Website security is something that I have been paying a lot of attention to the last few months. Not because a website that I own was attacked, just because I believe it is a good practice or habit to get into.

Sarah C. Hines: WP Security – That Boring Thing Until it Matters

At WordCamp Portland 2017, Sarah talks about the fact that WordPress is one of the most used content management systems in the world. Which also, inconveniently, makes it one of the most-targeted CMS’ for hackers. You know you should keep WordPress core, plugins, and themes up-to-date, but what else can you do to protect your system?

Matthias Kurz: Absicherung von WordPress durch Zwei-Faktor-Authentifizierung mit Security-Keys

From WordCamp Berlin 2017 – Noch immer ist das WordPress-Login eines der größten Einfallstore einer WordPress-Installation. Dies ist in den meisten Fällen auf unsichere Passwörter zurückzuführen, gerade wenn mehrere Benutzer Zugang zu einer Instanz haben oder wenn der / die Administrationsaccount(s) von mehreren Menschen verwendet wird.

Adam W. Warner: WordPress Security for Beginners – Simple Steps to Build Your Master Plan

And from WordCamp Louisville 2016, Adam has this for WordPress beginners and users.

Security can seem intimidating and complex for many of us, but we shouldn’t (can’t) let that stop us from making sure we’re doing everything we can to secure our WordPress sites. After all, our websites are often part of our livelihood.

Slides for this presentation can be found HERE.