Scott brought up a bunch of attacks on his site, mainly the dreaded DDoS/brute force stuff. Scott presented on security plugins, including:
- “better wp security” has a “hide backend option” that will hide the wp-admin, redirecting the user to a 404. Make sure your .htaccess file is writeable!
- looked at sucuri scanner
- wordfence
- You should change the admin username from “admin”. Scott showed how to do this with phpmyadmin.
- Don’t use wp_ as the table prefix.
Scott looked at woocommerce as an ecommerce plugins; using it for user level based pricing.
Andy did an extensive overview of git version control. Thanks Andy!