Securing WordPress Sites

  • WordPress updates must be done in a controlled manner,monitored and verified.
  • You need to have some sort of process to scan the sites daily, and someone to perform remediation on what they find.
  • Perform daily scans against the WordPress repository for changed files. This is normally a sure sign that you have been infected.
  • Offsite Backups, backups, and backups. Hopefully you see the importance of backups.
  • Special .htaccess filtering and settings (these are can be server dependent and implemented in multiple ways depending on your situation)
  • Blacklist monitoring for the server IP. If you are black listed
  • Put all your sites on SMTP mail keep them off the server. There are any number of plugins that will do this.
  • Install and configure ClamAV to give you daily reports
  • Setup and configure Nagios for server monitoring.
  • Install and configure CFX . (Config Server is an tool we swear by)




Full Stack Builder of Things

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How a Malicious Password-Protected File Could Have Put an Insurance Company at Risk — But Didn’t

Connext x Immunefi $100k bounty program

CyberSploit2 CTF Walkthrough

SAFE Network April Monthly Round up

The Global Enterprise eGRC Market Value to Rise Significantly By 2026

Cyber Defense: Andrew Wright of Snyk on the 5 Things Every American Business Leader Should Do to…

Fastest external SSD gadgets for your Mac in 2021

What are digital identities and why are they relevant for the future?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Blake Howe

Blake Howe

Full Stack Builder of Things

More from Medium

The 7 Best Simple and Minimal WordPress Themes for 2022

Boosted Elements | WordPress Page Builder Add-on for Elementor

WordPress 5.9.1 released 23 Feb 2022 today

Top 10+ Best WordPress Website Builders? — Piotech INDIA

Top 10+ Best WordPress Website Builders? — Piotech INDIA