Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
WordCamp for Publishers 2017
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
emaildano
August 18, 2017
Technology
2
610
WordCamp for Publishers 2017
emaildano
August 18, 2017
Tweet
Share
More Decks by emaildano
See All by emaildano
Shifter オンラインミートアップ ザ・ホワイトベルト!
emaildano
0
890
Lift and Shift WordPress to the Jamstack
emaildano
1
160
Crash Course on Static WordPress in ~5 minutes (or less)
emaildano
0
79
Developing with WordPress, the JAMstack way
emaildano
2
2k
3 things I believe in and why I joined DigitalCube
emaildano
0
3.8k
The Future is SaaS
emaildano
0
97
Let's Build a Better WordPress @ WordCamp NYC 2018
emaildano
0
150
On Demand Dev with Docker + WordPress @ WordCamp Europe 2018
emaildano
0
710
Serverless PHL - March 2018
emaildano
0
400
Other Decks in Technology
See All in Technology
越境する組織づくり ─ 多様性を前提にしたチームビルディングとリードの実践知
kido_engineer
2
160
クラウド × シリコンの Mashup - AWS チップ開発で広がる AI 基盤の選択肢
htokoyo
2
140
オレ達はAWS管理をやりたいんじゃない!開発の生産性を爆アゲしたいんだ!!
wkm2
4
450
[AEON TECH HUB #24] お客様の長期的興味の理解に向けて
alpicola
0
130
Oracle Database@Azure:サービス概要のご紹介
oracle4engineer
PRO
4
1.1k
メタデータ同期に潜んでいた問題 〜 Cache Stampede 時の Cycle Wait を⾒つけた話
lycorptech_jp
PRO
0
150
マルチプレーンGPUネットワークを実現するシャッフルアーキテクチャの整理と考察
markunet
2
210
AWSをCLIで理解したい! / I want to understand AWS using the CLI
mel_27
2
260
Claude Code Skills 勉強会 (DevelersIO向けに調整済み) / claude code skills for devio
masahirokawahara
0
2.1k
プロジェクトマネジメントをチームに宿す -ゼロからはじめるチームプロジェクトマネジメントは活動1年未満のチームの教科書です- / 20260304 Shigeki Morizane
shift_evolve
PRO
1
150
マネージャー版 "提案のレベル" を上げる
konifar
21
14k
型を書かないRuby開発への挑戦
riseshia
0
210
Featured
See All Featured
Six Lessons from altMBA
skipperchong
29
4.2k
職位にかかわらず全員がリーダーシップを発揮するチーム作り / Building a team where everyone can demonstrate leadership regardless of position
madoxten
61
52k
Raft: Consensus for Rubyists
vanstee
141
7.3k
Darren the Foodie - Storyboard
khoart
PRO
3
2.8k
Believing is Seeing
oripsolob
1
77
Efficient Content Optimization with Google Search Console & Apps Script
katarinadahlin
PRO
1
390
Designing for Timeless Needs
cassininazir
0
150
Utilizing Notion as your number one productivity tool
mfonobong
4
250
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
31
10k
Leading Effective Engineering Teams in the AI Era
addyosmani
9
1.7k
Building an army of robots
kneath
306
46k
The Illustrated Children's Guide to Kubernetes
chrisshort
51
52k
Transcript
Daniel Olson @emaildano
Daniel Olson @emaildano Daniel Olson COO, DigitalCube @emaildano
Daniel Olson @emaildano Daniel Olson I develop WordPress SaaS products
on AWS
Daniel Olson @emaildano Alternative Hacks WordPress Security from the Outside
Looking In
Daniel Olson @emaildano Why Care? About WordPress Security
Daniel Olson @emaildano Client Responsibility Why Care?
Daniel Olson @emaildano User Responsibility Why Care?
Daniel Olson @emaildano Personal Responsibility Why Care?
