How can I create a private site that is inaccessible from the outside?

My security solutions so far:

WordPress

  • Make all new posts private (in WordPress)
  • Don’t use any modules, the more third party software I add the less secure the repo becomes
  • Two factor authentication ( this would break the no third party module rule above)

Apache

  • Force https (in .htaccess)
  • Protect web repository using .htpasswd (in .htpasswd)
  • Two factor authentication (not sure if it can be done on a server level? )
  • Allow access to server only from my country (in .htaccess)

Related Posts:

  1. Improve wordpress security by hiding non public resources
  2. Does this .htaccess security setting really work?
  3. File and directory permissions
  4. Using “wordpress_logged_in” to restrict direct access to uploads folder in 2021
  5. WordPress URL/Folder ReWrite using Htaccess
  6. Which WordPress scripts need to be executable for a fresh installation?
  7. Blocking access to wp-login via htaccess not working
  8. Attach to wp-login.php and xmlrpc.php
  9. XMLRPC filtering through htaccess not working
  10. Restricting user login by IP address
  11. WordPress: Adding Security
  12. How do I test to ensure that my wp-config file is protected?
  13. WordPress not seeing .htaccess rules
  14. Rules in .htaccess only if the requested URL is /wp-admin
  15. Disable directory browsing of uploads folder
  16. Strange behaviour of is_user_logged_in() and get_current_user_id()
  17. Selectively Disabling PHP via .htaccess in Root Directory
  18. Should I prevent access to .htaccess and wp-config.php files?
  19. Blocking wp-login in HTACCESS has also blocked password protected pages
  20. Basic Auth .htaccess on wp-login, but allow logout from woocommerce
  21. Using htaccess to prevent spam through wp-comments-post.php
  22. Restrict Content for only Contributors via .htaccess
  23. Allowing access to certain WordPress created pages or posts with htaccess / htpasswd
  24. Security headers disappear on WordPress pages
  25. Why is this line of code Wrong in every WordPress .Htaccess security article?
  26. How to redirect all HTTP requests to HTTPS
  27. Best collection of code for your .htaccess file [closed]
  28. Default .htaccess file for WordPress?
  29. Which one does WordPress prioritize when it comes to php.ini, wp-config and .htaccess?
  30. Security and .htaccess
  31. WordPress site hacked. Has .htaccess been hacked?
  32. htaccess problem after saving Settings
  33. Protecting direct access to PDF and ZIP unless user logged in (without plugin)
  34. Stop WordPress and Plugins from Overwriting .htaccess
  35. Change Login URL Without Plugin
  36. htaccess disable WordPress rewrite rules for folder and its contents
  37. htaccess rewrite conflict with wordpress rules and ssl
  38. htaccess https redirect from www to non-www
  39. What does a security risk in a plugin look like?
  40. Htaccess for Wordpess set on single subdomain
  41. Securing wp-admin folder – Purpose? Importance?
  42. adding rewrite rules in .htaccess
  43. .htaccess and 500 error, extra character added
  44. Name-based virtual host configuration in Apache seems to cause a “500 Internal Server Error”
  45. Place static HTML files in path below WordPress page
  46. Static raw HTML page
  47. WordPress + Magento .htaccess ReWriteRule Issue (www vs. non-www)
  48. Plugin to edit htaccess file
  49. htaccess rewrite for author query string when WP is in subfolder
  50. Why “Settings->Permalinks” creates .htaccess file on nginx server?
  51. .htaccess for wordpress inside another wordpress install
  52. .htaccess file redirecting to parent directory
  53. Blog.php or how to display recent posts?
  54. Options for restricting access to wp-admin
  55. Rewrite /?rest_route=/ link to /wp-json/ without changing default permalink structure in apache
  56. Globally force SSL on all pages
  57. Serve apache 404 for missing assets rather then wp 404 template WP_Rewrites
  58. Isolating WordPress to a subfolder
  59. Remove year and month in URL using .htaccess
  60. index.php not loading in main folder of wordpress
  61. Admin-Ajax.php, SSL, Non-SSL
  62. How to Block Access to Standard Login Flow and Comment Flow
  63. How disable SSL redirect for specific URL?
  64. WordPress site displaying 404 for any page apart from index
  65. Which ways can be used to log in to WordPress?
  66. Why does the header set X-Robots-Tag apply to all pages?
  67. Permalinks not working on second wordpress installed in a subdirect
  68. How to avoid wordpress permalink rules to inherit in a sub-folder
  69. How to change “wp-admin” to something else without search-replacing the core?
  70. Error:406 not acceptable
  71. Unable to access WP admin
  72. .htaccess Rewrite URL WordPress
  73. Move wordpress to folder without changing urls
  74. Rewrite rule not working
  75. A plugin changes my .htaccess file and I can’t access httpd.conf as that’s a shared server
  76. Cant block wordpress readme files
  77. Change wp-content without changing the name of the folder
  78. 404/500 error on /wp-json
  79. WordPress keeps deleting .htaccess file
  80. Correct htaccess to display page while also passing in GET parameters
  81. What is the role of .htaccess file in WordPress?
  82. Will WordPress username displayed somewhere in the site?
  83. Using WordPress only for the backend, and using AngularJS as a frontend
  84. Temporary .htaccess blocking is disabling WP Crons from running?
  85. Block access to wp-admin
  86. How to restrict access to wp-content, wp-includes and all sub-folders
  87. Two domains on one WordPress Installation
  88. .htaccess redirects disappeared after re-saving permalinks
  89. Protect Upload Folder Files With Ampersand Problem
  90. How have I misconfigured basic auth for my wordpress site?
  91. Remove File Extension for Page Outside of WordPress
  92. Is it possible to dynamically redirect URL using htaccess?
  93. How can I code my plugin to safely modify .htaccess?
  94. Prevent users from browsing through the media galleries
  95. .htaccess for wordpress in separate folder
  96. How to modify the .htaccess to force ssl on login and admin pages
  97. WordPress trims off the forward slash when import
  98. WordPress mod_rewrite is canceling/overwriting my other mod_rewrite rule
  99. .htaccess and WordPress Admin Bar
  100. WordPress best solution shared theme for consumers and businesses (two url’s one instaltion)
Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)