• Home
  • About Mitch
  • Speaking
  • Articles
  • Contact
  • Home
  • About Mitch
  • Speaking
  • Articles
  • Contact

Digital Strategist

WordPress Developer

Content Creator

Unapologetic Punk

Mitch Canter

  • X
  • Bluesky
  • GitHub
  • Twitch
  • YouTube
  • LinkedIn
Conferences, Security

Level Up Your WordPress Security

CMDR Mitchcraft

Reading time: 2 minutes

I had an amazing time speaking and networking at the #WPCampus Event in Buffalo this past weekend.  I was fortunate to be able to share some insight on the realm of Security, and make it (hopefully) more than a fruitless, confusion quest.

First of all, here are my slides:

https://www.slideshare.net/studionashvegas/level-up-your-wordpress-security

And now, the caveats/prologues:

  • I had someone reach out on Twitter and mention that the 56% was too low of a number to spend so much time on. We’ve since connected and expounded on that, but the biggest thing I want to mention is that this is a talk from the perspective of the WordPress user/administrator.  There are TONS of other ways that someone can hack into your website, and a lot of them have nothing to do with your code:
    • Social Engineering – people playing fast and loose with user information that protects their password identity
    • A 3rd party hack – Website A gets hacked, and since the passwords were stored incorrectly there that allows the hacker to gain access to Website B through the same password.
    • Bad Passwords – dictionary attacks on passwords that are just plain bad can be brute-forced and overcome in a few minutes (unless you disallow access based on failed password attempts!)
  • A lot of attendees explained that they don’t have a lot of control over the server-side of things. That’s fine – that’s why I positioned it like I did (as something that’s innate, but that you may not have a lot of sway over). That’s why the site-specific stuff is so important. It allows you to do something to prevent baddies from gettting in.
  • There are more items coming out nearly daily, which is why the external resources and information gathering is so important. Education on a problem means you know what to look for and how to fix it!

Thanks to everyone that came to the sessions – I hope I was able to teach something, and that you come away knowing even a tiny bit more about security than you did when you came in!

Hacking, Security, WPCampus
  • Your Next Block Theme: WDS-BT

    Your Next Block Theme: WDS-BT

    Reading time: 1 minute

    One of the things I love about working at WebDevStudios is that we don’t hoard our knowledge like dragons. If we find a great way of doing something in WordPress, we do the best we can to find a way to get it in the hands of other developers, users, and even other agencies that…

    WordPress
  • BlogInfo – One Tag with a Whole Lot of Awesomeness

    BlogInfo – One Tag with a Whole Lot of Awesomeness

    Reading time: 1 minute

    One of the most versitile tags in my arsenal that WordPress gives me is a fun little tag called <?php bloginfo(); ?>.  By itself, it’s not much fun, but when you add in a variable, it can tell you anything you need to know about your blog.  Like what, you ask? name description admin_email url…

    WordPress