Tag Archives: ServerBuddy by PluginBuddy

June 2010 Handout: WordPress Security Basics

Things change rapidly in the WordPress world. The content in this post is more than a year old and may no longer represent best practices.

Sources for the Presentation

Sallie’s Security Bookmarks (updated regularly)

Protecting WordPress from the Inside Out (a brilliant presentation by Syed Balkhi)

Hardening WordPress (the original Codex article)

WordPress Security Presentation by Brad Williams (from WordCamp Montreal 2009)

Top 5 WordPress Security Tips You Probably Don’t Follow (WordPress Tavern Guest Post)

Keeping Your Self-Hosted WordPress Blog Secure (by Marcelo Lewin)

How to Improve Basic Security on a Fresh WordPress Install (Weblog Tools Collection)

More Plugins for Securing Your WordPress Install (Weblog Tools Collection)

WordPress Security Monitoring and Diagnosis (Weblog Tools Collection)

Latest WordPress Hacks: It’s Your Responsibility (Mark.Watero.us)

Security Plugins

AntiVirus (An A-V program just for WordPress)

Automatic WordPress Backup (Backs your WP files and DB to Amazon S3)

Secure WordPress (Conflicts with WordPress Firewall)

ServerBuddy by PluginBuddy (Checks for security flaws and plugin compatibility)

Theme Authenticity Checker (Checks for spam links in your themes)

WordPress Database Backup (Scheduled or manual backups of your WP database)

WordPress Exploit Scanner (Checks for signs that you’ve been hacked. Results can be confusing to non-geeks)

WordPress File Monitor (E-mails you every time a file has been changed)

WordPress Firewall (Blocks suspected attacks; conflicts with Secure WordPress)

WordPress Security Scan (Scans for file permissions; lets you change WP table prefix)

June 2010 Meetup Slides: WordPress Security Basics

Things change rapidly in the WordPress world. The content in this post is more than a year old and may no longer represent best practices.

April 2010 Meetup Notes: WordPress Q & A

Things change rapidly in the WordPress world. The content in this post is more than a year old and may no longer represent best practices.

Anet wants to carpool from the North Bay to WordCamp on May 1st. If you’re planning to drive down from that area, contact her at anetdunne [at] gmail [dot] com.

Sepehr wants to work on Hybrid theme framework – Linda Shum has experience with this and offers to talk to him after the meetup.

Darren asks about child themes. There’s a nice updated article in the Codex (http://codex.wordpress.org/Child_Themes), but basically a child theme is a way to customize a theme without changing the original theme files, so when the theme is updated, you don’t lose your customizations. Lori’s presentation shows us a child theme of twentyten, the new default theme for WordPress 3.0.

Linda wants to know about using jQuery in WordPress; she’s had some trouble with it. Anca does too—Bill has a link from Digging into WordPress: http://digwp.com/2009/06/including-jquery-in-wordpress-the-right-way/, and adds that you should read the comments.

We talk a bit about security and about hosting, which are related topics right now because of the so-called Pharma Hack that’s going around. Sallie has a collection of bookmarks on WordPress security at http://delicious.com/authorizer/wordpress+security. Regarding this particular hack, you should check your file permissions. There’s a plugin to help you do this called ServerBuddy by PluginBuddy.com (http://wordpress.org/extend/plugins/serverbuddy-by-pluginbuddy/). It will check your file and folder permissions and will also (as a bonus) tell you whether the fabulous BackupBuddy plugin will run on your site. (You have to pay for that one, but if you’re a developer who has to migrate sites a lot, you’ll find it’s worth it.)

Speaking of hosts, good choices for WordPress hosting are Bluehost, HostGator, and Liquid Web. (Anca and Lori are both Liquid Web resellers.) There’s also a new service called Page.ly that will handle your backups and updates in addition to hosting your WP site, for $14.99/month.

We will hold a future meetup on the topic of security, and if we don’t find an expert to speak on the subject, Anca and Sallie (the backup expert) and Lou Anne will do it together. Meanwhile, if you want to know more about backup plugins for WordPress, see http://www.fileslinger.com/tags/wordpress/).

Sepehr asks about plugins for making your archives more interesting. Sallie suggests the Snazzy Archives plugin, which puts all of your archives on one page.

clip_image002

Darren asks about improvements to the Custom Fields interface; Trish says she knows of a good plugin, Custom Field Template.

The winner of this month’s book drawing (for Sams Teach Yourself WordPress in 10 Minutes) was Valerie Fahs-Thatcher. We’ll be keeping an eye out for your Amazon review, Valerie, and I hope the book is helpful.

Announcements

Anca’s WordPress class at TechLiminal starts Monday, April 19th. If you want to learn more about WordPress, sign up at http://techliminal.com/learn-2-wordpress/.

The WordPress Bay Area Foothills (that’s the South Bay) Meetup, run by Lou Anne McKeefery and Ann Zerega, meets this Wednesday evening at the Milpitas Library. The speaker is Alex King from the WP Help Center. RSVP at http://www.meetup.com/Wordpress-Bay-Area-CA-Foothills/. (This month you can attend by telephone.)

The Bay Area (meaning San Francisco) WordPress Meetup, in a fit of bad planning, also scheduled its meeting for Wednesday, April 21. They’re talking about “totally awesome plugins and themes.” You can RSVP at http://www.meetup.com/wordpress-sf/.