Configure iThemes Security

Within Global Settings:
Write to Files: Allow iThemes Security to write to wp-config.php and .htaccess
Set notification email and backup email to web@ address
Send Digest Email
Enable Blacklist Repeat Offender
Add Current IP to Whitelist
Enable Infinite WP Compatibility

Within Banned Users:
Enable Ban Lists

Within System Tweaks:
Protect System Files
Disable Directory Browsing
Disable PHP in Uploads

Within WordPress Tweaks:
Remove the Windows Live Writer header
Remove the RSD Header
Reduce comment spam
Disable XML-RPC (unless using Jetpack)
Block Multiple Authentication Attempts per XML-RPC Request
Protect System Files

We also change the login URL, which is especially important if the site has a history of malware. This is in the Advanced Tab as Hide Backend. In this setting, you can change the login URL to anything you would like.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.