How can I create a private site that is inaccessible from the outside?

My security solutions so far:

WordPress

  • Make all new posts private (in WordPress)
  • Don’t use any modules, the more third party software I add the less secure the repo becomes
  • Two factor authentication ( this would break the no third party module rule above)

Apache

  • Force https (in .htaccess)
  • Protect web repository using .htpasswd (in .htpasswd)
  • Two factor authentication (not sure if it can be done on a server level? )
  • Allow access to server only from my country (in .htaccess)

Related Posts:

  1. Improve wordpress security by hiding non public resources
  2. Does this .htaccess security setting really work?
  3. File and directory permissions
  4. Using “wordpress_logged_in” to restrict direct access to uploads folder in 2021
  5. WordPress URL/Folder ReWrite using Htaccess
  6. Which WordPress scripts need to be executable for a fresh installation?
  7. Blocking access to wp-login via htaccess not working
  8. Attach to wp-login.php and xmlrpc.php
  9. XMLRPC filtering through htaccess not working
  10. Restricting user login by IP address
  11. WordPress: Adding Security
  12. How do I test to ensure that my wp-config file is protected?
  13. WordPress not seeing .htaccess rules
  14. Rules in .htaccess only if the requested URL is /wp-admin
  15. Disable directory browsing of uploads folder
  16. Strange behaviour of is_user_logged_in() and get_current_user_id()
  17. Selectively Disabling PHP via .htaccess in Root Directory
  18. Should I prevent access to .htaccess and wp-config.php files?
  19. Blocking wp-login in HTACCESS has also blocked password protected pages
  20. Basic Auth .htaccess on wp-login, but allow logout from woocommerce
  21. Using htaccess to prevent spam through wp-comments-post.php
  22. Restrict Content for only Contributors via .htaccess
  23. Allowing access to certain WordPress created pages or posts with htaccess / htpasswd
  24. Change Login URL Without Plugin
  25. htaccess rewrite conflict with wordpress rules and ssl
  26. Plugin to edit htaccess file
  27. Options for restricting access to wp-admin
  28. Remove year and month in URL using .htaccess
  29. Unable to access WP admin
  30. Move wordpress to folder without changing urls
  31. Using WordPress only for the backend, and using AngularJS as a frontend
  32. Two domains on one WordPress Installation
  33. Protect Upload Folder Files With Ampersand Problem
  34. Is it possible to dynamically redirect URL using htaccess?
  35. .htaccess and WordPress Admin Bar
  36. Setup Permanent 301 Redirects after moving to Https [closed]
  37. Force www to non-www on a subdomain in WordPress?
  38. How to Redirect huge numbers of URLs to another URLs?
  39. WP site URL changed to have HTTPS but still homepage does not redirect
  40. Struggling with add_rewrite_rule
  41. Giving WordPress its own subdirectory – nginx
  42. Cannot mask WordPress page URL using .htaccess
  43. How can I make an htaccess file on a Mac? [closed]
  44. .htaccess ‘down for maitenance’ and WordPress
  45. WordPress overrides custom 404 page with it’s own
  46. New installation can’t be found due to htaccess of the original non-WordPress site
  47. Fixing custom 404 pages broken by WordPress in a subdirectory
  48. Case insensitive header params for API request
  49. 301 Redirect domain Sub-folders to Subdomain subfolder
  50. Drawbacks to using Options -Indexes
  51. Override 404 page with htaccess
  52. Htaccess Rewrite reverts to default .htaccess file
  53. what could cause the htaccess file to be modified?
  54. change permalink structure with htaccess without SEO impact
  55. How to Change The WordPress Login URL Without Plugin
  56. Site in subfolder – all pages work except home
  57. Can’t upload .htaccess after editing in notepad
  58. Directing subdomain to main domain and keeping the subdomain format with .htaccess
  59. Remove /sites/25/ from image URLS
  60. How disable canonical redirect wp-signup
  61. .htaccess RewriteRule always overwritten – how to prevent?
  62. Forcing HTTPS with WordPress on AWS
  63. WordPress Example Code for Blocking Referrer Spam
  64. How could a .htaccess with authentication suddenly appear or change?
  65. Force non-ssl on WordPress RSS feeds in htaccess, using cloudflare
  66. Password protect directory but not files
  67. Protect wp-login, but get an internal server error
  68. Local wordpress install only shows home page, all other pages Not Found
  69. WordPress is rewrite my htacces file. I adding a font rule
  70. Redirect within wordpress template/plugin
  71. Redirect wrong links WordPress
  72. fix 302 redirection error on https
  73. main-domain of wordpress keep redirecting to subdomain
  74. Accepting special characters in querystring
  75. Centos 7.2 wordpress on going to /admin shows Forbidden You don’t have permission to access /wordpress/wp-admin/ on this server
  76. Multiple wordpress installations on same server
  77. Cannot access subdirectory subpages
  78. WordPress constantly running out of memory
  79. How can I create a smarter .htaccess file that will add a directory?
  80. .htaccess found in every folder
  81. Help with htaccess querystring rewrite
  82. How do I properly redirect requests to WordPress subdirectory?
  83. Redirect default pagination page to template page’s pagination
  84. Install second wordpress in root subfolder, Error 404
  85. Leverage browser caching
  86. WordPress URL not working?
  87. How to direct users to a subcatalog
  88. .htaccess redirects for posts in new directory and new domain
  89. How to block wordpress admin by htaccess
  90. htaccess conflict between WordPress and password protected subdirectory
  91. Using subdomain as primary domain
  92. Redirect from domain.com to subdomain.domain.com
  93. MAMP.app & .htaccess – Can’t override after config
  94. register_post_type and register taxonomy and htaccess
  95. Why ‘Authorization Required’ is coming on wordpress login
  96. Restricting direct downloads of wp content files, but allow them on the website.
  97. Forward blog requests to another URL
  98. Couple questions about .htaccess, login page, updates
  99. .htaccess rewrite rule stopped working for wordpress site after moving server
  100. .htaccess seems to be required but I can not find it
techhipbettruvabetnorabahisbahis forumutaraftarium24edueduseduseduseduseduedusedueduedu