Custom WordPress Theme Development (2022) #31 – Securing and Minimizing risks on WordPress Website .

00:00 07:45 Securing wp-includes
07:48 15:11 Add WAF and CloudFlare DNS Servers
15:29 22:17 Setting file permissions in an ftp server

#Useful steps .

1. Add WP Hardening

– Disable access to wp-includes – shows all word press files in the server.
– Disable file editor.

2. WAF (Web application firewall) – against dos and ddos attacks.

3. Add FreeDDOS Mitigation on live site by cloudflare. or other providers .

4. Make sure ssl/tls certifcate is added to webstite (https).

5. Set Right File Permissions to avoid hackers playing with these.

#Useful Links

1. FileZilla
https://filezilla-project.org/

2. File Permissions Picture
https://www.getastra.com/blog/wp-content/uploads/2018/08/Wordpress-file-permission-2.png

3. What is DDoS mitigation?
https://www.cloudflare.com/learning/ddos/ddos-mitigation/
DDoS mitigation refers to the process of successfully protecting a targeted server or network from a distributed denial-of-service (DDoS) attack. By utilizing specially designed network equipment or a cloud-based protection service, a targeted victim is able to mitigate the incoming threat.

4. Manage DNS records – CloudFlare
https://developers.cloudflare.com/dns/manage-dns-records/how-to/create-dns-records/

5. Free DDOS Stresser
https://stresslab.sx/
6.(Krishna. A, 2021) – How to Fix WordPress File or Folder Permissions – Step by Step Procedure – From :

How to Fix WordPress File or Folder Permissions – Step by Step Procedure

‘r’ : Read
‘w’ : Write
‘x’ : Exceute

–r = rest of the world = 4

Rate values
‘r’ : 4
‘w’ : 2
‘x’ : 1
=

-rwx-xr– = 754

rwx = 4 + 2 + 1 = 7

xr = 4+1 = 5

— = 4

wp-content: 755
wp-content/upload: 755
wp-includes:
wp-config.php: 400

For rest of files and folder
Folder : 755
Files : 644

source

by AndGoEdu

linux ftp server