October 1, 2025 — This panel brings together security experts to discuss how AI is changing the game for WordPress site protection – both the new risks we’re facing and the smart ways to defend against them. You’ll hear real-world insights on keeping your WordPress sites secure while making the most of AI tools that are becoming part of everyday web development.

September 30, 2025 — Automatic updates in WordPress are a safety net, ensuring that sites are always running the latest code. But for development teams working with continuous integration and delivery (CI/CD), the reality is more complicated. In this talk Tim will explore practical ways to make automatic updates safer without slowing down your workflow. From staging, checking the integrity of what’s being installed, and building automated checks into your CI/CD process to spot issues before they reach production.

December 10, 2023 — Learn security lessons through a humorous but “scary story” about a WordPress site owner Joe and his website security troubles.

September 30, 2023 — This talk explains how to make the most of the code review process.

Topics include:

– giving and receiving feedback
– focusing on the right things
– handling conflicts
– review of a real-world case study
– recommended tools and techniques

Good code reviews create a positive, collaborative culture that leads to not only better code but a happier and more productive work environment. Learn how to embrace code reviews as opportunities for improvement.

Whether you’re taking on a new project or just checking a pull request, code reviews can help with quality control, bug catching, and knowledge sharing.

April 22, 2020 — It’s a new decade and for many of us, new starts. For me this year is all about productivity and workflows. In this talk, I walk through my workflows and processes I have been optimising to keep me going as a developer, a sysadmin, and a tinkerer. From terminals, to running shoes, everything is hackable.

June 5, 2019 — Everyone should be a little bit worried about the security of their site, and at conferences, lots of security talks focus on practical steps people can take.

In this talk, Tim will flip the norms and instead focus on several real examples of sites being hacked but from the attackers perspective. We will see the whole attacks from the bad actors view identifying targets, analysing vulnerable sites, adding payload, exploiting in doing so showing how sites are infected, how some tools do prevent certain attacks and how clever and indeed not so clever bad actors can circumvent lots of hardening done.

Each step we can analyse what could have been put in place to prevent and frustrate the attack and then look at how this can be implemented on your site.

May 15, 2019 — Everyone should be a little bit worried about security of their site, and at conferences lots of security talks focus on practical steps people can take. In this talk Tim will flip the norms and instead focus on several real examples of sites being hacked but from the attackers perspective. We will see the whole attacks from the bad actors view identifying targets, analyzing vulnerable sites, adding payload, exploiting in doing so showing how sites are infected, how some tools do prevent certain attacks and how clever and indeed not so clever bad actors can circumvent lots of hardening done.

Each step we can analyze what could have been put in place to prevent and frustrate the attack and then look at how this can be implemented on your site.

April 11, 2019 — From HSTS through to CSP and almost every acronym in between security headers, are simple HTTP Headers, sent with requests from your server to the browser but they can be a valuable piece in hardening sites if implemented correctly what’s more for most of them it’s simple to do. In this talk Tim going to go through various security headers explaining how and when to use them and some of the pitfalls. It’s a journey that will take us through HTTPS and into a world where we need to consider carefully what third party content is being used.

April 4, 2019 — So we have all been to the scary WordPress security talk where Tim or someone else frightens you to death, but it’s not too dire: in those talks there is a theme beyond despair and that’s every little helps.

So this talk is low on scary tales and high on simple practical tips to improve your site’s security. On their own they might not be the silver bullet, but they all add up.

Tim will guide you through steps that anyone of any ability level can implement to improve their site security.

June 2, 2017 — Shared, VPS, Dedicated, Cloud, Dedicated PS, Dedicated Cloud, Co-lo what does any of that mean welcome to the world of hosting with its bizarre vocabulary and massive amount of marketing spin. It can often be confusing just working out what hosting companies do let alone, if their products and services are suitable for your project.

In this talk Tim will guide you through the world of hosting, looking at what the different offerings mean trying to break down the vocabulary of hosting into terms that are easy to understand. To help you find out what products and services might be right for your next site. He will go through some of the key things to look for and questions you should be asking about any products/service. Finally he will challenge some of the preconceived notions and show how in the right services free can sometime be the