December 21, 2017 at 11:25 pm #1048
I recommend the following steps to be implemented immediately to secure and to improve performance of your website.
1) Update your WordPress installation to the latest available version. If you have any plugins and themes installed under WordPress, please make sure that you update them to the latest version as well.
2) Password protect the WordPress admin directory (wp-admin) so that it will have an additional protection. You can do that through cPanel > Directory Privacy.
4) Optimize your wordpress installation.
5) Disable PHP execution in /wp-content/uploads/ folder and /wp-includes/ folder.
Setup .htaccess file in above folders and add following content.
deny from all
6) Deny all requests to the xmlrpc.php file, except for your IP, using the following .htaccess rules.
Block WordPress xmlrpc.php requests
deny from all
allow from x.x.x.x
Replace x.x.x.x with your local IP. If you didn’t need any IP addresses to use XML-RPC requests, just don’t use any allow lines.
7) Remove folders of unused plugins, themes completely.
March 20, 2018 at 9:58 pm #1087
1. Don’t use admin as a username
3. Use a less common password
4. Add Two-Factor Authentication
5. Employ Least Privileged principles
6. Hide wp-config.php and .htaccess
7. Use WordPress security keys for authentication
8. Disable file editing
9. Limit login attempts
10. Be selective with XML-RPC
11. Hosting & WordPress security
11. Stay up-to-date
- This reply was modified 11 months, 1 week ago by Doris.
dissertation writing service[/url]
December 26, 2018 at 3:34 am #1266
January 3, 2019 at 11:41 pm #1316
You must be logged in to reply to this topic.