This project focuses specifically on setting up and hardening a WordPress website. When it comes to security, there will be a range of “common” steps that need to be followed, but based on the target service or product, there will be additional exercises that should be completed to help reduce the attack surface and secure the application further.
We have documented a process similar to the one we followed when deploying and hardening the HackYour.Tech WordPress website. This is designed for readers to follow along and extract information that relates to their own circumstance. The projects chapters will include step by step style posts, following along with a locally deployment WordPress instance on a server we own. The scope of the project specifically focuses on WordPress and not the overall server.