Forum Replies Created

Viewing 5 replies - 1 through 5 (of 5 total)
  • Thread Starter cyang255

    (@cyang255)

    Hi bemdesign,

    I means there are many php plugins, mysql plugins, so I was wondering how would other more experiences WordPress developers use? What do you guys use? Does WordPress already support them in core? Sorry, I am really new to WP 4.3, so I need to a lot of reading to find out these “basic” stuff.

    Any suggestions on which plugin to use or API to call is very appreciated. Thanks.

    Thread Starter cyang255

    (@cyang255)

    We have leased a dedicated server, our vendor has installed firewall for us, it was so tight that something even filter out our own members for invalided login attempts.

    So, I am looking for idea to secure WordPress to make it harder to hack. Although we are none-profit organization and do not carry any credit card information, but it’s still not fun that your sites got hacked.

    So, any suggestions are very appreciated. What is the best practices for keeping WordPress secure as “Federal Reserve Bank”, LOL

    Thanks.

    Thread Starter cyang255

    (@cyang255)

    Ok, I found the problem. So stupid of me, it was the line under

    <Directory “/var/www/html/sites”>

    AllowOverride None

    must change to

    AllowOverride All

    After I changed the line, restart apache2 server then everything works now.

    Thread Starter cyang255

    (@cyang255)

    Ok, I did not answer the question correctly. The WP 4.3 is untared to /var/www/html/site/wpdemo directory.

    The apache httpd.conf has a entry – DocumentRoot “/var/www/html/sites”

    Here is part of the httpd.conf

    DocumentRoot “/var/www/html/sites”
    #
    # Relax access to content within /var/www.
    #
    <Directory “/var/www”>
    AllowOverride None
    # Allow open access:
    Require all granted
    </Directory>

    # Further relax access to the default document root:
    <Directory “/var/www/html/sites”>
    #
    # Possible values for the Options directive are “None”, “All”,
    # or any combination of:
    # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that “MultiViews” must be named *explicitly* — “Options All”
    # doesn’t give it to you.
    #
    # The Options directive is both complicated and important. Please see
    # https://httpd.apache.org/docs/2.4/mod/core.html#options
    # for more information.
    #
    Options Indexes FollowSymLinks

    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be “All”, “None”, or any combination of the keywords:
    # Options FileInfo AuthConfig Limit
    #
    AllowOverride None

    #
    # Controls who can get stuff from this server.
    #
    Require all granted
    </Directory>

    Thread Starter cyang255

    (@cyang255)

    Hi Frans,

    First, I installed WP 4.3 on AWS, and it’s in the root directory of /var/www/html/sites/wpdemo

    Here is the .htaccess

    RewriteEngine On
    RewriteBase /wpdemo/
    RewriteRule ^index\.php$ – [L]

    # add a trailing slash to /wp-admin
    RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]

    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^ – [L]
    RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
    RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
    RewriteRule . index.php [L]

Viewing 5 replies - 1 through 5 (of 5 total)