‘security’ Videos

  • Adam Warner: 360 Degrees of Security – Setting Standards for Your Websites and Yourself

    WordCamp Dayton 2018Speaker: Adam Warner

    November 30, 2020 — In this session, Adam addresses the “big picture” of personal and website security and breaks down the fundamental tasks needed for a strong security plan online. He provides an actionable checklist on what audience members can implement immediately to better secure themselves online in addition to their WordPress websites.

    After attending this session, audience members will have a better understanding of personal security online and how it affects website security as a whole, as well as steps they can take to mitigate risk in the future.

  • Ashish Kalsi: Best Practices for Securing Your Site

    WordCamp Denver 2019Speaker: Ashish Kalsi

    November 4, 2020 — With new threats constantly emerging, how can website owners protect themselves and their business? In this session we will cover this crucial topic for SEOs and share several demos of these threats, plus how they can be prevented. Find out what Google is seeing in hacking trends, Google’s view on what HTTPS does (and doesn’t do), and how to best address a hacked site.

    Attendees will learn how to protect against SQL injection attacks, sanitize user generated input, and come away with other practical tips that can immediately be implemented to secure their sites.

  • Frank Schmittlein, Marc Nilius: Web Application Firewalls (WAFs)

    WordPress Meetup NürnbergSpeakers: Frank Schmittlein, Marc Nilius

    July 17, 2020 — Die Sicherheit von WordPress-Websites ist ein beliebtes Thema. Interessanterweise geht es dabei häufig um viele Einstellungen und “Security by Obscurity”, echte Sicherheit wird damit nicht hergestellt.

    Alternativ gibt es “Web Application Firewalls” (WAFs), die (je nach Ausprägung) einen tatsächlichen und relevanten Schutz vor Angriffen bieten.

    Marc Nilius stellt die verschiedenen Arten von WAFs sowie deren Vor- und Nachteile vor und gibt einen Einblick, worauf man bei der Konfiguration und beim Einsatz achten muss.

  • Akshat Choudhary: An Analysis of 100+ Hacked Sites

    WordCamp Denver 2020Speaker: Akshat Choudhary

    July 11, 2020 — In this talk, I will be sharing the best strategies to secure a site based on my analysis of 100+ hacked sites. I’d give the audience a walkthrough of the logs of the hacked sites and decode the weak points and the method used to hack the sites. I will then explain the different ways one can protect a WordPress site from hacks. This would range from using existing firewall and security plugins to adding custom rules on the backend.
    WordPress Security at its very core is constantly evolving. As hackers constantly find new ways to exploit, it’s imperative to stay dynamic and be prepared for the worst. I believe that understanding how hackers are hacking a site can go a long way in protecting it. Over the last 10 years, I’ve dealt with more than 200,000 hacked sites. I’d like to use my learning from them to push people to identify their site’s weak points and hopefully be a catalyst to them taking security more seriously.

  • Chris Teitzel: Secure your site by becoming a hacker!

    WordCamp Europe 2020Speaker: Chris Teitzel

    June 19, 2020 — Keeping your site secure is difficult, and often times knowing where to start is the hardest step. With terms and acronyms like cross site scripting (XSS), cross site request forgery (CSRF) and others, it’s hard to know just what to do to keep your site secure.
    Sometimes the best way to know how to protect a site is to hack one yourself! In this talk we’ll all join forces and become hackers for a short time to hack a live site and learn just what these various attacks are. Most importantly, we’ll also discuss how to protect your site from being exploited.

  • Terry Lin: 網路爬蟲與 WordPress 防禦機制 / Anti-scraping and WordPress Security Defence

    WordCamp Taipei (台北) 2019Speaker: Terry Lin

    June 16, 2020 — 開場白與講者自介 什麼是網路爬蟲
    — 搜尋引擎
    — 大數據收集
    — 網路服務商
    — 盜文採集、垃圾流量網站
    — 隨機弱點掃描、網路攻擊目標搜集
    進行過濾爬蟲的優點與缺點 伺服器端的防禦機制 應用程式面的防禦機制 免費安全外掛介紹 – WP Shieldon 與會夥伴現場互動 開放提問

    Presentation Slides »

  • John Lu: WordPress 基本安全性檢測與防範方式 / WordPress Security Check and How to Prevent Them

    WordCamp Taipei (台北) 2019Speaker: John Lu

    June 16, 2020 — 本主題將針對使用 VPS 自架站的人提出一些基本的網站安全性檢測與防範,包含 WordPress 資訊隱藏、目錄權限設定、Security Header 檢測與設定、.htaccess 安全性設定、簡易的自動化備份流程等等,希望在自架站的同時,也能對於基本的資安知識有所瞭解。 接著也會介紹網站被駭之後的處理方式,包含網站復原、重新提交網頁漏洞檢測報告(Sucuri、McAfee),避免被防毒軟體當作惡意網站阻擋。

    Presentation Slides »

  • Alfonso Frachelle: No voy a hablar de seguridad

    WordCamp Montevideo 2018Speaker: Alfonso Frachelle

    May 29, 2020 — ¿Por qué y cómo debo asegurar mi WordPress? Alfonso Frachelle nos muestra las mejores práctica para que tu sitio web hecho en WordPress no tenga brechas de seguridad.

  • Fast alles zum Thema WordPress Sicherheit

    WordPress Meetup PotsdamSpeaker: Bernhard Kau

    May 14, 2020 — Bernhard erklärt in seiner Session zum Thema “(Fast) Alles zum Thema Sicherheit” worauf es ankommt. Die drei wichtigsten Aspekte: Updates, Backups und ein starkes Passwort.
    Weitere Sicherheitsaspekte die möglich sind, beschreibt Bernhard als optional oder gar unnötig.

    Presentation Slides »

  • Nigel Pentland: Security testing – outside looking in

    WordCamp Glasgow 2020Speaker: Nigel Pentland

    April 22, 2020 — I’ll start by trying to convince folks why they should be considering the subject of security testing in relation to their WordPress sites. Assuming I’ve managed to convince you why, then I’ll move onto showing you just how anyone can use Kali (don’t worry, I’ll explain what Kali is!) as a tool for doing some basic security testing with a minimal learning curve to get started. This is being aimed at the novice level in terms of ‘security people’ but very inclusive in terms of anyone who is part of the WordPress community.