Custom WordPress Theme Development (2022) #31 – Securing and Minimizing risks on WordPress Website .
00:00 07:45 Securing wp-includes
07:48 15:11 Add WAF and CloudFlare DNS Servers
15:29 22:17 Setting file permissions in an ftp server
#Useful steps .
1. Add WP Hardening
– Disable access to wp-includes – shows all word press files in the server.
– Disable file editor.
2. WAF (Web application firewall) – against dos and ddos attacks.
3. Add FreeDDOS Mitigation on live site by cloudflare. or other providers .
4. Make sure ssl/tls certifcate is added to webstite (https).
5. Set Right File Permissions to avoid hackers playing with these.
#Useful Links
1. FileZilla
https://filezilla-project.org/
2. File Permissions Picture
https://www.getastra.com/blog/wp-content/uploads/2018/08/Wordpress-file-permission-2.png
3. What is DDoS mitigation?
https://www.cloudflare.com/learning/ddos/ddos-mitigation/
DDoS mitigation refers to the process of successfully protecting a targeted server or network from a distributed denial-of-service (DDoS) attack. By utilizing specially designed network equipment or a cloud-based protection service, a targeted victim is able to mitigate the incoming threat.
4. Manage DNS records – CloudFlare
https://developers.cloudflare.com/dns/manage-dns-records/how-to/create-dns-records/
5. Free DDOS Stresser
https://stresslab.sx/
6.(Krishna. A, 2021) – How to Fix WordPress File or Folder Permissions – Step by Step Procedure – From :
How to Fix WordPress File or Folder Permissions – Step by Step Procedure
‘r’ : Read
‘w’ : Write
‘x’ : Exceute
–r = rest of the world = 4
Rate values
‘r’ : 4
‘w’ : 2
‘x’ : 1
=
-rwx-xr– = 754
rwx = 4 + 2 + 1 = 7
xr = 4+1 = 5
— = 4
wp-content: 755
wp-content/upload: 755
wp-includes:
wp-config.php: 400
For rest of files and folder
Folder : 755
Files : 644
by AndGoEdu
linux ftp server
