Skip Main Navigation
Eventbrite
Browse Events
Organise an event
Organise
Help
Log InSign Up
Menu
Page Content
This event has ended.
HACKED - Fixing hacked WordPress Sites Workshop

Apr

22

HACKED - Fixing hacked WordPress Sites Workshop

by Tim Nash

Actions and Detail Panel

Sales Ended

Date and time

Thu, 22 Apr 2021, 13:00 BST

Location

Online event

Refund policy

Refunds up to 7 days before event

Eventbrite's fee is nonrefundable.

This workshop is split into 2 sessions on 22nd April and April 29th. Both sessions are 1PM-3PM GMT. Your ticket is for both sessions.

About this event

Hacked sites cost billions of dollars in lost revenue globally and can cripple a business. Getting them fixed quickly is critical and, as an agency, having your clients on the phone pleading with you to fix a hacked site can be one of the most stressful things.

Almost worse than the financial implications, a hacked site brings a heap of emotional issues with victims of hacked sites describing it akin to being burgled.

It’s your job to help your clients through this and you need the tools, skills and processes to make sure you can effectively manage hacked sites.

Tim Nash is a WordPress Security Consultant who has helped hundreds of people get their site back up and running. In this workshop he is going to show you not just how to get a site live again but also guide you through the process from start to finish.

Using proven techniques that make sure all elements of a hacked site are cleaned, you will leave this workshop with confidence that when you get that phone call you will be able to take a deep breath and say “We got this!”.

What’s in this workshop package?

Over two 2-hour online sessions Tim will take you through the process of managing a hacked site. Each session is recorded and you will have access to the recordings. Each session also has a dedicated Question and Answer section with opportunities for you to ask questions that are not recorded.

Session 1 - 22nd April 2021

Starting from that moment you get the call, with identifying and analysing hacked sites, you will be going through the process to confirm what is happening, covering how the sites were hacked and analysing what types of hack has occurred.

These first few minutes are crucial, so Tim will guide you as you secure the site, ready for clean-up, stopping the potential spread of malware while maintaining a snapshot of the site for any potential legal action later on.

With the information you glean from the initial investigations, and the site made safe it is time to make a plan and to communicate what needs to be done to stakeholders. Tim will guide you through the process but also through the language he uses when talking to client stakeholders.

Session 1 Itinerary

  • Identifying and analysing hacked sites
  • Securing the site from further hacks
  • Snapshotting sites safely
  • Creating a clean up plan
  • Questions and answer session (not recorded)

At the end of this first session you should be able to:

  • Identify if a site is hacked via its log files and other key indicators
  • Identify where the current primary areas of concern are
  • Safely put a site into a state where it is no longer spreading malware but no data is lost.
  • Manage a snapshot of the site in its current state, which can be referred to later.
  • Know when it’s ok to remove files.
  • Be able to create an action plan for stakeholders to sign off on.

Session 2 - 29th April 2021

This session will build on what you learnt in the previous session. It starts by covering 3 alternative approaches to fixing a hacked site, each has its uses and knowing when to use each approach is crucial. Tim will show you how to use modern tooling to clean up a hacked site quickly and cleanly going from a hacked site to a restored site in minutes in good conditions. Then we will swap to reality, where you don’t have all the tooling or all the options but still need to have the same results.

Once you have gone through the process, you need to effectively monitor it for further signs of attempts to reinfect the site. Building on the previous sessions work, learning about indicators Tim will guide you as to how to build effective monitoring and what to look for within your logs .

The final part of the second session is devoted to the post incident investigation, Tim will guide you through an example of blameless post incident investigation and key findings template. Using this as a guide you will look at what lessons can be learned from hacks internally and with the clients. Tim will also go through some of the little things that can often be forgotten, such as who needs to be notified both from a regulatory perspective but also from a transparency one.

Often clients feel shame at having their site hacked and want to hide this fact, Tim will go through some of the scenarios on disclosure and recommendations on how to report a security issue at a company.

Session 2 Itinerary

  • 3 alternative methodologies for cleaning hacked sites
  • Confirming and monitoring - The clean up process
  • UK compliance and regulations as well as who you need to inform
  • Questions and answer session (not recorded)

At the end of this second session you should be able to:

  • Identify what method to use to clean a site
  • Use modern tooling to clean a site
  • Clean a hacked site with just FTP access
  • Identify key indicators to monitor going forward
  • Lead a post-incident investigation
  • Provide recommendations on the next steps for a company.

Getting your hands dirty

This is not just a theory workshop, after each session you will be invited to practice, in your own time, with specially designed virtual machines that you can keep to reuse, or for a limited time, online equivalents. Each virtual machine will be equipped with the tools you need and technical challenges so you can put theory into practice.

In addition worksheets and resource links will be available along with step by step guides for each of the 3 methodologies.

