Best Way to Lock-Down Non-Updated WordPress Site?

  • Quick question that I hope will have a quick answer: I have a WordPress blog (www.twoinchview.com) that I’m no longer updating, but I’d like to keep it up for archival purposes. I don’t want to have to keep updating WordPress every version though – so I didn’t, and it got hacked (the homepage has a bunch of junk links on it). Once I upgrade to the latest version of WordPress, is there a way to put the site in “lockdown” mode, or a read-only mode that would make it secure to leave alone?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    You might not like the answer. Make a static copy and replace the WordPress install with the static copy.

    First clean up your hacked version. Once you’ve cleaned it up make a mirror copy using wget. 

    wget -m https://www.example.com/

    Move the dynamic WordPress somewhere off of the web server and replace it with the static copy. That way people will be able to see what was, but there will be no dynamic content or PHP to exploit.

    Comments will not work, search wont work etc. but you’ll get a locked down historical copy of your web site.

    Edit: double check the wget arguement, -m might be not quite correct.

    Thread Starter jasondunn

    (@jasondunn)

    Thanks for the insight – I’ll look into it…

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Best Way to Lock-Down Non-Updated WordPress Site?’ is closed to new replies.