January 6, 2016 — Prevention is the key to plugin vulnerabilities! Learn what to look for in your own code to help safeguard from potential issues. A step-by-step guide will be provided on how to avoid vulnerabilities and make your code more secure. With the generosity of popular plugin authors, we will review some recent vulnerabilities found, share how they fixed the problems and discuss the best methods for getting the word out about your plugin once it’s been securely updated. Yes, there will be code.
December 14, 2015 — Are you doing all you can before your website becomes accessible to billions of people? This talk is an overview of major elements to take into account before launching a successful WordPress website. Topics discussed include functionality, responsiveness, search engine optimization, speed, security, and backups.
December 11, 2015 — Last November, The New York Times challenged news sites to fully support HTTPS in 2015. What does it mean to meet that challenge? This session will discuss the problems we encountered moving to HTTPS (and how we solved them). We’ll then give you hands-on help with anything you need: server configuration, certificates, mixed-content warnings, CDNs — even ads, analytics and A/B tests.
December 11, 2015 — Earlier this year, we released a bug fix for one of the most complex and severe security issues WordPress has ever had – the Trojan Emoji bug. (So good it got its own name!)
In this talk, we’ll take a look at the initial report, reconstruct how we got to the eventual solution, and discuss what we learned along the way.
December 11, 2015 — WordPress is one of the most, if not the most, recognized website platform available in the market. Dominating over 25% of the market, it’s no surprise that it’s the preferred technology by marketers, sales professionals, small and large business alike, and those intent in nefarious actions.
It’s popularity is often attributed to it’s flexibility, usability and of-course, community. With all the positive though, there is and continues to be an overarching security shadow that gets introduced into every conversation.
In this presentation, we look to educate and bring awareness to the real challenges the platform faces when it comes to security. We will also dispel rumors and myths, while providing a realistic, objective, overview of the current state of security affairs in the WordPress ecosystem.
The web is a constantly evolving domain, making even the most skilled security professionals faint at the idea of staying ahead of the latest and emerging threats. We will provide perspective, and educate the masses around the things that really matter and the things being done to improve the online experience for millions.
December 7, 2015 — You always think it will never happen to you but when it does, it’s all hands on deck. My personal site was almost hacked and since then I actively looked at what I could improve. During this talk I will talk what I had before and show all the improvements I made since then. It will be a mixed of using using the existing tools and my own creation in managing my sites.
November 27, 2015 — A quick overview of managing WordPress from a systems administration perspective – installation, hardening, updating, backup and restore. I’ll spend some time discussing some of the security concerns inherent to a WordPress installation, including how to deal with spam, hostile crawlers and brute-force attacks.
November 22, 2015 — 継続的に行われるサイバー攻撃によって WordPress が狙われる例も少なくはありません！
本セッションでは WordPress に特化した攻撃を収集する独自ツールから得られた情報をもとに、