Upgrade to Pro — share decks privately, control downloads, hide ads and more …

WordCamp for Publishers 2017

emaildano
August 18, 2017
Technology
2
590

WordCamp for Publishers 2017

emaildano

August 18, 2017
Tweet

More Decks by emaildano

See All by emaildano
Shifter オンラインミートアップ ザ・ホワイトベルト!
emaildano
0
760
Lift and Shift WordPress to the Jamstack
emaildano
1
130
Crash Course on
Static WordPress in ~5 minutes (or less)
emaildano
0
67
Developing with WordPress, the JAMstack way
emaildano
2
1.7k
3 things I believe in and why I joined DigitalCube
emaildano
0
3.5k
The Future is SaaS
emaildano
0
82
Let's Build a Better WordPress @ WordCamp NYC 2018
emaildano
0
110
On Demand Dev with Docker + WordPress @ WordCamp Europe 2018
emaildano
0
630
Serverless PHL - March 2018
emaildano
0
380

Other Decks in Technology

See All in Technology
私なりのAIのご紹介 [2024年版]
qt_luigi
1
120
10分で学ぶKubernetesコンテナセキュリティ/10min-k8s-container-sec
mochizuki875
3
360
フロントエンド設計にモブ設計を導入してみた / 20241212_cloudsign_TechFrontMeetup
bengo4com
0
1.9k
Oracle Cloud Infrastructure:2024年12月度サービス・アップデート
oracle4engineer
PRO
0
210
2024年にチャレンジしたことを振り返るぞ
mitchan
0
140
[Ruby] Develop a Morse Code Learning Gem & Beep from Strings
oguressive
1
170
コンテナセキュリティのためのLandlock入門
nullpo_head
2
320
第3回Snowflake女子会_LT登壇資料(合成データ)_Taro_CCCMK
tarotaro0129
0
200
re:Invent をおうちで楽しんでみた ~CloudWatch のオブザーバビリティ機能がスゴい!/ Enjoyed AWS re:Invent from Home and CloudWatch Observability Feature is Amazing!
yuj1osm
0
130
普通のエンジニアがLaravelコアチームメンバーになるまで
avosalmon
0
110
統計データで2024年の クラウド・インフラ動向を眺める
ysknsid25
2
850
PHPerのための計算量入門/Complexity101 for PHPer
hanhan1978
5
210

Featured

See All Featured
Building Better People: How to give real-time feedback that sticks.
wjessup
365
19k
Unsuck your backbone
ammeep
669
57k
Mobile First: as difficult as doing things right
swwweet
222
9k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
10
810
The World Runs on Bad Software
bkeepers
PRO
65
11k
Agile that works and the tools we love
rasmusluckow
328
21k
Gamification - CAS2011
davidbonilla
80
5.1k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
45
2.2k
Optimising Largest Contentful Paint
csswizardry
33
3k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
48
2.2k
Visualization
eitanlees
146
15k
We Have a Design System, Now What?
morganepeng
51
7.3k

Transcript

  1. Daniel Olson @emaildano

  2. Daniel Olson @emaildano Daniel Olson COO, DigitalCube @emaildano

  3. Daniel Olson @emaildano Daniel Olson I develop WordPress SaaS
 products

    on AWS

  4. Daniel Olson @emaildano Alternative Hacks WordPress Security from
 the Outside

    Looking In

  5. Daniel Olson @emaildano Why Care? About WordPress Security

  6. Daniel Olson @emaildano Client Responsibility Why Care?

  7. Daniel Olson @emaildano User Responsibility Why Care?

  8. Daniel Olson @emaildano Personal Responsibility Why Care?

  9. Daniel Olson @emaildano Sh*t Happens Learn from your mistakes

  10. Daniel Olson @emaildano Old Habits
 Die Hard

  11. Daniel Olson @emaildano Secure Secure

  12. Daniel Olson @emaildano Approach security as a design problem
 and

    less of a technical problem

  13. Daniel Olson @emaildano sourcemaking.com @sourcemaking

  14. Daniel Olson @emaildano Workflow

  15. Daniel Olson @emaildano Workflow Find that weak link and fix

    it

  16. Daniel Olson @emaildano Workflow Lobby for the right fix Not

    the quick fix

  17. Daniel Olson @emaildano Workflow Lobby for the right fix Not

    the quick fix (But compromise)

