Security concerns



Every dynamic web site has security concerns. This site is my private project and I don’t want to worry about that every day. So, reduce risks.

I read the article https://wordpress.org/support/article/hardening-wordpress/. And I adopt followings:

  • Securing ‘wp-includes’ and ‘wp-config.php’ by ‘.htaccess’.
  • Disable File Editing
  • Delete plugins. About anti-spam, I will go into that when a spammer catches my site.
  • Security through obscurity. Trackback and XML-RPC are features that I don’t use now, so denied by ‘.htaccess’. I think, changing a entry point of comments is also effective to reduce spams. But the updating process may become complicated.
  • About logging and monitoring, I should study more.
Posted
Category
Tag

コメントを残す

メールアドレスが公開されることはありません。 が付いている欄は必須項目です