WordPress Best Practice

  • Is there any documentation on best practices when setting up FTP to a remote Linux machine for WordPress?

    We have a self hosted Linux server we are running WordPress on. This machine will host multiple WordPress sites under a specific directory with Apache. We are looking for something that will explain the best way or most secure way to set up the FTP account.

Viewing 1 replies (of 1 total)

  • I don’t think the question is related to WP specifically. It’s more of server administration related topic.

    Anyways, I would always give users only SFTP or FTPS, never allow FTP for obvious reason that the transmission is not encrypted. If you are going to host the WP sites all together as shared hosting (not VPS) and will give out SFTP, then chroot is a must.

    And instead of using the default port 21 for SFTP, I would change to something else so the brutal force bots won’t pound on it. If it’s not a hassle for you, the best solution I guess is passwordless logins:

    https://www.debian-administration.org/articles/152

Viewing 1 replies (of 1 total)
  • The topic ‘WordPress Best Practice’ is closed to new replies.