Upgrade to Pro — share decks privately, control downloads, hide ads and more …

WordCamp for Publishers 2017

emaildano
August 18, 2017
Technology
2
590

WordCamp for Publishers 2017

emaildano

August 18, 2017
Tweet

More Decks by emaildano

See All by emaildano
Shifter オンラインミートアップ ザ・ホワイトベルト!
emaildano
0
770
Lift and Shift WordPress to the Jamstack
emaildano
1
130
Crash Course on
Static WordPress in ~5 minutes (or less)
emaildano
0
67
Developing with WordPress, the JAMstack way
emaildano
2
1.7k
3 things I believe in and why I joined DigitalCube
emaildano
0
3.5k
The Future is SaaS
emaildano
0
82
Let's Build a Better WordPress @ WordCamp NYC 2018
emaildano
0
120
On Demand Dev with Docker + WordPress @ WordCamp Europe 2018
emaildano
0
640
Serverless PHL - March 2018
emaildano
0
380

Other Decks in Technology

See All in Technology
PaaSの歴史と、 アプリケーションプラットフォームのこれから
jacopen
7
1.5k
シフトライトなテスト活動を適切に行うことで、無理な開発をせず、過剰にテストせず、顧客をビックリさせないプロダクトを作り上げているお話 #RSGT2025 / Shift Right
nihonbuson
3
2.1k
2025年のARグラスの潮流
kotauchisunsun
0
790
【JAWS-UG大阪 reInvent reCap LT大会 サンバが始まったら強制終了】“1分”で初めてのソロ参戦reInventを数字で振り返りながら反省する
ttelltte
0
140
Amazon Q Developerで.NET Frameworkプロジェクトをモダナイズしてみた
kenichirokimura
1
200
My small contributions - Fujiwara Tech Conference 2025
ijin
0
1.4k
CDKのコードレビューを楽にするパッケージcdk-mentorを作ってみた/cdk-mentor
tomoki10
0
210
なぜfreeeはハブ・アンド・スポーク型の データメッシュアーキテクチャにチャレンジするのか?
shinichiro_joya
2
480
【Oracle Cloud ウェビナー】2025年のセキュリティ脅威を読み解く:リスクに備えるためのレジリエンスとデータ保護
oracle4engineer
PRO
1
100
Bring Your Own Container: When Containers Turn the Key to EDR Bypass/byoc-avtokyo2024
tkmru
0
860
ABWGのRe:Cap!
hm5ug
1
120
メールヘッダーを見てみよう
hinono
0
110

Featured

See All Featured
Visualization
eitanlees
146
15k
StorybookのUI Testing Handbookを読んだ
zakiyama
28
5.4k
4 Signs Your Business is Dying
shpigford
182
22k
A designer walks into a library…
pauljervisheath
205
24k
Keith and Marios Guide to Fast Websites
keithpitt
410
22k
The Art of Programming - Codeland 2020
erikaheidi
53
13k
Scaling GitHub
holman
459
140k
Making the Leap to Tech Lead
cromwellryan
133
9k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
No one is an island. Learnings from fostering a developers community.
thoeni
19
3.1k
Typedesign – Prime Four
hannesfritz
40
2.5k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
28
4.5k

Transcript

  1. Daniel Olson @emaildano

  2. Daniel Olson @emaildano Daniel Olson COO, DigitalCube @emaildano

  3. Daniel Olson @emaildano Daniel Olson I develop WordPress SaaS
 products

    on AWS

  4. Daniel Olson @emaildano Alternative Hacks WordPress Security from
 the Outside

    Looking In

  5. Daniel Olson @emaildano Why Care? About WordPress Security

  6. Daniel Olson @emaildano Client Responsibility Why Care?

  7. Daniel Olson @emaildano User Responsibility Why Care?

  8. Daniel Olson @emaildano Personal Responsibility Why Care?

  9. Daniel Olson @emaildano Sh*t Happens Learn from your mistakes

  10. Daniel Olson @emaildano Old Habits
 Die Hard

  11. Daniel Olson @emaildano Secure Secure

  12. Daniel Olson @emaildano Approach security as a design problem
 and

    less of a technical problem

  13. Daniel Olson @emaildano sourcemaking.com @sourcemaking

  14. Daniel Olson @emaildano Workflow

  15. Daniel Olson @emaildano Workflow Find that weak link and fix

    it

  16. Daniel Olson @emaildano Workflow Lobby for the right fix Not

    the quick fix

  17. Daniel Olson @emaildano Workflow Lobby for the right fix Not

    the quick fix (But compromise)

