beginner wordpress security...*tutorial* secure file permissions how secure is your site if anyone...
TRANSCRIPT
![Page 1: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/1.jpg)
Beginner WordPress Security
Tips to Help Secure Your WordPress Site
WordCamp Oklahoma City, 2016#WCOKC
![Page 3: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/3.jpg)
Why Would Someone Want to Hack My Site?
![Page 4: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/4.jpg)
There are currently over 1 Billion websites on the web.
WordPress powers about 25% of them.
https://sucuri.net/website-security/website-hacked-report
![Page 5: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/5.jpg)
You’re likely not the target, WordPress is.
![Page 6: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/6.jpg)
![Page 7: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/7.jpg)
It’s not about if you get attacked, but rather how to prevent it from
being successful.
![Page 8: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/8.jpg)
If you know your passwords, they’re likely too weak.
Strong Passwords
![Page 9: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/9.jpg)
Two-Factor Authentication
Two-Factor Authentication is not a mere nuisance, it’s Real Security.
![Page 10: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/10.jpg)
Changing the SaltsSalted Keys further protect your login credentials stored in your cookies.
https://api.wordpress.org/secret-key/1.1/salt/
*tutorial*
![Page 11: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/11.jpg)
Secure File Permissions
How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are a must.
![Page 12: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/12.jpg)
Using sFTP Encryption vs FTP
The sFTP and FTP protocols both transfer data; that’s where their similarities end.
![Page 13: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/13.jpg)
FTP stands for File Transfer Protocol
sFTP stands for SSH File Transfer Protocol
FTP transfers data between two remote connections in plain text.
sFTP ensures that data is securely transferred privately with use of the SSH2 protocol.
![Page 14: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/14.jpg)
SSL (Secure Sockets Layer)
What is it? Why should I use it?
![Page 15: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/15.jpg)
SSL creates an encrypted connection between your web server and your visitors' web
browser.
![Page 16: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/16.jpg)
HTTP stands for Hyper Text Protocol
HTTPS stands for Hyper Text Protocol Secure
When using HTTP to transfer information, it’s relatively easy for a knowledgable person to intercept and view it.
When using HTTPS, if anyone is able to intercept it, they still won’t be able to decipher it because it’s encrypted.
SSLSecure Socket Layers is the security used during the transfer
while using HTTPS.
https://letsencrypt.org/
![Page 17: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/17.jpg)
![Page 18: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/18.jpg)
Maintenance
Keep WordPress Core up to date. Keep your plugins and themes up to date. Regularly update your passwords. Remove plugins, themes and users that aren't being used. ALWAYS have a recent backup.
![Page 19: Beginner WordPress Security...*tutorial* Secure File Permissions How secure is your site if anyone can view or write to your server files? It’s not. Secure file permissions are](https://reader034.vdocuments.net/reader034/viewer/2022051904/5ff5515c9d5a9e57b30896b1/html5/thumbnails/19.jpg)
SummaryUse a strong password with the help of a password manager
Two-Factor for ALL THE THINGS
Regularly change your Salts
Use secure file permissions
Use sFTP when ever possible
Use SSL on all of your sites
Please keep your site and everything on it up to date