Skip to content

Instantly share code, notes, and snippets.

View amolvishwakarma's full-sized avatar
🎯
Never give up

amolvishwakarma amolvishwakarma

🎯
Never give up
View GitHub Profile
@amolvishwakarma
amolvishwakarma / Wp_hardening.txt
Last active March 30, 2023 07:37
Wordpress Security
1.) Changing File & Directory Permissions
Note: Run the below command from the shell and make sure to change the path where your wordpress installation done.
For Directories:
find /path/to/your/wordpress/install/ -type d -exec chmod 755 {} \;
For Files:
@amolvishwakarma
amolvishwakarma / .htaccess
Last active February 22, 2023 06:01
Best Security Practices For Apache/Nginx
<IfModule mod_headers.c>
# HSTS - force redirect to HTTPS at the browser level.
Header always set Strict-Transport-Security: "max-age=31536000; includeSubDomains; preload" env=HTTPS
# X-Xss-Protection
Header always set X-XSS-Protection "1; mode=block"
# Stop clickjacking by only allowing us to frame our own site
# Allowed values are DENY, SAMEORIGIN, ALLOW-FROM="https://example.com"