Securing WordPress is Easier Than Making Coffee

Securing WordPress is Easier Than Making Coffee

Here are the slides for my session at Austin WordCamp 2012 entitled “Securing WordPress is Easier Than Making Coffee.” This one-hour session covered the basics of WordPress security including:

  • WordPress security statistics
  • Common attack methods
  • Prevention
  • Detection
  • Recovery


2 Replies to “Securing WordPress is Easier Than Making Coffee”

  1. It’s not ‘easy’ when a crappy plugin like Better WP Security logs you out of your own website.

    Chris, you shouldn’t be presenting yourself as an expert, when your plugins lock people out of their own sites, causing hours or even days of lost down-time.

    Plugins are supposed to make life easier. If you can’t do that, don’t release them. Sounds harsh but your crappy program has ruined my day.

  2. I’m sorry to hear to had issues but I haven’t seen any support requests as to what those issues are. As stated clearly throughout the documentation the plugin is not compatible with every configuration and as such some features need to be used with caution. I have no problem helping someone get back online if they do have a problem however all one needs to do is ask.

    I’ve been working with application security for over 10 years and specifically WordPress security for almost 3 years now and have cleaned and helped many sites along the way. That said, not all plugins are designed solely to make life “easier.” Some, like this one, are designed to enhance WordPress in ways that isn’t possible right out of the box. Yes, one-click protection is easy and will make your site more secure as promised in the documentation, however many other features contain a clear warning that they might not be appropriate on your site. Still though, I do help when folks do get in trouble, when asked, and almost all the trouble that can be caused by this plugin can be cleared within a few seconds with very few exceptions.

    Finally, Better WP Security has been downloaded over 160,000 times and is on page 2 of the highest rated plugins in This shows it is working for an awful lot of folks. There are issues, there will always be in a plugin this complex, however I’ve never yet lost a site in which the the site owner followed the directions in the plugin and I have no intention of starting now.