WordPress Security

Harden WordPress with fail2ban and strict Nginx rules. Add rate limits and simple tooling to spot and block abusive traffic.

This lesson is brought to you by Cherry Servers: a wide range of dedicated and virtual servers at a great price, with fast delivery and outstanding 24/7 human support.

Note: This module is being worked on. Below is the lesson plan you can expect.

• Identifying common attack vectors for WordPress
• Using fail2ban for WordPress login bruteforce protection
• Denying access to sensitive files with Nginx
• Rate-limiting PHP execution
• Writing a helper script to identify bad actors from server logs
• Using a script to quickly ban IPs
• Using a script to deny access to URL patterns
• Installing and running ClamAV for malware scanning

Next module: Backups