Topic: WordPress End-User Security
Basic information security principles to consider before you start a WordPress driven site, and a run at the top 10 WordPress security tips.
Dre is a 12 year Navy veteran with experience in multiple technical disciplines. He’s a WordPress fanatic with a love for security. Dre created his first WordPress theme in 2005 and has since contributed to WordPress core, and is organizing the first WordCamp San Diego. After his Navy days, Dre held various leadership positions in the tech start-up world including companies such as Applied Watch Technologies, and Secure-i Inc.
Dre is a Certified Information Systems Security Professional (CISSP) and is the founder of CubicTwo.com & Sucuri.net.
Great question Phil. Yes, in fact, I would argue that out of the box WordPress is very secure. It also has a great security team behind it when security issues arise, like any software.
My session covered things to consider even before you install WordPress. For example, how do you connect to your network or when uploading files, are your passwords strong, who do you host with, etc.
Security scales well beyond just updating your software, and that goes for any software you use online.
You can check out my slides here – http://dre.im/wordpress-end-user-security-orange-county-wordcamp-2011/
Have a great evening!
~Dre
Post like these scares me. Ain’t WP safe as it is when you download it from the site. I was always under the impression that if you kept it updated it would be safe.. am I wrong?