  18. Daniel Olson @emaildano AntiPattern
 - SourceMaking - “commonly occurring solution

    to a problem that generates decidedly negative consequences”

  19. Daniel Olson @emaildano Design Pattern
 - SourceMaking - “An approach

    to a solution to a commonly occurring problem that’s repeatable and
 is not a finished design”

  20. Daniel Olson @emaildano Workflow ⇣ AntiPattern ⇣ Design Pattern

  21. Daniel Olson @emaildano Workflow Versioning Release Candidates for
 Personal Micro

    Improvements
  22. None

  23. Daniel Olson @emaildano A Few Ideas

  24. Daniel Olson @emaildano Disaster Plans Workflow – AntiPattern – Design

    Pattern

  25. Daniel Olson @emaildano Disaster Plans Discuss them, early and often

  26. Daniel Olson @emaildano Disaster Plans Total Data Loss Client or

    Customer Data Hack Unexpected downtime

  27. Daniel Olson @emaildano Disaster Plans Workflow – AntiPattern – Design

    Pattern

  28. Daniel Olson @emaildano Disaster Plans No Plan Partial Backup File

    only no config No SLA

  29. Daniel Olson @emaildano No Plan?

  30. Daniel Olson @emaildano No Plan? Get one

  31. Daniel Olson @emaildano Partial Backups

  32. Daniel Olson @emaildano Partial Backups Backup efficiently, not aggressively

  33. Daniel Olson @emaildano – Someone “If your data is in

    one place, it’s no place.”

  34. Daniel Olson @emaildano Files only no config

  35. Daniel Olson @emaildano Files only no config 12 factor app

    principles

  36. Daniel Olson @emaildano The Twelve Factor App 12factor.net

  37. Daniel Olson @emaildano – III. Config — The 12 Factor

    App “Apps sometimes store config as constants in the code. This is a violation of twelve-factor, which requires strict separation of config from code. Config varies substantially across deploys, code does not.”

  38. Daniel Olson @emaildano No SLA

  39. Daniel Olson @emaildano No SLA Define who’s responsable for what

    Broad and Narrow

  40. Daniel Olson @emaildano Hosting Workflow – AntiPattern – Design Pattern

  41. Daniel Olson @emaildano Web Hosting Find the right fit

  42. Daniel Olson @emaildano Web Hosting Hammered with bot traffic Secure

    Connections Recovery, Scaling, Automation

  43. Daniel Olson @emaildano Bot Traffic Put your server to work

    and serve static 404s
 with NGINX, Apache, or .htaccess

  44. Daniel Olson @emaildano Secure Connections

  45. Daniel Olson @emaildano Secure Connections Limit IPs and ports Force

    SFTP or SSH over FTP HTTPs Always

  46. Daniel Olson @emaildano Recovery, Scaling, Automation Does your host provide

    this? Again, config as code Go JAMStack or Serverless

  47. Daniel Olson @emaildano –JAMStack
 jamstack.org “Modern web development architecture based

    on client-side JavaScript, reusable APIs, and prebuilt Markup.”

  48. Daniel Olson @emaildano Go Serverless WordPress to Static

  49. Daniel Olson @emaildano Go Serverless WordPress to Static Scale Verically

    and Horizontally
  50. None

  51. Daniel Olson @emaildano WordPress Plugins

  52. Daniel Olson @emaildano WordPress Plugins They are not a cure-all

    Definitely still need them More != Better

  53. Daniel Olson @emaildano WordPress Plugins Learn what they actually do

    Can that apply to config as code?

  54. Daniel Olson @emaildano Tinfoil File Permissions

  55. Daniel Olson @emaildano Tinfoil File Permissions When in doubt, follow

    the docs 777 Stackoverflow guy is
 not your friend

  56. Daniel Olson @emaildano Hashing and MD5

  57. Daniel Olson @emaildano – WordPress.org “MD5 is used by default

    because
 it’s supported on all platforms”

  58. Daniel Olson @emaildano Hashing and MD5 Try bcrypt, scrypt, SHA256

  59. Daniel Olson @emaildano Thank you!

  60. Daniel Olson @emaildano Daniel Olson COO, DigitalCube @emaildano

  61. Daniel Olson @emaildano Alternative Hacks WordPress Security from
 the Outside

    Looking In https://speakerdeck.com/emaildano