Security for WordPress Websites with Kathy Zant from Wordfence Security Plugin
Author: Chris Badgett
Go to Source
Learn about security for WordPress websites with Kathy Zant from Wordfence security plugin in this episode of the LMScast podcast with Chris Badgett of LifterLMS. Kathy shares her story of entering the WordPress security space and several tips and tricks for online course creators to help protect their platforms.
Security is incredibly important. Some statistics show that over 50% of small businesses that get hacked have serious effects on their business due to the downtime or damage to the company’s reputation. For many online course creators their website is their business. Whether they’re selling courses or services, the website is the linchpin in keeping that system functioning.
Website security is like an insurance plan. It is not glamorous, but when something happens to your site, you will wish you had something in place to prevent it and be ready to deal with it. Chris and Kathy encourage you to put some security measures in place on your site. Even if you have not had anything bad happen yet, you can lose a lot of time and money, especially if your site is an ecommerce site.
A lot of small business owners think that hacking won’t happen to them, because they don’t run a huge site network that has hundreds of thousands of visits per month. Kathy shares some reasons that even sites that are not large brands could be hacked.
Hacking sites tends to come down to financial gain for the hackers, and most hackings are done by bots set up by humans, rather than by humans directly. Kathy shares several ways hackers can take advantage of your site that are almost unnoticeable unless you have security measures in place monitoring your site.
Wordfence is free and available on the WordPress repository. They also have some premium features to help protect your site from security issues faced by other sites with Wordfence. The firewall that prevents malicious traffic from hitting your site is the major feature of Wordfence that helps to protect over 2 million sites on the internet.
To learn more about Kathy Zant and the Wordfence security solution, head to Wordfence.com. You can also find her on Twitter at @KathyZant and her personal website Zant.com.
After securing your WordPress site, be sure to head over to LifterLMS.com to find out more about how you can use LifterLMS to build your own online courses and membership sites. If you like this episode of LMScast, you can browse more episodes here. Subscribe to our newsletter for updates, developments, and future episodes of LMScast. Thank you for joining us!
EPISODE TRANSCRIPT
Chris Badgett: You’ve come to the right place if you’re a course creator looking to build more impact, income, and freedom. LMScast is the number one podcast for course creators just like you. I’m your guide, Chris Badgett. I’m the co-founder of the most powerful tool for building, selling, and protecting engaging online courses called LifterLMS. Enjoy the show.
Chris Badgett: Hello, and welcome back to another episode of LMScast. I’m joined today by a special guest, Kathy Zant from Wordfence. How you doing, Kathy?
Kathy Zant: Doing great. Thanks for having me.
Chris Badgett: Kathy is a WordPress security expert, and I want to ask you first, if we’re working with clients as WordPress people, how do we explain why security is important?
Kathy Zant: Security is incredibly important. Some statistics that I’ve seen show that over 50% of small businesses, when they get hacked, it affects their business because they’re not … To clean a site for a security professional, not a big deal, but if security is not sure, main line of business, it can take days to get your site back up. If you’re not watching your site, it can affect your search engine rankings. It can affect your business overall. Customers trying to find you can get redirected.
Kathy Zant: Overall, the main reason why security is important for the small business is that your website is the first impression. It’s the storefront, the digital storefront for your business, so when someone shows up at that storefront, if it’s defaced, if it’s directing to a competitor, or if it’s directing to a bad neighborhood, it affects your business. It affects your customers. It affects your prospects, and then affects your bottom line. Once customers start seeing that, they understand how important security is.
Chris Badgett: That’s awesome. I mean, I’ve been hacked before on my websites, and I’ve had different issues going on, and I feel like security is one of those things where it’s not like glamorous, and then when it finally happens to you, you’re going to wish you had had something in place all along to both prevent it or be ready to deal with it if something does happen. It’s just one of those lessons learned the hard way, and I’ll just encourage you who’s watching or listening. If you have not been hacked yet or experienced security problems, it’s better to have some things in place to address that before having something bad happen, and then scramble to deal with it like you described. If you don’t have the tools to fix it or don’t know who to call, you can lose valuable time and money, especially if your website is an e-commerce site. There’s all kinds of risk at play here.
