Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
WordCamp for Publishers 2017
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
emaildano
August 18, 2017
Technology
610
2
Share
WordCamp for Publishers 2017
emaildano
August 18, 2017
More Decks by emaildano
See All by emaildano
Shifter オンラインミートアップ ザ・ホワイトベルト!
emaildano
0
900
Lift and Shift WordPress to the Jamstack
emaildano
1
170
Crash Course on Static WordPress in ~5 minutes (or less)
emaildano
0
82
Developing with WordPress, the JAMstack way
emaildano
2
2.1k
3 things I believe in and why I joined DigitalCube
emaildano
0
3.9k
The Future is SaaS
emaildano
0
100
Let's Build a Better WordPress @ WordCamp NYC 2018
emaildano
0
160
On Demand Dev with Docker + WordPress @ WordCamp Europe 2018
emaildano
0
720
Serverless PHL - March 2018
emaildano
0
400
Other Decks in Technology
See All in Technology
プラットフォームエンジニアリングの実践 - AWS コンテナサービスで構築する社内プラットフォーム / AWS Containers Platform Meetup #1
literalice
1
160
20260423_執筆の工夫と裏側 技術書の企画から刊行まで / From the planning to the publication of technical book
nash_efp
3
400
研究開発部メンバーの働き⽅ / Sansan R&D Profile
sansan33
PRO
4
23k
マルチエージェント × ハーネスエンジニアリング × GitLab Duo Agent Platformで実現する「AIエージェントに仕事をさせる時代へ。」 / 20260421 GitLab Duo Agent Platform
n11sh1
0
160
目的ファーストのハーネス設計 ~ハーネスの変更容易性を高めるための優先順位~
gotalab555
8
2.2k
自立を加速させる神器 - EMOasis #11
stanby_inc
0
140
Revisiting [CLS] and Patch Token Interaction in Vision Transformers
yu4u
0
360
All About Sansan – for New Global Engineers
sansan33
PRO
1
1.4k
最近の技術系の話題で気になったもの色々(IoT系以外も) / IoTLT 花見予定会(たぶんBBQ) @都立潮風公園バーベキュー広場
you
PRO
1
240
No Types Needed, Just Callable Method Check
dak2
1
1.2k
AzureのIaC管理からログ調査まで、随所に役立つSkillsとCustom-Instructions / Boosting IaC and Log Analysis with Skills
aeonpeople
0
230
「誰一人取り残されない」 AIエージェント時代のプロダクト設計思想 Product Management Summit 2026
mizushimac
0
120
Featured
See All Featured
Designing Experiences People Love
moore
143
24k
Ecommerce SEO: The Keys for Success Now & Beyond - #SERPConf2024
aleyda
1
1.9k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
46
2.8k
Bridging the Design Gap: How Collaborative Modelling removes blockers to flow between stakeholders and teams @FastFlow conf
baasie
0
510
Git: the NoSQL Database
bkeepers
PRO
432
67k
Reflections from 52 weeks, 52 projects
jeffersonlam
356
21k
Leo the Paperboy
mayatellez
7
1.7k
ラッコキーワード サービス紹介資料
rakko
1
3.1M
Practical Orchestrator
shlominoach
191
11k
Why You Should Never Use an ORM
jnunemaker
PRO
61
9.8k
Beyond borders and beyond the search box: How to win the global "messy middle" with AI-driven SEO
davidcarrasco
3
110
Building a Scalable Design System with Sketch
lauravandoore
463
34k
Transcript
Daniel Olson @emaildano
Daniel Olson @emaildano Daniel Olson COO, DigitalCube @emaildano
Daniel Olson @emaildano Daniel Olson I develop WordPress SaaS products
on AWS
Daniel Olson @emaildano Alternative Hacks WordPress Security from the Outside
Looking In
Daniel Olson @emaildano Why Care? About WordPress Security
Daniel Olson @emaildano Client Responsibility Why Care?
Daniel Olson @emaildano User Responsibility Why Care?
Daniel Olson @emaildano Personal Responsibility Why Care?
