security - Read For Learn

how to protect wordpress content from crawler

The one I use a lot is Defender Pro by WPMUDEV but its not a cheap solution. https://premium.wpmudev.org/project/wp-defender/

Is it safe to use the basic administration with reduced rights for private member space

indeed from your question is not entirely clear what are you trying to achieve. However wordpress gives you the option to create custom roles and capabilities. If you follow that native wordpress path, you should not be concerned about security. check if the role exists IFF not add the role and capibilities Make sure to … Read more

HSTS header not being added correctly

After limiting the access to my wp-login.php by IP through .htaccess, all my password-protected posts stopped working. What’s the best solution now?

Monitor wordpress all external calls

Uploading attachment (pdf) and prevent download for anonymous user

i moved wp-config.php outside of public html and this broke my website

Are major WordPress updates mandatory for security?

Yes and no, it depends. When a security issue is fixed, it’s usually backported, so officially the answer is no, you don’t have to update to the latest major release. However Backporting only goes back so far though, and you’ll eventually be left in the dark given enough time. This would take many years currently, … Read more

Secure Server after configuration

Have a look at this excellent question and answers on Server Fault that discusses how to secure your LAMP stack. Make sure your FTP user can only access the directories you want. Setup sudo to allow a non root user to run commands as root. Lock down your ssh so that root cannot log in … Read more

+ More