Kathy Zant: Exactly. I mean, car insurance is not a real fun, exciting topic. It’s not going to … You can’t talk about how your kids getting to school on time is important, right? It’s important to your kids to get to school on time, and to be in class, and everything. How does that relate to car insurance? Well, I mean, if you’re not defensive driving, if you’re not watching stop signs and things like that, it doesn’t sound like a really interesting topic, but if you’re not getting car insurance, it can affect all aspects of your life, and for your digital life, for your digital business, it can affect everything from your customers being able to email you because you can end up on spam blacklist.
Kathy Zant: It can affect your customers being able to refer business to you. It affects so many different parameters of your business. It’s not just somebody coming to your website. If you’re running ad traffic, for example, you’re running an ad campaign on Facebook or any other social media and you’re sending traffic to your digital storefront, and then that’s going to someplace is, it can really ruin your business and cost a lot money.
Chris Badgett: Great points. Well, what … So, you come from Wordfence.com. What does Wordfence do to help website owners with security?
Kathy Zant: Yes. Well, we are solely in the WordPress world. Wordfence is a plug-in. It’s freely available on the repository. We have over 2 million installs around the world. It does have a premium aspects that you can unlock, and that premium key is $99 a year, and there’s discounts for larger numbers of keys if you wanted to purchase them. It’s primarily a firewall. That’s how it’s going to protect your site, but it also has …
Chris Badgett: So, explain that. Explain that.
Kathy Zant: Sure.
Chris Badgett: What is a firewall for the non-techy?
Kathy Zant: Okay. Well, the firewall is looking at the traffic that’s coming into your website and analyzing it based on a number of parameters. It’s looking for markers of malicious activity, so some malicious activity might be a SQL injection, and SQL is a database statement, and SQL injection appends some directives on to that normal SQL statement to do malicious activity to get into your database to basically break into your site, so it will look for things like that. Cross-site scripting. Other types of malicious activity.
Kathy Zant: The premium feature has a really cool thing. This is how we keep the lights on is the real-time blacklist. Because we’re installed on so many websites, WordPress websites, if we see a malicious IP ad or malicious traffic coming from an IP address, say, in Algeria and it’s attacking a site in Germany, for example, and you have premium on your site, and your site is hosted at GoDaddy, just because we see that malicious traffic coming from that IP address, we block all of our premium customers that IP address for them, so it’s looking at the types of traffic, and then in premium, it’s actually blocking IP addresses that we know are malicious, and that’s a rolling blacklist. You don’t have to go like blocking that IP forever. We see that activity, and it gets blocked.
Chris Badgett: So, that’s very cool. That’s like a network effect where it gets more valuable the bigger you guys get and just more relevant, more data coming into … where is all the bad stuff coming from.
Kathy Zant: Exactly.
Chris Badgett: Tell us more about what you were saying at the … that’s included in the free level, the free firewall. What is it doing exactly?
Kathy Zant: It’s looking at the malicious activity.
Chris Badgett: Yeah.
Kathy Zant: So, if that … our mythical creature in Algeria, which is probably a bot, right?
Chris Badgett: Yeah.
Kathy Zant: Because WordPress is installed on so many sites, it’s the biggest traffic, so bots are just constantly attacking WordPress looking for any kind of vulnerability. It’s looking for, like for example, that SQL injection to see if it will work. It’s looking for outdated plug-ins and known vulnerabilities that exist, and it just keeps poking until it finds a weakness, so Wordfence is looking for it on all of those sites. It’s blocking that kind of activity on the free version, and then it also phones home to us and lets us know that that IP address is doing malicious activity, so on all those 2 million sites that are running Wordfence free, it informs and helps the premium users also block that IP address.
