Inserire alcuni comandi nel file .htaccess del proprio sito WordPress ne può migliorare notevolmente la sicurezza.

Specifichiamo di seguito alcuni comandi-tipo, fermo restando che la scelta di implementare ciascuna misura è soggettiva e va valutata caso per caso.

 

# limita l'accesso al file wp-config.php

<files wp-config.php>
order allow,deny
allow from 127.0.0.1
deny from all
errordocument 403 "This file is forbidden"
</files>

# limita l'accesso al file xmlrpc.php

<files xmlrpc.php>
order allow,deny
allow from 127.0.0.1
deny from all
errordocument 403 "This file is forbidden"
</files>

# limita l'accesso al file admin-ajax.php

<files admin-ajax.php>
order allow,deny
allow from 127.0.0.1
deny from all
</files>

# impedisce lo snooping dei file

Options -Indexes

# impedisce di accedere alle informazioni sugli autori

RewriteCond %{QUERY_STRING} author=\d
RewriteRule ^ /? [L,R=301]

 

 

Found this article interesting?
Subscribe to DomainRegister´s newsletter!

You can unsubscribe at any time by simply clicking the link in the footer of our emails. For information about our privacy practices, please visit our website.

We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp s privacy practices here.

  • WordPress, security
  • 0 uporabniku/om je bi članek v pomoč
Vam je bil odgovor v pomoč?

Povezani članki

 How To Automatically Make Clickable URL in WordPress

If you need to put a URL in our WordPress content and make this content clickable, the default...

 Tiered backup storage model

For backup purposes there're several different tiers of available storage; the difference between...

 Windows Vulnerability - WannaCry (15/05/2017 Security Alert)

WannaCry ransomware attacks windows based machines. It also goes by the name WannaCrypt,...

 Come spostare WordPress in una directory differente

Talvolta può esser necessario dover spostare WordPress in una directory differente rispetto a...

 How to Check Which WordPress Version is installed

If you have access to the site, the best way to check which version of WordPress is installed is...