Upgrade to Pro — share decks privately, control downloads, hide ads and more …

WordCamp for Publishers 2017

emaildano
August 18, 2017
Technology
2
580

WordCamp for Publishers 2017

emaildano

August 18, 2017
Tweet

More Decks by emaildano

See All by emaildano
Shifter オンラインミートアップ ザ・ホワイトベルト!
emaildano
0
750
Lift and Shift WordPress to the Jamstack
emaildano
1
130
Crash Course on
Static WordPress in ~5 minutes (or less)
emaildano
0
66
Developing with WordPress, the JAMstack way
emaildano
2
1.6k
3 things I believe in and why I joined DigitalCube
emaildano
0
3.5k
The Future is SaaS
emaildano
0
82
Let's Build a Better WordPress @ WordCamp NYC 2018
emaildano
0
110
On Demand Dev with Docker + WordPress @ WordCamp Europe 2018
emaildano
0
620
Serverless PHL - March 2018
emaildano
0
380

Other Decks in Technology

See All in Technology
AWS CodePipelineでコンテナアプリをデプロイした際に、古いイメージを自動で削除する
smt7174
1
100
APIテスト自動化の勘所
yokawasa
7
4.2k
Aurora_BlueGreenDeploymentsやってみた
tsukasa_ishimaru
1
130
WINTICKETアプリで実現した高可用性と高速リリースを支えるエコシステム / winticket-eco-system
cyberagentdevelopers
PRO
1
190
新卒1年目が挑む!生成AI × マルチエージェントで実現する次世代オンボーディング / operation-ai-onboarding
cyberagentdevelopers
PRO
1
170
Vueで Webコンポーネントを作って Reactで使う / 20241030-cloudsign-vuefes_after_night
bengo4com
4
2.5k
新卒1年目が向き合う生成AI事業の開発を加速させる技術選定 / ai-web-launcher
cyberagentdevelopers
PRO
7
1.5k
Fargateを使った研修の話
takesection
0
120
【若手エンジニア応援LT会】AWS Security Hubの活用に苦労した話
kazushi_ohata
0
170
リンクアンドモチベーション ソフトウェアエンジニア向け紹介資料 / Introduction to Link and Motivation for Software Engineers
lmi
4
290k
「 SharePoint 難しい」ってよく聞くけど、そんなに言うなら8歳の息子に試してもらった
taichinakamura
1
630
いまさらのStorybook
ikumatadokoro
0
150

Featured

See All Featured
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
9
680
Understanding Cognitive Biases in Performance Measurement
bluesmoon
26
1.4k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
14
1.9k
The Cult of Friendly URLs
andyhume
78
6k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
504
140k
Why Our Code Smells
bkeepers
PRO
334
57k
10 Git Anti Patterns You Should be Aware of
lemiorhan
654
59k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
107
49k
Learning to Love Humans: Emotional Interface Design
aarron
272
40k
4 Signs Your Business is Dying
shpigford
180
21k
KATA
mclloyd
29
13k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
37
1.8k

Transcript

  1. Daniel Olson @emaildano

  2. Daniel Olson @emaildano Daniel Olson COO, DigitalCube @emaildano

  3. Daniel Olson @emaildano Daniel Olson I develop WordPress SaaS
 products

    on AWS

  4. Daniel Olson @emaildano Alternative Hacks WordPress Security from
 the Outside

    Looking In

  5. Daniel Olson @emaildano Why Care? About WordPress Security

  6. Daniel Olson @emaildano Client Responsibility Why Care?

  7. Daniel Olson @emaildano User Responsibility Why Care?

  8. Daniel Olson @emaildano Personal Responsibility Why Care?

  9. Daniel Olson @emaildano Sh*t Happens Learn from your mistakes

  10. Daniel Olson @emaildano Old Habits
 Die Hard

  11. Daniel Olson @emaildano Secure Secure

  12. Daniel Olson @emaildano Approach security as a design problem
 and

    less of a technical problem

  13. Daniel Olson @emaildano sourcemaking.com @sourcemaking

  14. Daniel Olson @emaildano Workflow

  15. Daniel Olson @emaildano Workflow Find that weak link and fix

    it

  16. Daniel Olson @emaildano Workflow Lobby for the right fix Not

    the quick fix

  17. Daniel Olson @emaildano Workflow Lobby for the right fix Not

    the quick fix (But compromise)

