Level Up Your WordPress Security

I had an amazing time speaking and networking at the #WPCampus Event in Buffalo this past weekend.  I was fortunate to be able to share some insight on the realm of Security, and make it (hopefully) more than a fruitless, confusion quest.

First of all, here are my slides:

And now, the caveats/prologues:

  • I had someone reach out on Twitter and mention that the 56% was too low of a number to spend so much time on. We’ve since connected and expounded on that, but the biggest thing I want to mention is that this is a talk from the perspective of the WordPress user/administrator.  There are TONS of other ways that someone can hack into your website, and a lot of them have nothing to do with your code:
    • Social Engineering – people playing fast and loose with user information that protects their password identity
    • A 3rd party hack – Website A gets hacked, and since the passwords were stored incorrectly there that allows the hacker to gain access to Website B through the same password.
    • Bad Passwords – dictionary attacks on passwords that are just plain bad can be brute-forced and overcome in a few minutes (unless you disallow access based on failed password attempts!)
  • A lot of attendees explained that they don’t have a lot of control over the server-side of things. That’s fine – that’s why I positioned it like I did (as something that’s innate, but that you may not have a lot of sway over). That’s why the site-specific stuff is so important. It allows you to do something to prevent baddies from gettting in.
  • There are more items coming out nearly daily, which is why the external resources and information gathering is so important. Education on a problem means you know what to look for and how to fix it!

Thanks to everyone that came to the sessions – I hope I was able to teach something, and that you come away knowing even a tiny bit more about security than you did when you came in!

Continue Reading...

Contact/Hire Mitch

Want to book Mitch for a speaking event at your business or church?

Or does your business or project need some amazing design / development muscle?

Use the form below!


Don’t worry - your information is safe with us! We dont’ sell it, and we don’t like people who do!

Please only contact Mitch related to speaking engagements, projects, or personal messages.

NO SPAM EMAILS, PLEASE!