April 17, 2019 — The session will introduce best practices of website security and how to implement them.

The goal is to help webmasters effectively identify and reduce risks or website compromise.

April 11, 2019 — From HSTS through to CSP and almost every acronym in between security headers, are simple HTTP Headers, sent with requests from your server to the browser but they can be a valuable piece in hardening sites if implemented correctly what’s more for most of them it’s simple to do. In this talk Tim going to go through various security headers explaining how and when to use them and some of the pitfalls. It’s a journey that will take us through HTTPS and into a world where we need to consider carefully what third party content is being used.

April 4, 2019 — So we have all been to the scary WordPress security talk where Tim or someone else frightens you to death, but it’s not too dire: in those talks there is a theme beyond despair and that’s every little helps.

So this talk is low on scary tales and high on simple practical tips to improve your site’s security. On their own they might not be the silver bullet, but they all add up.

Tim will guide you through steps that anyone of any ability level can implement to improve their site security.

April 3, 2019 — You can’t just install a couple of security plugins and call it a day when it comes to safeguarding your WordPress website. Plugins are a great start. The door to your website now has a lock on it. But how about adding a dead bolt? A door chain? A peep hole? Titanium reinforcement? A pet dragon hiding inside? Plugins help with the 5th layer of security. Did you know there are 4 more layers that you are most likely not protecting? Huh? Did he say 4 more? Come learn how to safeguard the other 4 layers so that even with the best of plugins, you drastically reduce your (and your client’s) chances of getting hacked. Just as you would add layers of security to protect your home and family, your WordPress security needs a multi layered approach. Come learn how to build a wall, a moat, and some additional lookout towers to keep the bad guys away from your castle. Oh, and dragons? We’ll talk about them too, if we have time.

March 28, 2019

March 18, 2019 — Trop souvent, on associe la sécurité à l’utilisation d’un plugin (ex. iThemes Security, WordFence, etc) ou d’un service (ex : Sucuri, Cloudflare). Par contre, sans être mauvaises, ces options créent un faux sentiment de sécurité. Durant ma présentation, je présenterai les bonnes pratiques et différentes alternatives pour assurer la sécurité et l’intégrité de votre présence sur le Web. Que ce soit du petit blogue ou du site d’une PME en grande croissance, vous pourrez y trouver votre compte. Nous regarderons les différentes options technologiques existantes et tenterons de démystifier quelques mythes au passage.

March 4, 2019 — You have your SSL certificate and the green padlock in the address bar. You’re done. Your website is secure. Right? No? Huh? Whadda I need to do? Let’s take a walk past the Let’s Encrypt cloak of security and see what you really need to do to help secure your website from the dangers of the public interwebs. No programming needed. A little common sense, a plugin or two and you are well on your way to securing your site. It takes is a few straightforward steps to eliminate almost all of the security vulnerabilities in the basic setup of your WordPress website.

Presentation Slides »

February 26, 2019 — You know security is important and want your site to be secure, but what will actually help? There’s so much information to be found on securing your site, but what are the myths and what actually helps? Find out how to avoid the myths and implement real security.

February 2, 2019 — As someone who builds WordPress websites for clients, you’ve probably learned that offering (or requiring) monthly maintenance contracts is smart business. It’s likely you’re including core software, plugin and theme updates as part of your maintenance plan, which ensures a steady income stream you can rely on and helps with your financial forecasting. But are you including website security as part of your project proposal and scope?

The security of your clients’ websites is often not a priority or is left till the end of a project (or sale?) as an optional add-on for the client to consider after going live. The value of a strong website security posture can be difficult to explain to clients, but when put in the context of their business and possible loss of revenue, it can become an integral part of your offering that separates you from the rest.

In this session, Adam will cover simple website security best practices that you can implement immediately for your own site and those of your clients. In addition, he’ll also offer advice and examples on how to best present the importance of website security during the proposal, scope, and maintenance package stages to your clients. Not only does this ensure your maintenance plans offer what every website needs, but also presents an additional revenue stream opportunity for your business.

February 1, 2019 — Panel: WordPress Security