Vladimir Smitka: WordPress through the bad guys’ glassed

Continue the discussion

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Published

December 30, 2019

Vladimír will give a 10-minute preview of common but not often-mentioned mistakes he saw during security scans of WordPress sites, specifically: Username and email leaking, full path disclosures, accessible backups, open .git repositories and DoS capable endpoints. He will also provide tips on how to reduce risks, where it is worth restricting access, how to enable Bcrypt password hashing and 2FA, and what configuration directives you need to check.

Rate this:

Event

WordCamp Europe 2019 41

Speakers

Vladimír Smitka 6

Tags

security 279

Language

English 8884

Download
MP4: Low, Med, High
OGG: Low
Subtitles
Subtitle this video →
Producer
%d bloggers like this: