https://premmerce.com/complete-woocommerce-security-review-issue-analysis/
https://www.malcare.com/blog/is-woocommerce-secure/
change username
Sterk wachtwoord
2factor authenticatie (2fa)
wordfence
SSL?
Salt keys
table_prefix
wp-config.php, set 600
@ini_set(‘display_errors’, 0); in wp_config
In .htacces:
*-**-**-**-**-**-**-**-**-**-**-**-*
<files wp-config.php>
order allow,deny
deny from all
</files>
*-*
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ – [F,L]
RewriteRule !^wp-includes/ – [S=3]
RewriteRule ^wp-includes/[^/]+.php$ – [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+.php – [F,L]
RewriteRule ^wp-includes/theme-compat/ – [F,L]
*-*
Options All -Indexes
*-*
<Files .htaccess>
order allow,deny
deny from all
</Files>
*-*
define (‘WP_DEBUG’, false);
*-*
define (‘FORCE_SSL_ADMIN’, true);
*-*
<Directory “/var/www/wp-content/uploads/”>
<Files “*.php”>
Order Deny,Allow
Deny from All
</Files>
</Directory>
*-*
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]
*-**-**-**-**-**-**-**-**-**-**-**-*
functinos:
remove_action (‘wp_head’, ‘wp_generator’);
Install plugin Block Bad Queries (BBQ)
Remove Readme.php root
114.119.160.0/21
159.69.189.212
185.172.148.65
185.172.148.66
216.244.66.202
216.244.66.247
68.70.200.65
95.217.0.0/16
Limit the number of authorization attempts
in Woocommerce onder Advanced aanvinken Force secure checkout