Security

Jul 1 / 22

Basic Checklist:

  • SSL + Headers
  • Updates (Alerts or Auto)
  • Wordfence
  • Login Limit
  • 2FA (Two-Factor Authentication)
  • Password Strength
  • CDN (optional – to prevent DDOS and hotlinking)
  • Hide WP-admin (optional)
  • Disallow File-Editing
  • Whitelist Admin (optional)

Advanced (may mess with functionality):

  • Disabling PHP Execution in Specific Folders
  • Change the Default WordPress Database Prefix
  • Disable XML-RPC
  • Hide the WordPress Version
  • Manage File Permissions (755)
  • Disable PHP Error Reporting
  • More Details