https://premmerce.com/complete-woocommerce-security-review-issue-analysis/
https://www.malcare.com/blog/is-woocommerce-secure/

change username
Sterk wachtwoord
2factor authenticatie (2fa)
wordfence
SSL?
Salt keys
table_prefix
wp-config.php, set 600
@ini_set(‘display_errors’, 0); in wp_config

In .htacces:
*-**-**-**-**-**-**-**-**-**-**-**-*
<files wp-config.php>
order allow,deny
deny from all
</files>

*-*
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ – [F,L]
RewriteRule !^wp-includes/ – [S=3]
RewriteRule ^wp-includes/[^/]+.php$ – [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+.php – [F,L]
RewriteRule ^wp-includes/theme-compat/ – [F,L]

*-*
Options All -Indexes

*-*
<Files .htaccess>
order allow,deny
deny from all
</Files>

*-*
define (‘WP_DEBUG’, false);

*-*
define (‘FORCE_SSL_ADMIN’, true);

*-*
<Directory “/var/www/wp-content/uploads/”>
<Files “*.php”>
Order Deny,Allow
Deny from All
</Files>
</Directory>

*-*
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]

*-**-**-**-**-**-**-**-**-**-**-**-*

functinos:
remove_action (‘wp_head’, ‘wp_generator’);

Install plugin Block Bad Queries (BBQ)

Remove Readme.php root

114.119.160.0/21
159.69.189.212
185.172.148.65
185.172.148.66
216.244.66.202
216.244.66.247
68.70.200.65
95.217.0.0/16

Limit the number of authorization attempts

in Woocommerce onder Advanced aanvinken Force secure checkout