Wordpress Europe

This years WordCamp Europe in Porto, Portugal focused on the topics of WordPress security and accessibility for Dyslexia in UX Design.

Day 1, Track 1

Remkus de Vries (the MC for Track 1 and a lead organizer) introduces Milan Ivanovic.

Milan Ivanovic

Why we Community?

How many of you know where you were the day your life completely changed? For Milan, it was a day he attended a WordCamp in Leiden. He met a friend, Marco Pereirinha, that influenced him and told him about WP Portugal. He has volunteered since 2016. He watched a talk on Yoast. He calls it the ‘yoast effect.’

Why we enjoy this community?

There are heroes everywhere!

The 5 Benefits of Community

1. Knowledge

2. Support

3. Diversity

4. Inspiration

5. Resources

Day 1, Track 2

Victor Santoyo

7 years with Sucuri https://sucuri.net, Agency & Enterprise Team

They monitor and help protect websites in the event of an incident.

Hack research reports show thousands of websites they have cleaned.

Many people update their software and find themselves infected anyway.

One type of software infected is WooCommerce. When software has a wide audience, infection is more likely to occur, because so many people are accessing it. Hack tools, or suites, empower an attacker to run automation to get access to websites. Some create mass enfacements that kill the availability of your website.

Anonymous Fox, Post infection tips

https://security.Net/guides/anonymous fox-hack-guide/

1. Disable the reset password by email for CPanel accounts.

2. Protect your public-facing admin pages.

3. Change your WP-admin user name back to its proper name.

4. Remove any bogus WP-admin administrator accounts.

5. Remove malicious email addresses from CPanel interface.

6. Reset the contact email back to default.

Ransomware

An attack encrypting the websites with a private encryption key. Then the victim receives an email that the site is encrypted and they can pay money if they want it back. It is an attack based on the third party of another.

Credit card skimming

A tool script used to steal credit card information and attack an e-commerce website. These are becoming more and more common. A global pandemic that forces people to leave home.

Ben Martin who is on the remediation team noticed in on-site checks in 2021 that more than a third of the websites that were pushed through the scanner had credit card skimmers detected.

The Log4j vulnerability was one of the most serious vulnerabilities affecting a large majority of the web in 2021. This critical server vulnerability impacted any website, application or hardware device using the software. Server administrators all over the world scrambled to identify and patch affected or potentially vulnerable systems before the attackers were able to compromise them.

SEO spam continues to be a menace. 52.6% of remediated websites contained some form of SEO spam in 2021. Spam also accounted for 34.45% of infected site hack detections.

Credit card skimming is on the rise.

Back doors are extremely common, with 60.04% of infected environments containing at least one website back door.

Forecast for 2022

Attackers spend more time crafting new malware for eCommerce environments.

Attackers have more to gain financially from credit card skimmers, than other types of infections.

The longer their malware is able to remain hidden, the more they stand to gain, encouraging them to craft new methods of evasion.

Unless there are major changes to the default security configuration of makorbCMS (such as making multi-factor authentication enabled by default in Wordpress and having no default administrator URL enabled for Magento2 environments), we expect unprotected admin pages will continue to be attacked.

Day 2, Track 1

Accessibility for Dyslexia

Maja Benke https://www.twitter.com/majabenke

Web Designer & Consultant for Digital Accessibility

Webstyle4you.com

She travels the world and has a passion for bouldering. Maja has organized events in Berlin.

What is Dyslexia? It is a learning disability.

Accessibility

• A 11 y

• Dyslexia does not go away.

• Analaphebetism is not the same.

Characteristics and Particularities

• Sensitive to high contrast

• Bad short-term memory

• Creative

• 9-12% of the population

• Greater than 80% of those with learning disabilities have dyslexia.

Characteristics

• Reading, processing text

• Writing dictated text

• Words are spelled differently

Helping tools

• Paper

• Colored foil to reduce the contrast.

• Ruler, or second sheet.

• Digital - light, sepia or dark mode.

• Speech output for text.

• Firefox reader mode.

• Browser add-ons that can change fonts, size.

Font UI Accessibility

• Font size of at least 16 px.

• Line height of at least 1.5.

• Choose a readable font family.

• Font weight is regular.

• Use bold, italic and other text styles ( like color).

• Font used for dyslexia; Atkinson Hyperlegible.

It’s hard to read thin fonts. Transformation, like uppercase.

Choose a readable font family.

Layout

• Use white space generously.

• Loosen up text.

• Use headings in text.

• Use sections.

• Use lists.

• Don’t use justify.

• Centered text for short text only.

Colors

• Use high contrast.

• Background is not white, use eggshell.

• Font; not black.

• Use dark grey or dark blue.

• Offer a dark mode as an option.

Content creation for Dyslexia

• Write text.

• Don’t assume knowledge.

• The most important content is at the beginning.

• Summarize content concisely, and as briefly as possible.

Sentences

• One piece of information per sentence.

• Short paragraphs.

• Meaningful links and button. Avoid foreign words and filler words.

• Use active language.

• Plain language can help.

Abbreviations

Common abbreviations can help with reading. Correct spelling is important for a screen reader.

Don’t write out numbers and words, better to use digits.

Sentences

• One piece of information per sentence.

• Short paragraphs.

• Meaningful links and buttons.

• Avoid foreign words and filled words.

• Use active language.

• Plain language can help.

Gifs don’t let gifs run in an endless loop.

Animations

• Not text only.

• Support text with visual elements. E.g. graphics, images, videos, gifs and emojis.

• Visualize complex facts in graphics and diagrams.

Audio/video

Offer content not only in text, also as audio or video.

Developing for Dyslexia

• HTML5 and Settings.

• Mark up content areas and text properly, so that Tools work.

• Use the language tag.

• Search fields should tolerate typos.

Tips for Collaborating with dyslexic colleagues and contributors

• Summarize conversations when handing over a text or font. Force others to read out loud.

• Make sure colleagues can work without distraction.

• Neuroatypical peoole get distracted easily.

• Be respectful.

Click here to access the videos of WordCamp Europe, https://www.youtube.com/watch?v=91anxAgQGJw&t=3342s.

For more information on this topic, visit the the OKC Wordpress Users Group presentor Tim Priebe, 'My Website Has Been Hacked' — T&S Online Marketing https://tandsgo.com.

The WCEU 2022 WordCamp featured these presenters, among others.

Remkus, Vries de. MC. Lead Organizer @remkusdevries remk.us/hi

Santoyo, Victor. WordPress Security. @v_santoyo securi.net

Benke, Maja. Web Designer & Consultant for Digital Accessibility https://www.twitter.com/majabenke

Webstyle4you.com