|

WordCamp US 2019 – Securing WordPress in the age of 0-Day Vulnerabilities – Rahul Nagare

ByTim Nolte Updated on
SlidesDownload

scaledynamix.com/WCUS

0-Day Vulnerabilities

  • Recently discovered
  • No current fix
  • Already being attacked

Reference – wpvulndb.com

Why My Site?

  • They want to send your traffic somewhere else to boost SEO rank
  • They want to use your site as a “bot” to attack a targeted site.

How Do You Protect Your Site?

Protection Against Redirects

  • Hardcode your site/home URL
  • Protect your wp-config.php

Protect Against Automated Plugin Updates

  • Limit access to wp-admin, white-list admin IPs

Protect Against Code Injections

  • Block all POST requests without a valid referrer
  • Set Content-Security-Policy header

You still need to follow the standard security best practices

Technical Architect

A Christ-follower, husband, father, and WordPress Developer with Forum One.

Similar Posts

/ /

WordCamp US 2019 – Code Like A Writer – Alex Ball

ByTim Nolte Updated on
Writing Principles Punctuation Saves Lives Separate your metaphors separate your concerns making good comments Coding Principles Syntax Form – code formatting Spellcheck – code linting DRY – Don’t repeat yourself Redundant words just take up time Code is Poetry Being creative Clean and concise Doing as much as it can with as little as possible In Stories Someone Usually Dies in the End In AJAX function wp_die() at the end.
Using WordPress As My Note Taking Tool
/

Using WordPress As My Note Taking Tool

ByTim Nolte Updated on
So this past Sunday, in a continued effort to find my replacement note taking tool for Evernote, I decided to give my blog a try as a not taking tool. I have the Android app on my phone and tablet so that step made things fairly easy. For the most part things went very well, except I still don’t like the lack of Post Format editing support in the mobile app. I still had to switch over to the web to refine my final note the way I liked it to be. Did some Googling to see what other people’s experiences have been with trying this. Might have to give some of their suggestions a try as well. WordPress as a note taking tool Use…
/

WordCamp US 2019 – Thinking Remotely Through Games – Tammie Lister

ByTim Nolte Updated on
Benefits Dissolve – thought barriers Opens – creativity Types of Play Unoccupied Play – free to think on your own Independant or solitary play Onlooker play – watching others Parrallel play – same time but separate Associative play Team Context Parallel play – same task, in isolation Associative Play – co-op working Co-op Play – together as a team Game Types Constant Unoccupied play – lab-time each week Associative play – hack days Events Parrellel Play – 6up (what if what could be) / elevator pitch Co-op Play – Team shield Merged play – Retrospective Retrospective Rose / bud / thorn Fire / forge / treasure Warm Ups – opens up everyone to collaborate Sketch Photo Tips Be flexible – adapt as play Always summarize…
Tuesday Interval Training Run And Virtual 5K
/ /

Tuesday Interval Training Run And Virtual 5K

ByTim Nolte Updated on
A big shout out to Automattic for promoting the WWWP5K virtual run and matching donations to your favorite charity. #wwwp5k #HWI #Run4Water #WhyIRun #RiverBankRun Automattic matching donations: http://timn.me/wwwp5k2020 Give the gift of clean water: https://timn.me/2020HWI Also on: MastodonMastodon TwitterTwitter InstagramInstagram

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.