Chris Badgett: Could you speak a little bit more to … I hear people when we’re talking about security, they ask like, “Why would these hackers, or spammers, or whatever want to … Like why do they care about my website?” You mentioned that a lot of it is actually not human. It’s bot or computer program traffic or whatever. Like why does this … Why is this even a problem in the first place? What’s their goal? What are they trying to do, our mythical creature?
Kathy Zant: Right. Yeah. Yes. Well, behind that mythical creature, that bot that’s attacking everything, there’s a guy or maybe a group of guys. I’m not entirely sure or maybe it’s a woman. I’m not sure.
Chris Badgett: Yeah.
Kathy Zant: They’re looking for … It’s all profit-based, so the types of malicious activity that we see primarily has been in the SEO world. Obviously, you have a website. The more inbound links you have pointing at that website, the higher it is in the search engines, right? So, they’re looking to basically get into your site and either direct links to a site so that it rises in the search engine. They’re looking to put a malicious link somewhere in your site that redirects your customer’s site to their site so that they get views or they get affiliate commissions. Those types of things.
Kathy Zant: In the past couple of years, as cryptocurrencies have become more and more valuable, we’ve seen a lot of crypto miners showing up on sites, so that your customer or your prospect that’s visiting your website is … Their machine is actually mining cryptocurrency in a JavaScript, a little script that’s running on their browser because they visited your hacked site.
Chris Badgett: Wow.
Kathy Zant: It’s all profit motive. They’re looking to make a buck, and even though your site is small and you might thing it’s insignificant and not important, it’s a matter of scale. They have these bots looking for any kind of malicious or any kind of vulnerability so that they can get in there maliciously, and so they do a hundred sites. It’s like hacking one big site but … I mean, it’s still valuable to them.
Chris Badgett: Awesome. Well, now, we know the why behind the what like why this is going on. If you that is watching or listening wants to get started and just install the free Wordfence plug-in, what are the quick set-up tips that you recommend, how they get the plug-in, and what should they do first with the settings or whatever?
Kathy Zant: Okay. Well, it’s freely available on the repository, so you can just download it. Install it. Activate it. It will ask you … It will walk you through some basic set-up, but the primary things to watch for, first of all, is to optimize the firewall and that … What it actually does, and I’m trusting that your audience knows a little bit about WordPress and how it works. There is a file that runs on your server called htaccess.
Chris Badgett: Yeah.
Kathy Zant: It has some directives that basically tell WordPress what to do, and so when you optimize the firewall, it adds a little bit of code in there that basically says, “Run the firewall before you hit WordPress,” and that actually improves the performance of your site because the firewall is actually blocking malicious traffic before it’s accessing all that WordPresses so that your customers and actually valid traffic is engaging with WordPress rather than malicious traffic.
Kathy Zant: So, that would be the first thing I’d do. Then, you want to run a scan. It has a malware and vulnerability scanner as well. It’s how it got started, so run a scan and see what it reports back. It will tell you, one, if you’ve got malicious files on your system, and if you do, we have a site cleaning service, but it will also walk you through how to remove those files or how to clean those files. It will tell you if there’s any files that don’t match core, so that’s a really neat way to be on top of even the latest malware that’s being developed because malware is always constantly evolving.
Kathy Zant: It will tell you also if you have plug-ins installed that need an update if you have plug-ins that have not been maintained in the last couple of years by the developer, and those things are … security concerns associated with that, and it will also tell you, “Update your theme.” All of that kind of stuff, and your core files too. It will tell you if your core is not updated because primarily, when we see hacked sites, that’s how they’re getting in.
Chris Badgett: [Crosstalk 00:12:04].
Kathy Zant: Yeah.
Chris Badgett: Well, let’s take … go at this from another angle, which I know you have experienced as an agency person. I was a WordPress freelancer, and I built up an agency, and then transitioned to a product company, but I know what it’s like to work with clients of all different sizes, and people need more often than just the initial website and the launch, and a lot of agencies or freelancers are trying to figure out how to add value through an ongoing monthly or whatever recurring maintenance package. You mentioned one of the security concerns is plug-ins, being out of date, WordPress being out of date.