Daniel Olson @emaildano Sh*t Happens Learn from your mistakes
Daniel Olson @emaildano Old Habits Die Hard
Daniel Olson @emaildano Secure Secure
Daniel Olson @emaildano Approach security as a design problem and
less of a technical problem
Daniel Olson @emaildano sourcemaking.com @sourcemaking
Daniel Olson @emaildano Workflow
Daniel Olson @emaildano Workflow Find that weak link and fix
it
Daniel Olson @emaildano Workflow Lobby for the right fix Not
the quick fix
Daniel Olson @emaildano Workflow Lobby for the right fix Not
the quick fix (But compromise)
Daniel Olson @emaildano AntiPattern - SourceMaking - “commonly occurring solution
to a problem that generates decidedly negative consequences”
Daniel Olson @emaildano Design Pattern - SourceMaking - “An approach
to a solution to a commonly occurring problem that’s repeatable and is not a finished design”
Daniel Olson @emaildano Workflow ⇣ AntiPattern ⇣ Design Pattern
Daniel Olson @emaildano Workflow Versioning Release Candidates for Personal Micro
Improvements
None
Daniel Olson @emaildano A Few Ideas
Daniel Olson @emaildano Disaster Plans Workflow – AntiPattern – Design
Pattern
Daniel Olson @emaildano Disaster Plans Discuss them, early and often
Daniel Olson @emaildano Disaster Plans Total Data Loss Client or
Customer Data Hack Unexpected downtime
Daniel Olson @emaildano Disaster Plans Workflow – AntiPattern – Design
Pattern
Daniel Olson @emaildano Disaster Plans No Plan Partial Backup File
only no config No SLA
Daniel Olson @emaildano No Plan?
Daniel Olson @emaildano No Plan? Get one
Daniel Olson @emaildano Partial Backups
Daniel Olson @emaildano Partial Backups Backup efficiently, not aggressively
Daniel Olson @emaildano – Someone “If your data is in
one place, it’s no place.”
Daniel Olson @emaildano Files only no config
Daniel Olson @emaildano Files only no config 12 factor app
principles
Daniel Olson @emaildano The Twelve Factor App 12factor.net
Daniel Olson @emaildano – III. Config — The 12 Factor
App “Apps sometimes store config as constants in the code. This is a violation of twelve-factor, which requires strict separation of config from code. Config varies substantially across deploys, code does not.”
Daniel Olson @emaildano No SLA
Daniel Olson @emaildano No SLA Define who’s responsable for what
Broad and Narrow
Daniel Olson @emaildano Hosting Workflow – AntiPattern – Design Pattern
Daniel Olson @emaildano Web Hosting Find the right fit
Daniel Olson @emaildano Web Hosting Hammered with bot traffic Secure
Connections Recovery, Scaling, Automation
Daniel Olson @emaildano Bot Traffic Put your server to work
and serve static 404s with NGINX, Apache, or .htaccess
Daniel Olson @emaildano Secure Connections
Daniel Olson @emaildano Secure Connections Limit IPs and ports Force
SFTP or SSH over FTP HTTPs Always
Daniel Olson @emaildano Recovery, Scaling, Automation Does your host provide
this? Again, config as code Go JAMStack or Serverless
Daniel Olson @emaildano –JAMStack jamstack.org “Modern web development architecture based
on client-side JavaScript, reusable APIs, and prebuilt Markup.”
Daniel Olson @emaildano Go Serverless WordPress to Static
Daniel Olson @emaildano Go Serverless WordPress to Static Scale Verically
and Horizontally
None
Daniel Olson @emaildano WordPress Plugins
Daniel Olson @emaildano WordPress Plugins They are not a cure-all
Definitely still need them More != Better
Daniel Olson @emaildano WordPress Plugins Learn what they actually do
Can that apply to config as code?
Daniel Olson @emaildano Tinfoil File Permissions
Daniel Olson @emaildano Tinfoil File Permissions When in doubt, follow
the docs 777 Stackoverflow guy is not your friend
Daniel Olson @emaildano Hashing and MD5
Daniel Olson @emaildano – WordPress.org “MD5 is used by default
because it’s supported on all platforms”
Daniel Olson @emaildano Hashing and MD5 Try bcrypt, scrypt, SHA256
Daniel Olson @emaildano Thank you!
Daniel Olson @emaildano Daniel Olson COO, DigitalCube @emaildano
Daniel Olson @emaildano Alternative Hacks WordPress Security from the Outside
Looking In https://speakerdeck.com/emaildano
emaildano
literalice
nash_efp
sansan33
n11sh1
gotalab555
stanby_inc
yu4u
you
dak2
aeonpeople
mizushimac
moore
aleyda
bcantrill
baasie
bkeepers
jeffersonlam
mayatellez
rakko
shlominoach
jnunemaker
davidcarrasco
lauravandoore
