Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
wordpress:how-to-harden-wordpress-security [2015-01-07 02:00:32] rory.blanchard [.htaccess Rules] |
wordpress:how-to-harden-wordpress-security [2016-02-02 18:05:44] rory.blanchard [.htaccess Rules] |
||
---|---|---|---|
Line 2: | Line 2: | ||
Listed below are many changes that can be implemented on any host and will greatly increase the security of your wordpress installations. If your WordPress is already hacked, please send an e-mail to support@ndchost.com and we can assist you. | Listed below are many changes that can be implemented on any host and will greatly increase the security of your wordpress installations. If your WordPress is already hacked, please send an e-mail to support@ndchost.com and we can assist you. | ||
+ | |||
+ | ===== Enable WordPress auto updating ===== | ||
+ | |||
+ | In order to stay secure you should always use the latest version of WordPress. You can enable auto-updates by adding or changing a line in your wp-config.php file. | ||
+ | |||
+ | Add or change to match the following line: | ||
+ | |||
+ | < | ||
+ | define( ' | ||
+ | </ | ||
=====Limit Read Access with SuPHP===== | =====Limit Read Access with SuPHP===== | ||
- | **You must have the SuPHP module in apache installed to use this** | + | <note alert>**You must have the SuPHP module in apache installed to use this, SuPHP must also be selected as your PHP Handler**</ |
SuPHP allows you to run your processes as your User ID, which restricts access to files that only you should normally be able to access. This means that on a shared server, you can protect other sites under different users by locking down the permissions for each user's directory. | SuPHP allows you to run your processes as your User ID, which restricts access to files that only you should normally be able to access. This means that on a shared server, you can protect other sites under different users by locking down the permissions for each user's directory. | ||
Line 25: | Line 35: | ||
allow from 127.0.0.1 | allow from 127.0.0.1 | ||
deny from all | deny from all | ||
+ | errordocument 403 "This file is forbidden" | ||
</ | </ | ||
Line 31: | Line 42: | ||
allow from 127.0.0.1 | allow from 127.0.0.1 | ||
deny from all | deny from all | ||
+ | errordocument 403 "This file is forbidden" | ||
</ | </ | ||
</ | </ | ||
Line 67: | Line 79: | ||
Additionally, | Additionally, | ||
+ | |||
+ | [[https:// | ||
\\ | \\ | ||
\\ | \\ | ||
{{tag> | {{tag> |