View the Full Schedule

Tutorial: WordPress Security Auditing, Applied

I love WordPress. But WordPress sites are regularly compromised by bad code (and a lack of updates), that's the ugly truth of the situation. In this workshop we'll work to make sure that our code is never the reason that such a thing could happen. We'll start with a discussion of the security essentials for WordPress, and then in WP and PHP code. Then we'll dive into code, auditing and fixing a plugin with real and common security vulnerabilities. At the end, we'll gather back together and talk about what we found and what we missed.

David Hayes

David Hayes (@davidbhayes)

Hi! I'm David, a developer from Fort Collins, Colorado. I've been working with PHP for over a decade, and does a lot of intensive backend work, a fair bit of Javascript, and dabbles with CSS sometimes. While I'm big into WordPress, I own and run the popular development tutorial site WPShout ( I've got experience with everything from old school PHP to the latest and greatest of Symfony and Laravel.