Kathy Zant: Yeah.
Chris Badgett: We’ve got a busy website owner who wants to invest in security and recurring … even if there’s a recurring monthly cost or whatever. How would you advice that person building a service around WordPress updates? What can they do from a security perspective?
Kathy Zant: Okay.
Chris Badgett: What can they put in the package?
Kathy Zant: Sure. Definitely. All right, so I work with a number of different agencies. I’ve also had some agency background. My first real web job was working with United Airlines for an agency, and I was the project manager running a group of programmers and designers helping United maintain their sites and develop new … What’s a website? It is basically a reflection of your business, and what’s your business? It’s an organically constantly-evolving entity. It doesn’t just stay static.
Kathy Zant: If you stay static, then your competition will eventually beat you out, so you have to constantly be evolving your business, and your website has to reflect that, so it’s going to constantly be in a state of flux. If you don’t have maintenance managing that flux, managing the organic growth of your business as it’s reflected out in your website, then your website becomes stale and outdated, and all of a sudden, it looks like GeoCities 1999, and you don’t really know how that happened.
Kathy Zant: That’s one of the reasons why maintenance is so important. In order for a website to really drive traffic to really convert your customers into a place where they’re buying from you and they feel engaged with you. It has to reflect your business. I think that’s the number one thing that small businesses want to hear from a website developer is that you’re going to help my business grow. You’re going to help my business be all that it is.
Kathy Zant: Security, it’s like the car insurance thing. Nobody wants to talk about it, but everybody has to have it, and security … But the big risk is if you don’t have the insurance, if you don’t have the assurance that your site is going to stay safe, it’s going to cost you, and it’s going to cost you dearly, so it’s important to have locks on the storefront of your business to make sure that nobody can get in. It’s important to assess those locks because security is changing all the time and vulnerabilities … In an open-source world with WordPress, vulnerabilities are discovered all the time.
Kathy Zant: You can go to a website, WPVulnDB. it’s WordPress Vulnerability Database. Go in there and look at any plug-in, any theme, and you’re probably going to find a vulnerability that has existed at some point in time. You never know when a plug-in that you have on your site is going to be the next one with a vulnerability. Of course, unless you have Wordfence scanning that’s telling you that you’ve got a problem, so communicating that importance of security as well as having a website that is organically reflecting that small business and what they want to do in serving their customers I think is how you communicate and how you position maintenance services to a client.
Chris Badgett: That is awesome. That is very valuable for those looking to build an ongoing value because what people want, I find in the agency world and ways, is they don’t just want a website. They want a technology partner who has their best interest at heart. They need that person to advise, recommend, be built on solid processes and best practices. It doesn’t have to be just a website.
Kathy Zant: Exactly. Exactly. I mean, they … What is a small business doing? They’re growing their business. They’re connecting with their customers. They’re making sales, and they’re serving their customer, which may or may not relate to the website. They don’t want to have to know about what SQL injection vulnerability exist, but as a website developer, if you’re using the tools that are available to you, you know about that. All of a sudden, now you’re the expert and you develop … It just takes a couple of times of saying, “I saved your bacon on this for your customer,” to realize that you are their partner, and that you’ve got their back, and that you’re watching out for their site for them so they don’t have to worry about it.
Chris Badgett: Yeah, that’s awesome. I know you also have a talent in streamlining processes. Can you talk about that?
Kathy Zant: Well, you don’t want to recreate the wheel for every single customer, right?
Chris Badgett: Yeah.
Kathy Zant: I mean, as an agency, you have prospect that comes in. The first customer is going to be the hardest because you’re going to set up a number of systems in order to take care of that customer, but after that, every customer that comes in, you have to look at it from the very get-go and say, “Okay. How does the service that I’ve created for customer A, how is that going to serve customer B?”