Is this Workshop suitable for you?

The workshop is designed for a wide range of skillsets but it is technical in nature and some aspects do require some previous knowledge.

At a minimum you need to be familiar with WordPress and understand the different components needed to run a site.

To get the most out of this workshop you should have some familiarity with looking at server logs and some understanding of how the command line works.

Why take a workshop?

This workshop is about giving you skills and processes to manage hacked sites for your business and clients. Many businesses rely on specialist security firms to perform clean ups of their hacked sites, so why might you consider investing in the skills to do this internally when such companies exist?

No other company knows your sites and clients as well as you, they can’t make the decisions that you can. In most cases they have a single process which they follow and going outside of that is either costly or simply not possible.

There may be times where bringing in external services is needed or preferable but developing internally your process will allow you to:

  • Quickly be able to respond
  • Be cost effective
  • Be able to take preventative steps and design systems to be easily restored
  • Be able to provide this as a service to clients existing and potential new

Quick recap

This workshop includes:

  • Two 2-hour online sessions delivered live by Tim Nash, with opportunities to ask questions.
  • Downloadable recordings of the above session.
  • 2 Virtual Machines set up with tooling and exercises to practice on.*
  • Step by Step guides to the 3 different methodologies for fixing a hacked site
  • Additional PDF worksheets

*For attendees who would prefer to not use the virtual machines, live practice sites will be available for a limited time afterwards.

Tags

  • Online Events
  • Online Classes
  • Online Science & Tech Classes
  • #security
  • #wordpress
  • #wordpress_security
Event ended

HACKED - Fixing hacked WordPress Sites Workshop


Follow this organiser to stay informed on future events

Tim Nash

Event creator

Events you might like

  • Why is WordPress still the #1 Content Management System?

    Why is WordPress still the #1 Content Management System?
    Why is WordPress still the #1 Content Management System?

    Mon, Aug 22, 2022 9:00 PM +08 (+08:00)
    Free
  • WordPress 101 - WordPress Fundamentals for Professionals Course Outline

    WordPress 101 - WordPress Fundamentals for Professionals Course Outline
    WordPress 101 - WordPress Fundamentals for Professionals Course Outline

    Sat, Sep 3, 2022 8:30 AM CDT (-05:00)
    US$450
  • Editing and pushing Live a WordPress Theme - WordPress Website Development

    Editing and pushing Live a WordPress Theme - WordPress Website Development
    Editing and pushing Live a WordPress Theme - WordPress Website Development

    Thu, Aug 18, 2022 10:00 AM BST (+01:00)
    Free
  • Web Design using WordPress

    Web Design using WordPress
    Web Design using WordPress

    Sun, Aug 21, 2022 1:30 PM EDT (-04:00)
    US$25
  • Live Webinar: WordPress: Don't Underestimate the Power of Plugins!

    Live Webinar: WordPress: Don't Underestimate the Power of Plugins!
    Live Webinar: WordPress: Don't Underestimate the Power of Plugins!

    Fri, Aug 26, 2022 10:00 AM PDT (-07:00)
    Free
  • Optimising a WordPress Website for Google - SEO - Website Speed and More

    Optimising a WordPress Website for Google - SEO - Website Speed and More
    Optimising a WordPress Website for Google - SEO - Website Speed and More

    Thu, Aug 25, 2022 10:00 AM BST (+01:00)
    Free
  • Build Your First Website with Wordpress Free Master Class

    Build Your First Website with Wordpress Free Master Class
    Build Your First Website with Wordpress Free Master Class

    Sat, Aug 20, 2022 11:00 AM EDT (-04:00)
    Free
  • Welcome to WordPress - A Short Intro to Website Cr

    Welcome to WordPress - A Short Intro to Website Cr
    Welcome to WordPress - A Short Intro to Website Cr

    Thu, Sep 8, 2022 1:00 PM BST (+01:00)
    Free
  • Curso Online de Wordpress - Nivel Inicial

    Curso Online de Wordpress - Nivel Inicial
    Curso Online de Wordpress - Nivel Inicial

    Fri, Aug 19, 2022 7:00 PM -03 (-03:00)
    $700
  • Space Analog Virtual Mission

    Space Analog Virtual Mission
    Space Analog Virtual Mission

    Mon, Aug 22, 2022 12:00 AM UTC (+00:00)
    US$85

Site Navigation

Use Eventbrite

  • How it Works
  • Pricing
  • Event Blog
  • Event Planner Forum

Plan events

  • Online Registration
  • Sell Event Tickets
  • Event Management Software

Find events

  • Browse Online Events
  • Get the Eventbrite App

Connect with us

  • Report This Event
  • Help Centre
  • Terms
  • Privacy
  • Accessibility
  • Community Guidelines
Eventbrite + Ticketfly

© 2022 Eventbrite