Plugin Security

Congratulations, your code works! But is it safe? How will the plugin protect your users if their site gets hacked? The best plugins in the WordPress.org directory keep their users’ information safe.

Please keep in mind that your code may be running across hundreds, perhaps even millions, of websites, so security is of the utmost importance.

In this chapter we will cover how to check user capabilities, validate and sanitize input, sanitize output and create and validate nonces.

Quick Reference Quick Reference

See the complete example of security best practices for WordPress plugins and themes.

Top ↑

External Resources External Resources