Join Jeff Starr for an in-depth discussion in this video Using the exercise files, part of WordPress: Developing Secure Sites .
- [Instructor] The exercise files included with this course, provide everything you need to follow along and complete each video. If you have access, just grab a copy of the exercise files and place them on your desktop, so you can quickly open example files, code snippets and notes. If you don't have access to the exercise files, that's okay, you can still follow along, just pause the video when some code is presented, and type it out manually. This course is not too code intensive, so you should have no problems doing so. Also, in this video course, we're working with several key pieces of software.
First and foremost, for our demo site, we're using a default, self-hosted, installation of WordPress, which you can download for free at wordpress.org. There, you can find steps for the famous five-minute installation. A good idea for following along with the course is to set up your own demo site, as I have done. Next, we're using Google Chrome, which is free and ready for download at google.com. And for various parts of the tutorial, we may use Mozilla Firefox, which is available at mozilla.com.
On the other side of the browser, we're using an FTP/file-editing program, called Atom. Atom is 100% free, completely open-source, and available for download here at atom.io. When you hear me mention code editor, file editor, or FTP client, I'm referring to Atom. Of course, any FTP program and file editor will work just fine for this course. To enable Atom to connect to the server, we're using a free package called remote FTP. Installing and configuring packages for Atom is beyond the scope of this course, but feel free to check out "Learn Atom: The Basics." Also, all of the plug-ins, themes, and code featured in this course are open-source and GPL licensed.
The plug-ins and themes are freely available at the wordpress.org website. And all of the code snippets are from my own code tutorial sites, WordPress Mix. One last note before diving in, remember always to make a backup of your files and database before making any changes. That way, if something unexpected happens, you can restore previous functionality. Now, let's dive in.
- Backing up and restoring your site
- Setting up strong passwords
- Understanding users and roles
- Choosing trusted plugins and themes
- Changing and recovering passwords
- Configuring authentication keys
- Securing the login page
- Fighting spam in the comments
- Blocking access and detecting hacks
- Building a firewall for WordPress
- Detecting and blocking bots
- Auditing your WordPress security