Make wordpress more secure

May 22, 2017

This is a log that I secured WordPress.


CentOS 7.3.1611 (Using VPS)
Apache 2.4
Wordpress 4.7.5



1.Hide wp-config.php and .htaccess

1-1. Edit .htaccess

Move to wordpress directory

Edit .htaccess

Access to /wp-config.php. Once Forbidden is shown, success.


2.Disable file editing

2-1. Edit wp-config


3.Hide wordpress version

3-1. Edit functions.php


4.Change permissions

4-1. Set 755 to all directories

4-2. Set 644 to All files

4-3. Set 400 t0 wp-config.php