WordCamp New York City 2009

November 14–15, 2009
...was awesome!

Writing secure plugins

Photo of Mark Jaquith

Mark Jaquith

WordPress plugins are infinitely powerful. This power makes WordPress great, but it also gives plugin developers the ability to shoot themselves (and the users of their plugins) in the foot. This technical and code-heavy presentation will teach plugin developers the skills they need to write plugins that will never be a security liability to their clients and users.

You’ll learn the functions to use, when to use them, attitudes and best practices to avoid security holes, as well as explanations of why they are holes — which will hopefully help hone your sense of skepticism so that you can stay ahead of the curve and start protecting against tomorrow’s attack vectors. I will also be holding an unconference workshop session on plugin security where we can go through your plugin code and identify problem areas. I normally charge lawyerly rates for this kind of code review — you should definitely take advantage! I’ll announce the time and place of that workshop session during the main security talk session, which is at 1:30pm on Saturday.

2 Responses

  1. Mark Jaquith says:

    The slides from this presentation are available here.

  2. Lin says:

    Mark,

    Very nice presentation. Thanks for sharing the insights and the useful tips.

    – Lin

Leave a Reply

You must be logged in to post a comment.

Recent Posts

Post Categories

RSS #wcnyc

Platinum Sponsors

Silver Sponsor

Bronze Sponsors

Small Business Sponsors



Mojofiti logo



Fusebox logo


Cacoo logo


Consultant Sponsor

WordCampNYC has no relationship to public radio station WNYC, and we apologize if our abbreviation-based logo has caused any confusion.

Visit WordCamp Central


Code is Poetry.