This weekend, I attended the WordCamp London 2018 and talked about the process to secure web applications based on WordPress.
After organising it last year and delivered a talk about getting started with plugin development, this year I’ve been to WordCamp Torino 2018 to talk about the process to secure web applications based on WordPress.
In 2000, the internationally renowned security technologist Bruce Schneier wrote: “Security is a process, not a product”. In the same essay, he wondered: “Will we ever learn?”. Apparently not.
How many times have you considered your WordPress application security only once completed? How many times have you installed a security plugin and thought it was enough? Securing a web application doesn’t mean installing a plugin just before deployment. Not at all.
I’m very passionate about security and I’d like to share my thoughts with you. My focus will be the security awareness related to web applications. Is WordPress secure? I will answer this question very clearly. And you’re not gonna like it!
Last winter, I joined the team organising the WordCamp Torino 2017 as the lead for the website group. In this post, I’d like to write some tips and tricks for managing a WordCamp website, considering the challenges that we had to face.
Setting Up the Environment
The first thing to do when starting working on a WordCamp website is setting up a local environment. WordCamp.org is part of the WordPress Meta Environment. You can choose to install either the whole Meta project or just the WordCamp website.
Here you can find some useful resources:
- Setting Up a Local WordCamp.org Sandbox
- Local Development for WordCamp Websites
- How to Set Up the WordPress Meta Environment Using VVV
Exactly two years ago, at this same time, I was coming home from Milan after attending the first Italian WordPress Contributor Day. I didn’t know then what it would have meant to me, but it was the beginning of something awesome.
I started using WordPress as a CMS in 2009, but it was just in 2015, in Milan, that I found out the Community and the several opportunities to contribute to this successful open source project. Have a look at the Make area to read more about the different teams working on WordPress.
This morning I gave a talk about how to get started with WordPress Plugin Development at WordCamp Torino 2017.
Here you can find the video and the slides of my talk, enjoy 🙂
WordPress Plugins are powerful tools that let us extend WordPress and turn it into whatever we want. What’s their secret? Join me if you want to know more about them and get started developing your own Plugin! I’ll tell you a story about magic, dangerous pirates, brave bowmen and ancient castles…
49 472 WordPress Plugins are available in the official repository. That’s a huge number! And they are just the Plugins available on wordpress.org. They are much more. For example, think about vendors that sell their own Plugins on their platforms or the thousands of Plugins loaded on GitHub, but never submitted to the official repository.
For many people Plugins are surrounded by mystery. It seems that WordPress provides us with a powerful magic wand to get anything we want. To turn WordPress into whatever we want.
What is a Plugin?
The shortest answer is a package of code. More specifically, a package of PHP code. That’s it.
The most straightforward Plugin is made up of a single unique PHP file. For example Hello Dolly, a Plugin that you’ve probably never used, but you have seen it at least once since it is delivered together with WordPress.
It’s important to understand how Plugins are related to WordPress itself. There are three major components: Core, Themes and Plugins. The Core is the application itself. Themes allow to display some data to users and to choose the look and presentation of your website. Finally, we have Plugins.
Plugins are used to extend WordPress functionalities or to add new ones. At this point, you can ask why not to modify the WordPress Core directly. Continue reading “Introduction to WordPress Plugins”
“It is a truth universally acknowledged, that each person in possession of a good website, must have used WordPress.”
That’s how our story begins, just like Jane Austen’s Pride and Prejudice. Join me on this journey through the World of WordPress! Get ready for exploring commonplaces, facing fearful stereotypes and rescuing users in danger until the untold secret will be unveiled… Continue reading “Pride and Prejudice. A WordPress Story”
Le slide e il video del mio talk al WordPress Meetup Torino sui Plugin in WordPress: cosa sono, perché si usano e come svilupparli.
Le slide e il video del mio talk al WordPress Meetup Torino sui Temi in WordPress: cosa sono, come svilupparli, come personalizzarli.