Make wordpress more secure

May 22, 2017

This is a log that I secured WordPress.

Environment

CentOS 7.3.1611 (Using VPS)
PHP7
Mysql
Apache 2.4
Wordpress 4.7.5

 

 

1.Hide wp-config.php and .htaccess

1-1. Edit .htaccess

Move to wordpress directory

Edit .htaccess

Access to /wp-config.php. Once Forbidden is shown, success.

 

2.Disable file editing

2-1. Edit wp-config

 

3.Hide wordpress version

3-1. Edit functions.php

 

4.Change permissions

4-1. Set 755 to all directories

4-2. Set 644 to All files

4-3. Set 400 t0 wp-config.php