Daniel Olson @emaildano Sh*t Happens Learn from your mistakes
Daniel Olson @emaildano Old Habits Die Hard
Daniel Olson @emaildano Secure Secure
Daniel Olson @emaildano Approach security as a design problem and
less of a technical problem
Daniel Olson @emaildano sourcemaking.com @sourcemaking
Daniel Olson @emaildano Workflow
Daniel Olson @emaildano Workflow Find that weak link and fix
it
Daniel Olson @emaildano Workflow Lobby for the right fix Not
the quick fix
Daniel Olson @emaildano Workflow Lobby for the right fix Not
the quick fix (But compromise)
Daniel Olson @emaildano AntiPattern - SourceMaking - “commonly occurring solution
to a problem that generates decidedly negative consequences”
Daniel Olson @emaildano Design Pattern - SourceMaking - “An approach
to a solution to a commonly occurring problem that’s repeatable and is not a finished design”
Daniel Olson @emaildano Workflow ⇣ AntiPattern ⇣ Design Pattern
Daniel Olson @emaildano Workflow Versioning Release Candidates for Personal Micro
Improvements
None
Daniel Olson @emaildano A Few Ideas
Daniel Olson @emaildano Disaster Plans Workflow – AntiPattern – Design
Pattern
Daniel Olson @emaildano Disaster Plans Discuss them, early and often
Daniel Olson @emaildano Disaster Plans Total Data Loss Client or
Customer Data Hack Unexpected downtime
Daniel Olson @emaildano Disaster Plans Workflow – AntiPattern – Design
Pattern
Daniel Olson @emaildano Disaster Plans No Plan Partial Backup File
only no config No SLA
Daniel Olson @emaildano No Plan?
Daniel Olson @emaildano No Plan? Get one
Daniel Olson @emaildano Partial Backups
Daniel Olson @emaildano Partial Backups Backup efficiently, not aggressively
Daniel Olson @emaildano – Someone “If your data is in
one place, it’s no place.”
Daniel Olson @emaildano Files only no config
Daniel Olson @emaildano Files only no config 12 factor app
principles
Daniel Olson @emaildano The Twelve Factor App 12factor.net
Daniel Olson @emaildano – III. Config — The 12 Factor
App “Apps sometimes store config as constants in the code. This is a violation of twelve-factor, which requires strict separation of config from code. Config varies substantially across deploys, code does not.”
Daniel Olson @emaildano No SLA
Daniel Olson @emaildano No SLA Define who’s responsable for what
Broad and Narrow
Daniel Olson @emaildano Hosting Workflow – AntiPattern – Design Pattern
Daniel Olson @emaildano Web Hosting Find the right fit
Daniel Olson @emaildano Web Hosting Hammered with bot traffic Secure
Connections Recovery, Scaling, Automation
Daniel Olson @emaildano Bot Traffic Put your server to work
and serve static 404s with NGINX, Apache, or .htaccess
Daniel Olson @emaildano Secure Connections
Daniel Olson @emaildano Secure Connections Limit IPs and ports Force
SFTP or SSH over FTP HTTPs Always
Daniel Olson @emaildano Recovery, Scaling, Automation Does your host provide
this? Again, config as code Go JAMStack or Serverless
Daniel Olson @emaildano –JAMStack jamstack.org “Modern web development architecture based
on client-side JavaScript, reusable APIs, and prebuilt Markup.”
Daniel Olson @emaildano Go Serverless WordPress to Static
Daniel Olson @emaildano Go Serverless WordPress to Static Scale Verically
and Horizontally
None
Daniel Olson @emaildano WordPress Plugins
Daniel Olson @emaildano WordPress Plugins They are not a cure-all
Definitely still need them More != Better
Daniel Olson @emaildano WordPress Plugins Learn what they actually do
Can that apply to config as code?
Daniel Olson @emaildano Tinfoil File Permissions
Daniel Olson @emaildano Tinfoil File Permissions When in doubt, follow
the docs 777 Stackoverflow guy is not your friend
Daniel Olson @emaildano Hashing and MD5
Daniel Olson @emaildano – WordPress.org “MD5 is used by default
because it’s supported on all platforms”
Daniel Olson @emaildano Hashing and MD5 Try bcrypt, scrypt, SHA256
Daniel Olson @emaildano Thank you!
Daniel Olson @emaildano Daniel Olson COO, DigitalCube @emaildano
Daniel Olson @emaildano Alternative Hacks WordPress Security from the Outside
Looking In https://speakerdeck.com/emaildano
SiteGround - Reliable hosting with speed, security, and support you can count on.
emaildano
kido_engineer
htokoyo
wkm2
alpicola
oracle4engineer
lycorptech_jp
markunet
mel_27
masahirokawahara
shift_evolve
konifar
riseshia
skipperchong
madoxten
vanstee
khoart
oripsolob
katarinadahlin
cassininazir
mfonobong
eileencodes
addyosmani
kneath
chrisshort
