aydinjavadly/wp-config.php

## wp-config.php
<?php
/**
 * File: wp-config.php
 *
 * 1. X-Frame-Options Header in Wordpress
 * 2. Cookie with HTTPOnly and Secure flag in Wordpress
 * 3. Secure connection
 * 4. Cleanup image edits
 * 5. Disable plugin and theme update and installation
 * 6. Disable the plugin and theme editor
 * 7. Disallow unfiltered content
 * 8. Disallow unfiltered uploads
 * 9. Disable load scripts for prevent DDOS attacks
 * 10. Enable auto security update
 * 11. Redirect nonexistent blogs
 * 12. Enable auto security update
 * 13. Block external url requests
 *
 */

/** wp-config.php / X-Frame-Options Header in Wordpress */
header( 'X-Frame-Options: SAMEORIGIN' );

/** wp-config.php / Cookie with HTTPOnly and Secure flag in Wordpress */
@ini_set( 'session.cookie_httponly', true );
@ini_set( 'session.cookie_secure', true );
@ini_set( 'session.use_only_cookies', true );

/** wp-config.php / Secure connection */
define( 'FTP_SSL', true );

/** wp-config.php / Cleanup image edits */
define( 'IMAGE_EDIT_OVERWRITE', true );

/** wp-config.php / Disable plugin and theme update and installation */
define( 'DISALLOW_FILE_MODS', true );

/** wp-config.php / Disable the PLUGIN AND THEME EDITOR */
define( 'DISALLOW_FILE_EDIT', true );

/** wp-config.php / Disallow unfiltered content */
define( 'DISALLOW_UNFILTERED_HTML', true );

/** wp-config.php / Disallow unfiltered uploads */
define( 'ALLOW_UNFILTERED_UPLOADS', false );

/** wp-config.php / Disable load scripts for prevent DDOS attacks */
define( 'CONCATENATE_SCRIPTS', false );

/** wp-config.php / Enable auto security update */
define( 'WP_AUTO_UPDATE_CORE', 'minor' );

/** wp-config.php / Redirect nonexistent blogs */
define( 'NOBLOGREDIRECT', WP_HOME );

/** wp-config.php / Block external url requests */
define( 'WP_HTTP_BLOCK_EXTERNAL', true );
define( 'WP_ACCESSIBLE_HOSTS', 'api.wordpress.org,*.github.com' );
	<?php
	/**
	* File: wp-config.php
	*
	* 1. X-Frame-Options Header in Wordpress
	* 2. Cookie with HTTPOnly and Secure flag in Wordpress
	* 3. Secure connection
	* 4. Cleanup image edits
	* 5. Disable plugin and theme update and installation
	* 6. Disable the plugin and theme editor
	* 7. Disallow unfiltered content
	* 8. Disallow unfiltered uploads
	* 9. Disable load scripts for prevent DDOS attacks
	* 10. Enable auto security update
	* 11. Redirect nonexistent blogs
	* 12. Enable auto security update
	* 13. Block external url requests
	*
	*/

	/** wp-config.php / X-Frame-Options Header in Wordpress */
	header( 'X-Frame-Options: SAMEORIGIN' );

	/** wp-config.php / Cookie with HTTPOnly and Secure flag in Wordpress */
	@ini_set( 'session.cookie_httponly', true );
	@ini_set( 'session.cookie_secure', true );
	@ini_set( 'session.use_only_cookies', true );

	/** wp-config.php / Secure connection */
	define( 'FTP_SSL', true );

	/** wp-config.php / Cleanup image edits */
	define( 'IMAGE_EDIT_OVERWRITE', true );

	/** wp-config.php / Disable plugin and theme update and installation */
	define( 'DISALLOW_FILE_MODS', true );

	/** wp-config.php / Disable the PLUGIN AND THEME EDITOR */
	define( 'DISALLOW_FILE_EDIT', true );

	/** wp-config.php / Disallow unfiltered content */
	define( 'DISALLOW_UNFILTERED_HTML', true );

	/** wp-config.php / Disallow unfiltered uploads */
	define( 'ALLOW_UNFILTERED_UPLOADS', false );

	/** wp-config.php / Disable load scripts for prevent DDOS attacks */
	define( 'CONCATENATE_SCRIPTS', false );

	/** wp-config.php / Enable auto security update */
	define( 'WP_AUTO_UPDATE_CORE', 'minor' );

	/** wp-config.php / Redirect nonexistent blogs */
	define( 'NOBLOGREDIRECT', WP_HOME );

	/** wp-config.php / Block external url requests */
	define( 'WP_HTTP_BLOCK_EXTERNAL', true );
	define( 'WP_ACCESSIBLE_HOSTS', 'api.wordpress.org,*.github.com' );