State of WordPress Security: Today and beyond by Shivam Singh

Shivam Singh

Shivam is a Senior Software Engineer with BlogVault. He spends most of his time glued to a computer writing codes directly/indirectly related to WordPress.

He has been using WordPress for 7 years now, and has authored popular plugins and a private theme. One of the core organizers of Bengaluru WordPress Community, he adores the idea of a strong community and never misses an opportunity to contribute. His contributions include – writing for the WordPress Handbook, blogging his experiences, and contributing questions/answers on StackOverflow. Helping people at Happiness Bars is his favourite WordCamp thing.

At BlogVault he has had the opportunity to lead a number of development projects which have further helped shape his understanding of WordPress. Inspired by the ‘State of the Word 2015’, he spent the better part for his last year learning and creating web applications on ReactJS.

When not online, Shivam may be found riding his bike, hiking and photographing a new trail or sleeping.

Insights on Shivam’s talk: “State of WordPress Security: Today and beyond”

WordPress is huge. One of the greatest things about WordPress is that it’s open source; which also means that it is really well understood. WordPress powers more than 25% of the web and it’s steadily moving towards the 30% mark. Thousands of third-party plugins and themes are available. All these points that make WordPress great, also make WordPress extremely vulnerable to hacking. Also, the scale and complexity of WordPress provides for a large attack surface.

The WordPress team is invested in maintaining the integrity of the application, and all core related security issues are quickly addressed. However the same cannot be said for thousands of plugins/themes out there which makes WordPress vulnerable.

Being in the backup business, Shivam and his team have spent a lot of time helping customers restore and clean their hacked sites. All this experience and learning was later translated into code that empowers their new product.

Shivam will be sharing some important takeaways from this experience in his talk.

  • Why will anyone hack you?
  • What are the common hacks?
  • How to prevent one’s sites against them?
  • Analyzing security related data collected from over 100K WordPress sites.

The talk will discuss what these data mean to the WordPress ecosystem in current times and what can it lead to in the future.