Last active
September 28, 2022 05:25
-
-
Save voneff/f66128aaacd350294e8a to your computer and use it in GitHub Desktop.
WordPress: custom security measures for wp-config.php
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Custom Security Measures by @voneff | |
| # | |
| # Sources: | |
| # @link https://gist.github.com/voneff/f66128aaacd350294e8a | |
| # @link https://premium.wpmudev.org/blog/keeping-wordpress-secure-the-ultimate-guide | |
| # @link https://kinsta.com/blog/wp-config-php/ | |
| # @link https://kittpress.com/wordpress-sicherheit-2-erste-konfiguration/ | |
| # | |
| # Turn Off PHP Error Reporting: | |
| error_reporting(0); | |
| @ini_set(‘display_errors’, 0); | |
| # Disable the Plugin and Theme Editor: | |
| define( 'DISALLOW_FILE_EDIT', true ); | |
| # Activate minor WP Core updates | |
| define( 'WP_AUTO_UPDATE_CORE', 'minor' ); | |
| # Force SSL on Login and Admin Pages | |
| define( 'FORCE_SSL_LOGIN', true ); | |
| define( 'FORCE_SSL_ADMIN', true ); | |
| # Block External URL Requests: | |
| define( 'WP_HTTP_BLOCK_EXTERNAL', true ); | |
| define( 'WP_ACCESSIBLE_HOSTS', | |
| '*.wordpress.org, | |
| *.wordpress.com, | |
| *.geotrust.com, | |
| *.akismet.com, | |
| *.wordfence.com, | |
| ajax.googleapis.com, | |
| *.google-analytics.com, | |
| *.yoast.com, | |
| *.seedprod.com, | |
| wpml.org, | |
| *.wpml.org, | |
| d2salfytceyqoe.cloudfront.net, | |
| api.wp-types.com, | |
| d7j863fr5jhrr.cloudfront.net, | |
| api.wordpress.org, | |
| api.wpml.org, | |
| *.laikalaika.de, | |
| elegantthemes.com, | |
| *.elegantthemes.com, | |
| gravatar.com, | |
| *.gravatar.com' ); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks! You might want to change line 18 to:
define( 'WP_AUTO_UPDATE_CORE', 'minor' );it seems thatminoris string :)