  18. Daniel Olson @emaildano AntiPattern
 - SourceMaking - “commonly occurring solution

    to a problem that generates decidedly negative consequences”

  19. Daniel Olson @emaildano Design Pattern
 - SourceMaking - “An approach

    to a solution to a commonly occurring problem that’s repeatable and
 is not a finished design”

  20. Daniel Olson @emaildano Workflow ⇣ AntiPattern ⇣ Design Pattern

  21. Daniel Olson @emaildano Workflow Versioning Release Candidates for
 Personal Micro

    Improvements
  22. None

  23. Daniel Olson @emaildano A Few Ideas

  24. Daniel Olson @emaildano Disaster Plans Workflow – AntiPattern – Design

    Pattern

  25. Daniel Olson @emaildano Disaster Plans Discuss them, early and often

  26. Daniel Olson @emaildano Disaster Plans Total Data Loss Client or

    Customer Data Hack Unexpected downtime

  27. Daniel Olson @emaildano Disaster Plans Workflow – AntiPattern – Design

    Pattern

  28. Daniel Olson @emaildano Disaster Plans No Plan Partial Backup File

    only no config No SLA

  29. Daniel Olson @emaildano No Plan?

  30. Daniel Olson @emaildano No Plan? Get one

  31. Daniel Olson @emaildano Partial Backups

  32. Daniel Olson @emaildano Partial Backups Backup efficiently, not aggressively

  33. Daniel Olson @emaildano – Someone “If your data is in

    one place, it’s no place.”

  34. Daniel Olson @emaildano Files only no config

  35. Daniel Olson @emaildano Files only no config 12 factor app

    principles

  36. Daniel Olson @emaildano The Twelve Factor App 12factor.net

  37. Daniel Olson @emaildano – III. Config — The 12 Factor

    App “Apps sometimes store config as constants in the code. This is a violation of twelve-factor, which requires strict separation of config from code. Config varies substantially across deploys, code does not.”

  38. Daniel Olson @emaildano No SLA

  39. Daniel Olson @emaildano No SLA Define who’s responsable for what

    Broad and Narrow

  40. Daniel Olson @emaildano Hosting Workflow – AntiPattern – Design Pattern

  41. Daniel Olson @emaildano Web Hosting Find the right fit

  42. Daniel Olson @emaildano Web Hosting Hammered with bot traffic Secure

    Connections Recovery, Scaling, Automation

  43. Daniel Olson @emaildano Bot Traffic Put your server to work

    and serve static 404s
 with NGINX, Apache, or .htaccess

  44. Daniel Olson @emaildano Secure Connections

  45. Daniel Olson @emaildano Secure Connections Limit IPs and ports Force

    SFTP or SSH over FTP HTTPs Always

  46. Daniel Olson @emaildano Recovery, Scaling, Automation Does your host provide

    this? Again, config as code Go JAMStack or Serverless

  47. Daniel Olson @emaildano –JAMStack
 jamstack.org “Modern web development architecture based

    on client-side JavaScript, reusable APIs, and prebuilt Markup.”

  48. Daniel Olson @emaildano Go Serverless WordPress to Static

  49. Daniel Olson @emaildano Go Serverless WordPress to Static Scale Verically

    and Horizontally
  50. None

  51. Daniel Olson @emaildano WordPress Plugins

  52. Daniel Olson @emaildano WordPress Plugins They are not a cure-all

    Definitely still need them More != Better

  53. Daniel Olson @emaildano WordPress Plugins Learn what they actually do

    Can that apply to config as code?

  54. Daniel Olson @emaildano Tinfoil File Permissions

  55. Daniel Olson @emaildano Tinfoil File Permissions When in doubt, follow

    the docs 777 Stackoverflow guy is
 not your friend

  56. Daniel Olson @emaildano Hashing and MD5

  57. Daniel Olson @emaildano – WordPress.org “MD5 is used by default

    because
 it’s supported on all platforms”

  58. Daniel Olson @emaildano Hashing and MD5 Try bcrypt, scrypt, SHA256

  59. Daniel Olson @emaildano Thank you!

  60. Daniel Olson @emaildano Daniel Olson COO, DigitalCube @emaildano

  61. Daniel Olson @emaildano Alternative Hacks WordPress Security from
 the Outside

    Looking In https://speakerdeck.com/emaildano