Kathy Zant: You then create processes where you are actually taking one process for one customer and replicating that because it’s just like what the bot guy is doing. It’s order of scale, so you have one customer. Don’t try to be anything … everything to that customer, but if you can develop some systems so that it is applicable across all sites. It’s why so many agencies just standardize on WordPress and aren’t going to let Joomla or Drupal.
Kathy Zant: Even though they may have a customer that is best served by what Drupal has to offer, you’re the WordPress person, and you’re standardizing on that, and you’re standardizing on Wordfence as your security tool, and you’re standardizing on this theme because you know it inside and out, backwards and forwards, and you have your package of what you bring to the table. When you do that, then every time you have a new customer, it just becomes easier and easier, so basically, you just have to … but you have to do that at the start.
Kathy Zant: Just like selling services or selling maintenance, it’s not something that if you have a customer that you developed a website for two years ago and they’re not maintaining it, it’s really hard to convince them that they need maintenance, unless you can tie it to their business growth. They maybe haven’t been hacked. They don’t see the need for any of this stuff. They don’t see … “Well, we’ve gone this far without car insurance. What do we need it for now?”
Kathy Zant: So, you have to sell it at the get-go when you’re developing a new site for someone and why maintenance is important, and you sell it as a package so that you go from development into launch into maintenance, and it’s a streamline process there from the beginning. Otherwise, it … It’s like you have to do an entirely different sales job for the maintenance side of things if you don’t include it from the beginning.
Chris Badgett: Words of wisdom there. I wish I had heard that advice a long time ago. I remember … This was a long time ago. I think 2010 or so. I had a bunch of clients, and there was like some articles going viral about some bot net, and all of a sudden, everybody with a WordPress website was really concerned with security or getting hacked and everything, and I was able to suggest some work to my clients that, “Hey, we should probably do this.” So, again, I was not doing it like you said. I had to go through another sales cycle and present this thing, and then optimize the security, and that’s how I first started learning about WordPress security and what was going on, but if I had known what you were just talking about about really building that into the design from the start, it would have been easier and even more recurring revenue or whatever.
Kathy Zant: Right. Right, and recurring revenue for an agency is so important because what you end up doing is you sell this ball of development, right? You go through a sales process. You sell it, and it’s like, “Oh, wow. Now, I’ve got to get it done.” Right? Then, your focus turns towards getting it done, and you’re not selling the next customer. So then, your income start and your cashflow starts getting really peaks and valleys, and if you have maintenance and you’ve got a streamlined process to deal with that maintenance so that it’s easy for you that … just like cleaning hacked sites is super easy for me because I’ve done it so many times. I know when I get in there. I’ve done it so many times. It’s easy.
Kathy Zant: You get your maintenance to that place where it’s just easy to do, but you’re charging enough that it’s going to stabilize your income. Then, you can have more fun. I never liked doing maintenance. That was like the most boring. I didn’t want to even sell it because it’s like, “Oh, this is the most boring thing ever.” I wanted to build like the latest and greatest newest thing. I wanted to try out all the new CSS tricks and all the fun stuff, right?
Kathy Zant: Maintenance sounds so boring, and it is so boring, but if you can streamline it, it really … It’s like doing accounting. It’s like, “Oh my gosh, taxes are due. I’ve got this mountain of receipts that I have to go through,” or you’re doing it every single day and you’ve got a process down where you’re like filing away everything where it’s supposed to be, and so like when you finally get to the point where you have to do taxes, all the numbers are right there, and you just copy it where it needs to go. If you do a little at a time, it makes it a lot easier rather than trying to like do this giant thing.
Chris Badgett: Wow, that is really solid there. Um, I want to ask you … Here’s a surprise bonus round question. So, one of the things in the online course, the training-based membership site industry, one of the reasons some people either just start with the WordPress LMS or make the move from a hosted platform is … There’s a lot of reasons they make that move. They want unlimited extendibility, design, branding freedom, functionality freedom. They want to own the website. They don’t want somebody else who has their hand in their revenue stream or/and they just want to have the control, the ownership, and everything. But with all those benefits, you do have more technical responsibility of, “Okay. Now, it’s your website.”
