My year on the front line - cleaning infected sites

C3 | Tue 22 Jan | 2:30 p.m.–3:15 p.m.

Presented by

  • Stephen Rees-Carter

    Stephen has been a PHP developer for many long years and still loves working with PHP each day. He joined the security industry back in 2012, when a friend poached him during his work Christmas party, and since then he's worked on security products, large SaaS applications, and has spent some time cleaning infected WordPress websites. Now he's a senior developer at Wordfence/Defiant, working on securing WordPress websites and making site owners lives a bit less stressful.


Stephen joined the Wordfence Site Cleaning team part-time at the start of 2017, having virtually no experience with WordPress, Wordfence, or cleaning infected websites. His only real credentials were a love of PHP development, a keen interest in security, and the crazy idea that cleaning infected sites would be fun. Fast-forward to the end of 2018, Stephen has stepped back from site cleaning and has joined the Wordfence team full time as a developer, so now it's time for him to tell his story. In this talk he will share stories from the more memorable sites he cleaned (names changed to protect the innocent), including revealing his all-time favorite WP malware, and the epic tale of the persistent attacker that almost thwarted the Wordfence team completely. Scattered throughout will be tips and ideas to help protect your site from compromise and keep everyone (except the bad guys!) happy. Linux Australia: YouTube: