October 20, 2020 — This year has been a year like no other, challenging each of us to rethink how we work, play, relate and create in our community and our lives. To think of thriving in such uncertain times seems like a challenge in and of itself. As digital creators using WordPress, we have an empowering foundation available to not only create security for ourselves, but also for those we connect with. Though the times might be uncertain, our capabilities and tools aren’t. By staying focused on our purpose as creators, we can find our way to thrive and stay secure no matter what is happening around us.
July 11, 2020 — In this talk, we’ll discuss the importance of the SPF, DKIM, and DMARC email security protocols and how to use them to help prevent phishing and spam email. Without these protocols in place, other people may be sending emails under your domain name or even manipulating the content of your emails.
June 16, 2020 — 開場白與講者自介 什麼是網路爬蟲
進行過濾爬蟲的優點與缺點 伺服器端的防禦機制 應用程式面的防禦機制 免費安全外掛介紹 – WP Shieldon 與會夥伴現場互動 開放提問
June 16, 2020 — 本主題將針對使用 VPS 自架站的人提出一些基本的網站安全性檢測與防範，包含 WordPress 資訊隱藏、目錄權限設定、Security Header 檢測與設定、.htaccess 安全性設定、簡易的自動化備份流程等等，希望在自架站的同時，也能對於基本的資安知識有所瞭解。 接著也會介紹網站被駭之後的處理方式，包含網站復原、重新提交網頁漏洞檢測報告(Sucuri、McAfee)，避免被防毒軟體當作惡意網站阻擋。
April 22, 2020 — I’ll start by trying to convince folks why they should be considering the subject of security testing in relation to their WordPress sites. Assuming I’ve managed to convince you why, then I’ll move onto showing you just how anyone can use Kali (don’t worry, I’ll explain what Kali is!) as a tool for doing some basic security testing with a minimal learning curve to get started. This is being aimed at the novice level in terms of ‘security people’ but very inclusive in terms of anyone who is part of the WordPress community.
December 31, 2019 — We all take shortcuts sometimes. Whether you were swamped with client work and a corner had to be cut, or you’re stretched so thinly trying to wear every hat that something fell through the cracks, we’ve all encountered mistakes we made ourselves. While they’re mostly all forgivable, it becomes a bit of a different issue when a mistake leads to a security concern. In this talk we’ll look at three common security mistakes made by WordPress site owners every day, why they get made in the first place, and how to resolve them.
December 30, 2019 — Security is hard. And scary. And oh so confusing. But it doesn’t have to be that way. With WordPress, the basics are built in and you’re a simple checklist away from hardening your WordPress site like a pro. In this session, Todd will use plain english, entertaining stories and an all encompassing top 10 list to take you from newbie to knowledgeable in less than an hour.
December 19, 2019 — Malicious activity is an unfortunate reality when maintaining a web presence today. Most people involved in the web industry know someone who encountered the aftermath of a disruptive attack–if they haven’t themselves. Because of this, awareness of security best practices is at an all-time high. To many, though, it may not be clear exactly why these measures are important.
To remedy that, we’ll be taking a practical look at what’s actually happening when a website gets attacked, as well as discussing the hows and whys along the way. From understanding why small sites still get hacked, to why password reuse is really as bad as everyone says, we’ll explore the rationale behind the security principles you’re always being told to follow.
November 10, 2019 — Sometimes the bad guys get in, despite all the protections and precautions. If that happens, there are many techniques that can be used to stop further damage, track down what the intruder did and how they got in. Finally the site needs to be cleaned up and re-opened for visitors. In this talk the most important techniques are presented along with real-life examples when they were used.