  18. Daniel Olson @emaildano AntiPattern
 - SourceMaking - “commonly occurring solution

    to a problem that generates decidedly negative consequences”

  19. Daniel Olson @emaildano Design Pattern
 - SourceMaking - “An approach

    to a solution to a commonly occurring problem that’s repeatable and
 is not a finished design”

  20. Daniel Olson @emaildano Workflow ⇣ AntiPattern ⇣ Design Pattern

  21. Daniel Olson @emaildano Workflow Versioning Release Candidates for
 Personal Micro

    Improvements
  22. None

  23. Daniel Olson @emaildano A Few Ideas

  24. Daniel Olson @emaildano Disaster Plans Workflow – AntiPattern – Design

    Pattern

  25. Daniel Olson @emaildano Disaster Plans Discuss them, early and often

  26. Daniel Olson @emaildano Disaster Plans Total Data Loss Client or

    Customer Data Hack Unexpected downtime

  27. Daniel Olson @emaildano Disaster Plans Workflow – AntiPattern – Design

    Pattern

  28. Daniel Olson @emaildano Disaster Plans No Plan Partial Backup File

    only no config No SLA

  29. Daniel Olson @emaildano No Plan?

  30. Daniel Olson @emaildano No Plan? Get one

  31. Daniel Olson @emaildano Partial Backups

  32. Daniel Olson @emaildano Partial Backups Backup efficiently, not aggressively

  33. Daniel Olson @emaildano – Someone “If your data is in

    one place, it’s no place.”

  34. Daniel Olson @emaildano Files only no config

  35. Daniel Olson @emaildano Files only no config 12 factor app

    principles

  36. Daniel Olson @emaildano The Twelve Factor App 12factor.net

  37. Daniel Olson @emaildano – III. Config — The 12 Factor

    App “Apps sometimes store config as constants in the code. This is a violation of twelve-factor, which requires strict separation of config from code. Config varies substantially across deploys, code does not.”

  38. Daniel Olson @emaildano No SLA

  39. Daniel Olson @emaildano No SLA Define who’s responsable for what

    Broad and Narrow

  40. Daniel Olson @emaildano Hosting Workflow – AntiPattern – Design Pattern

  41. Daniel Olson @emaildano Web Hosting Find the right fit

  42. Daniel Olson @emaildano Web Hosting Hammered with bot traffic Secure

    Connections Recovery, Scaling, Automation

  43. Daniel Olson @emaildano Bot Traffic Put your server to work

    and serve static 404s
 with NGINX, Apache, or .htaccess

  44. Daniel Olson @emaildano Secure Connections

  45. Daniel Olson @emaildano Secure Connections Limit IPs and ports Force

    SFTP or SSH over FTP HTTPs Always

  46. Daniel Olson @emaildano Recovery, Scaling, Automation Does your host provide

    this? Again, config as code Go JAMStack or Serverless

  47. Daniel Olson @emaildano –JAMStack
 jamstack.org “Modern web development architecture based

    on client-side JavaScript, reusable APIs, and prebuilt Markup.”

  48. Daniel Olson @emaildano Go Serverless WordPress to Static

  49. Daniel Olson @emaildano Go Serverless WordPress to Static Scale Verically

    and Horizontally
  50. None

  51. Daniel Olson @emaildano WordPress Plugins

  52. Daniel Olson @emaildano WordPress Plugins They are not a cure-all

    Definitely still need them More != Better

  53. Daniel Olson @emaildano WordPress Plugins Learn what they actually do

    Can that apply to config as code?

  54. Daniel Olson @emaildano Tinfoil File Permissions

  55. Daniel Olson @emaildano Tinfoil File Permissions When in doubt, follow

    the docs 777 Stackoverflow guy is
 not your friend

  56. Daniel Olson @emaildano Hashing and MD5

  57. Daniel Olson @emaildano – WordPress.org “MD5 is used by default

    because
 it’s supported on all platforms”

  58. Daniel Olson @emaildano Hashing and MD5 Try bcrypt, scrypt, SHA256

  59. Daniel Olson @emaildano Thank you!

  60. Daniel Olson @emaildano Daniel Olson COO, DigitalCube @emaildano

  61. Daniel Olson @emaildano Alternative Hacks WordPress Security from
 the Outside

    Looking In https://speakerdeck.com/emaildano