WordCamp LA 2014

KISS Security

Keep it Smart, Silly!

Created for WordCamp Los Angeles 2014


Mika Epstein

aka Ipstenu


  • Support Forum Moderator
  • Plugin Reviewer
  • Core Contributor
  • Beta Tester
  • Trainer
  • ... Half Elf


  • WordPress Specialist
  • ... and Manager
  • WordPress Trainer
  • De-Hacker
  • Dedicated WP Resource
  • ... Half Unicorn


"My mother is one of the few people I know who has almost completely conquered the will to be stupid."

Miles Vorkosigan on his mother, Cordelia Naismith Vorkosigan
Brothers in Arms by Lois McMaster Bujold


Dilbert relating to a date how the internet is dangerous

Credit: Dilbert - Jan 11, 1996

Over-Exaggerated Myths

Sign that reads 'Danger: Falling Ice'
  • Upgrade or be hacked
  • You must use a security plugin
  • You have to hide the version of the code you use
  • Be afraid of plugins and themes!
  • Strong passwords or die!

The Tripod Theory

Shadow of a man with a camera on a tripod, standing on a golf course

Website Security relies on three legs:

  1. Your Webhost (server)
  2. Your software's developers (WordPress)
  3. YOU (everything else)

See Also: Hack'n'slash Security

Educate Yourself

carving of people thinking
  • Read
  • Listen
  • Ask questions
  • Think
  • Be aware

Practical Tips

  • Is the developer active?
  • What ELSE do they do?
  • Are all their answers super technical?
  • Do they speak/write your native language?
  • How often is the code updated?

Trust Your Gut

A cautious cat looking behind itself.



My tech blog: https://halfelf.org

These slides: https://slides.halfelf.org/wcla2014