*/ /*-->*/ Perhaps you've heard the news surrounding "secure" websites? A secure site is better for your users. Their data (and yours) is safer. Google adds new rules all the time that could affect your search engine ranking. Luckily, most hosts offer an easy way to turn HTTPS on. You could even get a free SSL certificate through Let's Encrypt.
Sometimes, the very conventional wisdom that’s supposed to solve a problem can make it worse. Spreading butter on a burn can trap in the heat. Blowing on a skinned knee can introduce infection. In so many cases, what we think we know keeps us from doing what will actually help. The internet is full of conventional wisdom about WordPress security. Too often, these myths not only fail to help, they can create a false sense of security that leaves your site vulnerable. The most serious security concerns may be what you don’t know you don’t know.
WordPress security is a continuum. It takes a sustained effort to keep moving your site toward the secure end of the spectrum. How safe your site is ultimately comes down to your organization’s culture of security, and how well you follow security best practices.
Today, clients are starting digital projects with a leg up. Back in the day (insert old-timer music and a slight groan…), most clients had never done a web project. Today they attend conferences, read blogs, and research technology. They are out there learning and taking their investment seriously; and I love it! Of course no matter how much one prepares, it doesn’t substitute for hands-on experience. That holds true especially for the emerging practice of content strategy.
Let’s start with the bad news: If you have a WordPress site, you’re in the crosshairs for malicious attacks. WordPress is the most popular CMS in the world. That makes it a tempting target. Now the good news: WordPress core is inherently secure. There’s never been a major exploit in the most recent version of the core.
The weakest link in any security system is the human element. The most expensive alarm system won’t protect your house if you forget to activate it. The strongest deadbolt is useless if left unlocked. And, of course, the most robust, unhackable password might as well be “Password1” if it’s written on a Post-It attached to your monitor.
Girl Develop It is a nonprofit organization that exists to provide affordable and judgment-free opportunities for women interested in learning web and software development. Through in-person classes and community support, Girl Develop It helps women of diverse backgrounds achieve their technology goals and build confidence in their careers and their everyday lives.
Much of my day to day work as an ACE at Pantheon is spent confirming that certain development workflow tasks are possible on the platform. Lately, my preferred way of showing that something is possible—and stays possible—is by writing an automated test.
Imagine the safest bank vault ever designed. It’s got 10-foot walls of solid concrete lined with foot-thick steel. The door alone weighs 20 tons, able to withstand everything short of a nuclear blast. The locking mechanism combines face recognition, fingerprinting, retinal scanning, DNA testing, and a randomly generated password that changes every five minutes. It’s the most secure place on earth. Now imagine the door is standing wide open.