February WordPress St. Louis Developers Meetup Notes

The second every St. Louis WordPress developers meetup has come to a conclusion. Here are some notes that I took during the meetup.

Security Best Practices Discussion

Basics

  • Don’t use admin as your default username
  • Change the default table prefix to something unique
  • Consider moving your wp-config.php outside of your website root folder
  • In code, check user permissions before running actions or even displaying the page
  • Sanitize database inputs

Security Plugins to Check Out

Other Security-related Discussion

I can see this turning into a total flame war, but choosing another cms because it isn’t used as much for added security. For example, choosing Drupal over WordPress since WordPress is targeted for attacks more because it is more widely used. Again, I’m not trying to start a flame war, just adding this to the list since someone mentioned it. Side note: this is totally how I feel about the Windows vs. Mac debate for security. Windows has more vulnerabilities because there are more people to harm by looking for vulnerabilities on Windows. You can affect a larger percentage of people by going with the big dog.

Group Project

We talked last month about possibly working on a group project together for the hell of it. Some ideas were thrown out for plugins:

  • Forums
  • Wiki
  • Project management system
  • Picking up an abandoned plugin
  • Writing blog content about WordPress development

March Meetup Topic

WordPress Database/Table Management Best Practices

Here is a list of the things I would like to see Paul and myself cover:

  • Dive into the WordPress tables and see what they actually hold
  • Talk about some of the functions available in $wpdb
  • Talk about integrating with the posts table
  • How to create your own database tables for your plugins.

You may also like...

2 Responses

  1. February 12, 2013

    […] This week at the The St. Louis WordPress Developers Meetup we discussed tips and tricks on how to ensure your WordPress installations are as secure as possible. I’ve collected my notes below. For further reading, check out Eric Juden’s (one of our ringleaders) notes as well. […]