Kathy Zant: Yeah.
Chris Badgett: You’re not just paying monthly for access to basically somebody else’s website, and one of the concerns there is some people say, “Well, WordPress isn’t secure,” but the real– Can you speak to that like is WordPress any more or less secure than any other thing on the internet, or just in general, where does WordPress sit in terms of security with the greater web as a whole, whether that’s email accounts, or Facebook, or whatever else people are using all the time?
Kathy Zant: Yeah. Our answer to, “Is WordPress secure?” is yes, WordPress is a secure platform, but my joke is WordPress is awesome because it lets anybody publish online. “Oh my god, WordPress is horrible. It lets everyone publish online.” Right?
Chris Badgett: Yeah.
Kathy Zant: It’s a double-edged sword. It has the ability to … and I love that about WordPress is that it gives that five … I mean, i started blogging back when like it was movable type and you had to like FTP this monstrosity up, and it was just … It was really huge, and WordPress came along. It was fast, and it was easy, and it made getting online very simple, but once it’s in your hands, it is your site, right?
Kathy Zant: It’s your responsibility. It’s your responsibility to look at the plug-ins that you’re putting on your site. It’s your responsibility to keep everything updated, and the great thing about what Wordfence does is that it gives all that knowledge and the tools necessary to make good security decisions into the palms of the hands of the people who need it most, and that’s the site owner, the person who’s like, “Whoa, I’ve got a website. Isn’t this great?” It’s on version 3.9 or something, and they’re not maintaining it.
Kathy Zant: Wordfence will yell at you until you update everything, and it will just nag you until all of your plug-ins, and all of your themes, and WordPress core are updated, but if you’re not update … Basically, WordPress is secure, but if you’re not making good security decisions and/or using bad passwords, or sharing passwords, or … I was at a meet-up once actually, and I was helping a woman with her WordPress install, and she gives me her password, and she’s like, “Oh, it’s the password I use for everything.” Like, “Please don’t tell me this. I don’t want to know your password for everything.” So, WordPress is secure. For this lady, unfortunately, it’s not because she’s really just telling people her password. But then, also, her bank account probably isn’t secure either, so.
Chris Badgett: That’s good stuff. What are just some general security best practices that people should just be mindful of like … I don’t know, like strong passwords maybe or unique passwords like in the example you just described?
Kathy Zant: Yeah.
Chris Badgett: What else? What are some good security best practices just for anybody running an online business where you’ve got a WordPress website involved?
Kathy Zant: Sure. There are some general principles that … My brain is spinning right now because they’re so simple, but they’re so important.
Chris Badgett: Yeah.
Kathy Zant: Security is a balance between accessibility and security. I mean, the most secure computer that exists is buried six feed under and encased in cement. That’s secure, right?
Chris Badgett: Yeah.
Kathy Zant: It’s completely unusable, but it’s really secure. Yeah, password reuse is something that we’ve seen, we’ve seen a lot, and with all of the data breaches that have been happening in the past couple of years, there’s a website called Have I Been Pwned, and if you go put your email address in, it will tell you all the lovely websites that you’ve given credentials to that have been hacked and have had data breaches.
Kathy Zant: Like one of the most … I was affected by it as well is Adobe. A few years ago, Adobe had an intrusion, and credit card data was stolen and passwords, so you have to assume that any website that you’re going to, and you’re putting a password in, and you’re adding credentials, assume that’s going to get hacked. Assume that password will someday be known. Do you want that to be the same password that you’re using for your bank?
Chris Badgett: Or your PayPal account.
Kathy Zant: Your PayPal account.
Chris Badgett: Yeah.
