Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Transcript of Wordpress Security
it's not just Wordpress. As breaking your door is not the only way to take your money.
0. Workstation Security
There are forums to sell wp-admin and joomla admin by the thousands (antichat.ru). Secure admin e-mail (gmail + 2 factor auth), updates, non-cracked OS/Software, etc.
Secure WP Install
prefix, password, username, secret key generator, change admin ID via phpmyadmin (and uninstall phpmyadmin from your VPS after that).
Shared hosting? Security?
Keepass PasswordX 2.x
VPS security: fail2ban & logwatch, logwatch | less
IN CASE SHIT: proper forensic log preservation: compress /var/log, copy the archive, work with the copy.
Plugins: trial and error, but:
2. http://wordpress.org/extend/plugins/wp-dbmanager - not just for backups. It's a red flag for MySQL vulnerabilities.
3. 2 factor auth.
4. hide ALL directories, ban ALL the offenders FOREVER. boatload of plugins for that.
$20/mo if you can afford it
by Alexander Sverdlov - http://nopasara.com