|

WordCamp US 2019 – Securing WordPress in the age of 0-Day Vulnerabilities – Rahul Nagare

ByTim Nolte Updated on
SlidesDownload

scaledynamix.com/WCUS

0-Day Vulnerabilities

  • Recently discovered
  • No current fix
  • Already being attacked

Reference – wpvulndb.com

Why My Site?

  • They want to send your traffic somewhere else to boost SEO rank
  • They want to use your site as a “bot” to attack a targeted site.

How Do You Protect Your Site?

Protection Against Redirects

  • Hardcode your site/home URL
  • Protect your wp-config.php

Protect Against Automated Plugin Updates

  • Limit access to wp-admin, white-list admin IPs

Protect Against Code Injections

  • Block all POST requests without a valid referrer
  • Set Content-Security-Policy header

You still need to follow the standard security best practices

Technical Architect

A Christ-follower, husband, father, and WordPress Developer with Forum One.

Similar Posts

Not A Good First Impression of WordPress 5.9 Fresh Install
|

Not A Good First Impression of WordPress 5.9 Fresh Install

ByTim Nolte
Looks like they had better roll out the 5.9.1 patch ASAP. #WordPress #5.9 #bugs #FirstImpressions
| | | |

WordPress Meetup 3/21/19

ByTim Nolte
Show & Tell WPRig – Morten Rand-Hendrickson (to be next guest speaker) Bold Grid Cloud WordPress Repo Testing – WordPress Theme/Plugin Tester Poopy.Life – Temporary WordPress Installs BrowserStack – Website/Browser Testing Service Grav – Static Site CMS Statamic – Static Site Generator Hugo – Static Site Generator Strattic – Static Site Generator for WordPress Caldera…
|

WordCamp US 2019 – Just Enough React for WordPress – Shannon Smith

ByTim Nolte
New Block Editor Discover the Possibilities Block templates Blocks instead of custom fields, shortcodes, etc How Does the New Block Editor Work? Uses React, JavaScript/JSX Blocks are like plugins There is a Core Layer & Editorial Layer React abstraction is built-in Cool Stuff Blocks can be reusable Backend Workflow-only blocks Block level locking – you…
|

WordCamp US 2019 – Technical SEO Checklist: How to Optimize a WordPress Site for Search Engine Crawlers – Pam Aungst

ByTim Nolte
Why SEO is Important For search engines Why Technical SEO is Super Important Search Engines: Crawl / Index / Rank If technical SEO isn’t working search engines can’t crawl/index/rank. Visitors wont’ find your site. The Ultimate SEO Checklist Basic/Traditional Items Domain & CMS Run by a well designed platform Meta Robots Search Engine Visibility checkbox…

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)