Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
WordCamp for Publishers 2017
Search
emaildano
August 18, 2017
Technology
2
600
WordCamp for Publishers 2017
emaildano
August 18, 2017
Tweet
Share
More Decks by emaildano
See All by emaildano
Shifter オンラインミートアップ ザ・ホワイトベルト!
emaildano
0
840
Lift and Shift WordPress to the Jamstack
emaildano
1
150
Crash Course on Static WordPress in ~5 minutes (or less)
emaildano
0
74
Developing with WordPress, the JAMstack way
emaildano
2
1.9k
3 things I believe in and why I joined DigitalCube
emaildano
0
3.7k
The Future is SaaS
emaildano
0
89
Let's Build a Better WordPress @ WordCamp NYC 2018
emaildano
0
140
On Demand Dev with Docker + WordPress @ WordCamp Europe 2018
emaildano
0
680
Serverless PHL - March 2018
emaildano
0
390
Other Decks in Technology
See All in Technology
多野優介
tanoyusuke
1
460
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
9.1k
AI時代だからこそ考える、僕らが本当につくりたいスクラムチーム / A Scrum Team we really want to create in this AI era
takaking22
6
3.6k
Exadata Database Service on Dedicated Infrastructure(ExaDB-D) UI スクリーン・キャプチャ集
oracle4engineer
PRO
2
5.5k
空間を設計する力を考える / 20251004 Naoki Takahashi
shift_evolve
PRO
3
400
AWSにおけるTrend Vision Oneの効果について
shimak
0
130
Function calling機能をPLaMo2に実装するには / PFN LLMセミナー
pfn
PRO
0
960
神回のメカニズムと再現方法/Mechanisms and Playbook for Kamikai scrumat2025
moriyuya
4
590
実装で解き明かす並行処理の歴史
zozotech
PRO
1
530
AI ReadyなData PlatformとしてのAutonomous Databaseアップデート
oracle4engineer
PRO
0
210
業務自動化プラットフォーム Google Agentspace に入門してみる #devio2025
maroon1st
0
200
「Verify with Wallet API」を アプリに導入するために
hinakko
1
250
Featured
See All Featured
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
Side Projects
sachag
455
43k
Building Applications with DynamoDB
mza
96
6.6k
Designing for humans not robots
tammielis
254
26k
The Pragmatic Product Professional
lauravandoore
36
6.9k
How STYLIGHT went responsive
nonsquared
100
5.8k
Designing Experiences People Love
moore
142
24k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
960
Large-scale JavaScript Application Architecture
addyosmani
514
110k
The Art of Programming - Codeland 2020
erikaheidi
56
14k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
45
2.5k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
15k
Transcript
Daniel Olson @emaildano
Daniel Olson @emaildano Daniel Olson COO, DigitalCube @emaildano
Daniel Olson @emaildano Daniel Olson I develop WordPress SaaS products
on AWS
Daniel Olson @emaildano Alternative Hacks WordPress Security from the Outside
Looking In
Daniel Olson @emaildano Why Care? About WordPress Security
Daniel Olson @emaildano Client Responsibility Why Care?
Daniel Olson @emaildano User Responsibility Why Care?
Daniel Olson @emaildano Personal Responsibility Why Care?
Daniel Olson @emaildano Sh*t Happens Learn from your mistakes
Daniel Olson @emaildano Old Habits Die Hard
Daniel Olson @emaildano Secure Secure
Daniel Olson @emaildano Approach security as a design problem and
less of a technical problem
Daniel Olson @emaildano sourcemaking.com @sourcemaking
Daniel Olson @emaildano Workflow
Daniel Olson @emaildano Workflow Find that weak link and fix
it
Daniel Olson @emaildano Workflow Lobby for the right fix Not
the quick fix
Daniel Olson @emaildano Workflow Lobby for the right fix Not
the quick fix (But compromise)
Daniel Olson @emaildano AntiPattern - SourceMaking - “commonly occurring solution
to a problem that generates decidedly negative consequences”
Daniel Olson @emaildano Design Pattern - SourceMaking - “An approach
to a solution to a commonly occurring problem that’s repeatable and is not a finished design”
Daniel Olson @emaildano Workflow ⇣ AntiPattern ⇣ Design Pattern
Daniel Olson @emaildano Workflow Versioning Release Candidates for Personal Micro
Improvements
None
Daniel Olson @emaildano A Few Ideas
Daniel Olson @emaildano Disaster Plans Workflow – AntiPattern – Design
Pattern
Daniel Olson @emaildano Disaster Plans Discuss them, early and often
Daniel Olson @emaildano Disaster Plans Total Data Loss Client or
Customer Data Hack Unexpected downtime
Daniel Olson @emaildano Disaster Plans Workflow – AntiPattern – Design
Pattern
Daniel Olson @emaildano Disaster Plans No Plan Partial Backup File
only no config No SLA
Daniel Olson @emaildano No Plan?
Daniel Olson @emaildano No Plan? Get one
Daniel Olson @emaildano Partial Backups
Daniel Olson @emaildano Partial Backups Backup efficiently, not aggressively
Daniel Olson @emaildano – Someone “If your data is in
one place, it’s no place.”
Daniel Olson @emaildano Files only no config
Daniel Olson @emaildano Files only no config 12 factor app
principles
Daniel Olson @emaildano The Twelve Factor App 12factor.net
Daniel Olson @emaildano – III. Config — The 12 Factor
App “Apps sometimes store config as constants in the code. This is a violation of twelve-factor, which requires strict separation of config from code. Config varies substantially across deploys, code does not.”
Daniel Olson @emaildano No SLA
Daniel Olson @emaildano No SLA Define who’s responsable for what
Broad and Narrow
Daniel Olson @emaildano Hosting Workflow – AntiPattern – Design Pattern
Daniel Olson @emaildano Web Hosting Find the right fit
Daniel Olson @emaildano Web Hosting Hammered with bot traffic Secure
Connections Recovery, Scaling, Automation
Daniel Olson @emaildano Bot Traffic Put your server to work
and serve static 404s with NGINX, Apache, or .htaccess
Daniel Olson @emaildano Secure Connections
Daniel Olson @emaildano Secure Connections Limit IPs and ports Force
SFTP or SSH over FTP HTTPs Always
Daniel Olson @emaildano Recovery, Scaling, Automation Does your host provide
this? Again, config as code Go JAMStack or Serverless
Daniel Olson @emaildano –JAMStack jamstack.org “Modern web development architecture based
on client-side JavaScript, reusable APIs, and prebuilt Markup.”
Daniel Olson @emaildano Go Serverless WordPress to Static
Daniel Olson @emaildano Go Serverless WordPress to Static Scale Verically
and Horizontally
None
Daniel Olson @emaildano WordPress Plugins
Daniel Olson @emaildano WordPress Plugins They are not a cure-all
Definitely still need them More != Better
Daniel Olson @emaildano WordPress Plugins Learn what they actually do
Can that apply to config as code?
Daniel Olson @emaildano Tinfoil File Permissions
Daniel Olson @emaildano Tinfoil File Permissions When in doubt, follow
the docs 777 Stackoverflow guy is not your friend
Daniel Olson @emaildano Hashing and MD5
Daniel Olson @emaildano – WordPress.org “MD5 is used by default
because it’s supported on all platforms”
Daniel Olson @emaildano Hashing and MD5 Try bcrypt, scrypt, SHA256
Daniel Olson @emaildano Thank you!
Daniel Olson @emaildano Daniel Olson COO, DigitalCube @emaildano
Daniel Olson @emaildano Alternative Hacks WordPress Security from the Outside
Looking In https://speakerdeck.com/emaildano