The Toolbox, Inc
  • Facebook
  • Twitter
  • Youtube
  • Rss
  • Home
  • Events and Workshops
    • Web Development Workshops
      • Developing Your Website Plan Workshop
      • Beginners WordPress Workshop
      • Intermediate WordPress Workshop
      • WordPress SEO Workshop
    • Digital Marketing Workshops
      • Content Marketing – Building an Effective Marketing Strategy
      • Agile Marketing and Social Media Monitoring
      • Digital Marketing – Creating Content
      • Digital Marketing – Promoting Content
    • Calendar
  • About
    • Technology for Small Business
    • Toolbox Directors
    • Giving Back to the Community
    • Contact
  • Professional Resource Directory
    • Join the Directory
  • News
    • Social Media Marketing
    • Web Development
    • Tech Day Camp 2012

WordPress Security

Posted on September 12, 2014 by Tom Beach in News, Web Development
Home» News » WordPress Security
WordPress Security

With close to 23 percent of the web now running on WordPress, WordPress Security is becoming increasingly important. This video of Jesse Friedman’s (from BruteProtect) presentation “WordPress Security” at Boston WordPress Meetup covers several areas of concerns.

Jesse starts with 2 myths about WordPress Security:

1. Almost Everybody thinks that they are free from attach and not vulnerable. Websites, regardless of size, are attacked all the time

2. WordPress is not secure. WordPress core is completely secure, insecurities come when you add to it – i.e. plugins, widgets, etc. The number one place to be aware of is your password.

It’s important to accept that you will never be 100% secure. Attacks can come from your service provider, bad ftp security and a host of other places.

The most common type of attacks are:

1. Pharma/Affiliate

2. Link Injection

3. Hacktivism

4. Drive-by downloads

5. Redirection

6. Botnet Attacks

Botnet attacks are the most common. Hackers run a script to log into your site without care of what kind of site it is. To access your account they attempt to figure out your username and password. Once that is done they can unleash malicious code or what ever it is that they are trying to do. To help secure your site, make sure you are using a very secure password! For WordPress Security you can change the url of your admin page so that it’s harder to even find the page to login in the first place.

Direct attacks are the other thing that you need to worry about. You should be aware of your weakness and have a plan for them.

Here are some areas to be aware of for direct attacks on:

1. Public WiFi

2. FTP

3. Hosting environment

4. Plugins (active & inactive)

5. Themes (active & inactive)

6. Keep core up to date.

Some of the Basic Protections for WordPress Security can use are:

1. Keep core up to date

2. Keep Plugins up to date

3. Keep Themes up to date

4. Only use plugins you trust

5. Don’t give people more access than they need

6. Don’t send your passwords through email

Jesse goes on to give more suggestions and recomendations. It’s a great presentation on WordPress Security.

 

 

Comments are closed.

News

  • WordPress Security
  • 2 events with QCI
  • Slides for WordCamp Boston – Plugins talk 8/23/14
  • 10 Apps to Make Working Easier
  • Content Marketing Strategy
  • PodCamp Western Mass – WordPress Plugins & Security
  • Creating on the Fly Video & Video Ads
  • Optimizing Your Site With Analytics and Testing
  • Implementing Agile Marketing
  • The Role of Agile in Creating a World-Class Marketing Team

Sign up for Tech Day Camp News and Updates

* = required field

(c) 2014 The Toolbox, Inc