Kathy Zant: You don’t want to use the same password everywhere. If service allows you to use multi-factor authentication with either SMS, which is less secure but … Like the Reddit hack that happened earlier this year, that was due to … They had two-factor authentication, but they had an SMS issue, and a breach happened there.
Chris Badgett: So, just to clarify for anybody who doesn’t know that term, two-factor authentication is where you log into something like you could set your Gmail to do this where in addition to just logging in, it’s going to send you a verification code via text message or whatever.
Kathy Zant: Yeah.
Chris Badgett: There’s two steps that prevents you because once somebody has hold of your email account, if you’re going to extra protect something, definitely start with your email account because that’s where all the password reset emails go and everything.
Kathy Zant: Exactly. Yes.
Chris Badgett: Once people have that, they can get to a lot of places.
Kathy Zant: Exactly, like … Yeah, so your email, making sure your email is secure, making sure that your cellphone is secure. Those things just … fort max on those, but yeah. You definitely want to have … and everything else, two-factor authentication, because if your password ends up in a breach, it just gives you that extra layer of security. They can have your password, but if they don’t have the multi-factor authentication algorithm going on, and there’s password managers like 1Password that have the two-factor thing. It’s a little complex to set it up, but you can set it up in the 1Password application so that you’re not using your cellphone or needing Google Authenticator. So, that’s something really good to do, but a lot of … Like my bank doesn’t even have two-factor. I have like secret message like, “Who is your favorite rock star?” Like I feel [crosstalk 00:29:36].
Chris Badgett: I heard stuff the other day. I heard stuff the other day that was really interesting which was there’s all this like quizzes on the internet like, “Combine your home street name with your mother’s maiden name, and that’s your rock star name,” or whatever, and that’s really actually like … That could be like somebody, or some bot, or something collecting the same questions your bank uses to be like ask your secret security question like, “What street did you live on when you grew up?”
Kathy Zant: Yeah, definitely.
Chris Badgett: I was like, “Oh, I’m never taking one of those quizzes again.”
Kathy Zant: Exactly. Seriously.
Chris Badgett: Yeah.
Kathy Zant: I mean, I had one with a credit card company, “What’s your first concert?” I’m like, “Oh my gosh, I bet you. I did that on Facebook over the last 10 years.” Right?
Chris Badgett: Yeah.
Kathy Zant: Somebody probably knows that.
Chris Badgett: Yeah.
Kathy Zant: Yeah. I mean, those types of things are really fun, but who’s on the other side of all of those quizzes?
Chris Badgett: Yeah.
Kathy Zant: I’m not entirely sure. I guess I could research it, but it’s just better to keep all of that information: your mother’s maiden name, your phone number when you were a kid, your best friend from childhood. All of that stuff. Nobody needs to know.
Chris Badgett: Yeah. That’s great. Well, Kathy, thank you so much for … I feel like this has been a gold mine of best … better security practices. For those of you listening, I would encourage you to check out Wordfence. You can download the free plug-in where you get the plug-in. Check out what they offer with premium. How else can people connect with you on the internet?
Kathy Zant: I’m on Twitter, Kathy Zant. Instagram. I’m Kathy Zant everywhere. I have my website, zant.com, but most of the time, I’m working. I really love my job. I really love the company I’m working for. They have incredible integrity, so I’m very active with Wordfence and very happy to be there, and I’m very happy to have been on the podcast. Very thankful to be here.
Chris Badgett: All right. Thanks, Kathy.
Kathy Zant: Thank you.
Chris Badgett: And that’s a wrap for this episode of LMSCast. I’m your guide, Chris Badgett. I hope you enjoyed this show. This show was brought to you by LifterLMS, the number one tool for creating, selling, and protecting engaging online courses. To help you get more revenue, freedom, and impact in your life, head on over to LifterLMS.com and get the best gear for your course creator journey. Let’s build the most engaging results getting courses on the internet.
The post Security for WordPress Websites with Kathy Zant from Wordfence Security Plugin appeared first on LMS CAST.