chris Elwell Woburn, MA
 
PDF
Wojciech Ciemski for Top Cyber News MAGAZINE. June 2025
Dr. Ludmila Morozova-Buss
 
PDF
Windsurf Meetup Ottawa 2025-07-12 - Planning Mode at Reliza.pdf
Pavel Shukhman
 
TrustArc Webinar - Data Privacy Trends 2025: Mid-Year Insights & Program Stra...
TrustArc
 
Français Patch Tuesday - Juillet
Ivanti
 
Predicting the unpredictable: re-engineering recommendation algorithms for fr...
Speck&Tech
 
Building Real-Time Digital Twins with IBM Maximo & ArcGIS Indoors
Safe Software
 
The Builder’s Playbook - 2025 State of AI Report.pdf
jeroen339954
 
WooCommerce Workshop: Bring Your Laptop
Laura Hartwig
 
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
Building a Production-Ready Barts Health Secure Data Environment Tooling, Acc...
Barts Health
 
Building and Operating a Private Cloud with CloudStack and LINBIT CloudStack ...
ShapeBlue
 
Building Search Using OpenSearch: Limitations and Workarounds
Sease
 
Women in Automation Presents: Reinventing Yourself — Bold Career Pivots That ...
DianaGray10
 
UiPath Academic Alliance Educator Panels: Session 2 - Business Analyst Content
DianaGray10
 
Rethinking Security Operations - SOC Evolution Journey.pdf
Haris Chughtai
 
Blockchain Transactions Explained For Everyone
CIFDAQ
 
Top iOS App Development Company in the USA for Innovative Apps
SynapseIndia
 
Impact of IEEE Computer Society in Advancing Emerging Technologies including ...
Hironori Washizaki
 
Interview paper part 3, It is based on Interview Prep
SoumyadeepGhosh39
 
Chris Elwell Woburn, MA - Passionate About IT Innovation
Chris Elwell Woburn, MA
 
Wojciech Ciemski for Top Cyber News MAGAZINE. June 2025
Dr. Ludmila Morozova-Buss
 
Windsurf Meetup Ottawa 2025-07-12 - Planning Mode at Reliza.pdf
Pavel Shukhman
 

Introduction to WordPress Security

  • 1. Introduction to WordPress Security By Nile Flores @blondishnet http://blondish.net
  • 2. Objective ❏ Answer why security is important ❏ Basic WordPress security tips ❏ Some related general security tips that work hand-in-hand with WordPress security ❏ WordPress security plugin suggestions ❏ Resources to learn more about security
  • 7. Why is WordPress security important? Your website may be your livelihood. Like getting insurance and putting an alarm on your home or car, implementing security techniques or “hardening” your site protects your investment.
  • 8. Why you? It’s not about you. It’s not even about how much traffic you get. The hacks are usually with bots and done randomly.
  • 9. Ways In ❏ Your Internet Service Provider/ includes Wifi ❏ Your Email ❏ Your Web Hosting Account ❏ Web Scripts/ Software (Yes, this includes WordPress)
  • 10. Why do people hack? ❏ Make money ❏ Curiosity
  • 11. So, how does WordPress get compromised? ❏ Brute Force through your login ❏ Theme files ❏ Plugin files ❏ WordPress core files ❏ FTP/ Cpanel/ Plesk ❏ Bot attack/ DDoS
  • 12. Security is an ongoing process. Technology is always advancing, so you’re never going to be 100% secure.
  • 14. #1 Piece of WordPress Security Advice ALWAYS keep your WordPress core, themes, and plugins up-to-date!
  • 15. #2 Most Important Thing ALWAYS back up your website. Oh, and don’t just save the backup in one place. Store them in a couple places.
  • 17. Your Username Your username should never be “admin”
  • 18. Your Password ❏ You should never use “password” for your password ❏ Use sites like LastPass.com to save passwords ❏ Use different passwords for different websites
  • 19. Passwords (continued…) Try using a plugin that contains two-factor authentication. Clef Two-Factor Authentication is a cool one to use - http://bit.ly/1GK2OqB
  • 20. WordPress Database Prefix Change your database prefix. (By default it’s wp_ )
  • 21. Security Advice for Multiple Users ❏ Set their roles ❏ Don’t allow them full access to your web hosting account ❏ Remove users who are temporary tenants ❏ Don’t send their password from the WordPress admin panel
  • 22. Themes ❏ Keep your theme up-to-date ❏ Consider child theming - http://bit.ly/1cjzSdt ❏ Vett your theme ❏ Remove themes that you’re not using
  • 23. Plugins ❏ Keep your plugin up-to-date ❏ Vett your plugins before using ❏ Remove plugins that you’re not using
  • 24. WordPress Security Plugins ❏ Brute Protect (included in Jetpack) - http: //bruteprotect.com/ ❏ iThemes Security - http://bit.ly/1cNkPpN ❏ Wordfence - http://bit.ly/1ikXHyS ❏ Sucuri Security - http://bit.ly/1He85sW
  • 25. More WordPress Security Resources ❏ Codex (Hardening WordPress) - http://bit. ly/19fxUmu ❏ How to Secure Your WordPress Blog - http: //bit.ly/1dzTESE
  • 26. Not code savvy? If you don’t know code and were hacked, don’t worry… there’s always someone out there that offers Hack cleanups, and also Security audit services.
  • 27. Any Questions Nile Flores http://blondish.net Subscribe to my weekly newsletter! Twitter: @blondishnet Facebook: http://facebook.com/NileFlores SlideShare: http://slideshare.net/blondishnet All About WordPress group on Facebook