Understanding and applying security to your WordPress installation (Intermediate)

Be prepared! Whether you are responsible only for running a single site for yourself, or maintaining dozens for your clients, you should know how to take reasonable precautions to secure WordPress against common attacks. We will review the types of active threats that WordPress sites face, how and why a site gets targeted, and then look at a variety of techniques for improving security.

  • Some areas we will cover:
  • Access controls
  • Htaccess recipes to block specific attack types
  • Moving key WordPress files to spoil scripting
  • Obfuscation methods
  • File permissions
  • Coordinating with a web host system administrator
  • Responding to an apparent hack

The overall goal will be to make your site(s) less attractive to opportunistic exploits, and give you a better sense of how to respond before (and, if necessary, after) a security breach.

Presentation slides can be found on the speaker’s site. Notes can be found there as well.

Speaker