September 25, 2016 — Logan takes the audience through the structure of a WordPress site’s security posture, dispelling common misconceptions and elaborating on perceived security overlaps. The session explains the differences between plugin-based security and external solutions, as well as how they best work together. In easy-to-understand terms, Logan also touches on basic hosting configuration best practices and security control spheres. Whether just getting started in WordPress or a seasoned developer, this talk has something for every WordPresser.

September 13, 2016 — I speak about different aspects of WordPress security and hardening. We’ll discuss how to protect your WordPress website against different attacks, I’ll show you different tools and services which will help you with hardening your website.
Ongoing maintenance isn’t less important: we’ll learn how to monitor and backup your website securely and efficiently.

Presentation Slides »

September 8, 2016 — Jede/r, der/die Verantwortung für eine Webanwendung übernimmt sollte ein gewisses Grundverständnis von den Services haben, welche sie/er bei Hosting-Diensleistern einkauft. Zu diesem Grundverständnis beizutragen ist Ziel dieser Session.

Es geht in der Session um diverse Spannungsfelder, die sich meiner Meinung nach immer nur mit Kompromissen lösen lassen. Bezüglich Flexibilität und Verfügbarkeit der Website kann man vllt. etwas kompromissbereiter sein, als bei der Sicherheit. Aber da es niemals absolute Sicherheit geben kann, muss man leider auch bei der Sicherheit mit Kompromissen leben. Dies gilt insbesondere für Software, deren Aufgabe es ist, rund um die Uhr (24h pro Tag, 7 Tage die Woche) für jeden Nutzer im Internet erreichbar zu sein.

Presentation Slides »

August 26, 2016 — The basics on hardening your WordPress application and best security practices.
The importance of Strong passwords, Two-Factor, secure file permissions and using SFTP encryption.
The basics on hardening the install by changing Salts, removing username admin and the admin ID of 1.
The importance of maintaining backups and updates.

Presentation Slides »

August 25, 2016 — We will be discussing basic things a you can do secure your site with minimal technical knowledge. What to do in case it does get hacked. How to backup and restore your website.

Presentation Slides »

August 19, 2016 — Learn how to lock down your WordPress website so that you become less of a target for hacking, defacement, or data theft. Using freely available tools, you’ll find out how to thwart cyber attacks and build trust with your visitors.

Take aways:

Becoming less of a target for hackers.
Hardening WordPress websites with security plugins.
Other tools and tips for website security.

Presentation Slides »

August 9, 2016 — Using real examples of exploits reported in themes and plugins, Tim will be discussing steps you can take to improve the security of your WordPress site. If you’re a developer or theme designer, you can learn from other’s mistakes and make sure you don’t repeat them. However, it’s not just developers – security is for everyone so Tim will cover practical tips to help anyone keep their site nice and safe.

August 9, 2016 — This talk is designed to break down website security at it’s most fundamental level and understand that there is no 100% solution out there, there never will be. Security is about technology, processes, and people, and we need to know how to mitigate risk in these areas.

The talk will cover:

Hosting and how it plays a role in website security
Understanding what a Firewall actually protects
Dispelling the myth of “why would anyone hack me?”
Different types of online threats (external and internal)
WordPress security essentials (Passwords, updates, user roles, backups, etc.)
DIY tools to help mitigate risk and improve your online posture
Resources for staying informed
If you own or manage a website, whether it’s an ecommerce store, a blog, or just a simple marketing site, you need to know how to keep it protected and become a responsible steward of the world wide web!

Presentation Slides »

August 1, 2016 — I løbet af ca. 20 minutter gennemgår vi hvorfor du bør sikre dit WordPress site og hvordan du med enkle midler kan sikre dit WordPress site.

Vi vil overordnet gennemgå de elementer din online strategi skal indholde, for at sikre dit indhold – og som virksomhed: Din forretning.

Du går fra oplægget med værktøjer til at gå i gang og få sikret din WordPress side allerede samme eftermiddag.

July 29, 2016 — 昨今、WordPressのシェアにより日本を含む世界中のWordPressが攻撃の危険性に晒されています。
実際多くのWebサイトが改ざんなどの被害にあっていると報道されています。

このような報道と同時にWordPressが危ないのではないかという話題まであがりました。
そんなことは無いはずです！WordPress は安全に運用することによってきっと守ることができるはずです。
この思いを胸に、WordPressの攻撃を収集し分析し続けました。

このセッションでは、私たちが収集した攻撃情報を基に、

・WordPressを使いたいけどセキュリティが漠然と心配！
・WordPressを提案したいけどセキュリティが理由で躊躇している！
・プラグインやテーマを作ってみたけど、これって大丈夫か心配！

とはいえ時間をかけたくないという開発者・運営者の方々に向けて、
WordPressサイトを、なるべくシンプルな手法で安全に保つ方法を解説します。

Presentation Slides »