The second every St. Louis WordPress developers meetup has come to a conclusion. Here are some notes that I took during the meetup.
Security Best Practices Discussion
- Don’t use admin as your default username
- Change the default table prefix to something unique
- Consider moving your wp-config.php outside of your website root folder
- In code, check user permissions before running actions or even displaying the page
- Sanitize database inputs
- See $wpdb->prepare()
Security Plugins to Check Out
File Monitor Plus(No longer available) File Monitor(No longer available)
- Better WP Security
- Block Bad Queries
- Bulletproof Security
Other Security-related Discussion
I can see this turning into a total flame war, but choosing another cms because it isn’t used as much for added security. For example, choosing Drupal over WordPress since WordPress is targeted for attacks more because it is more widely used. Again, I’m not trying to start a flame war, just adding this to the list since someone mentioned it. Side note: this is totally how I feel about the Windows vs. Mac debate for security. Windows has more vulnerabilities because there are more people to harm by looking for vulnerabilities on Windows. You can affect a larger percentage of people by going with the big dog.
We talked last month about possibly working on a group project together for the hell of it. Some ideas were thrown out for plugins:
- Project management system
- Picking up an abandoned plugin
- Writing blog content about WordPress development
March Meetup Topic
WordPress Database/Table Management Best Practices
Here is a list of the things I would like to see Paul and myself cover:
- Dive into the WordPress tables and see what they actually hold
- Talk about some of the functions available in $wpdb
- Talk about integrating with the posts table
- How to create your own database tables for your plugins.
2 thoughts to “February WordPress St. Louis Developers Meetup Notes”
Comments are closed.