I run a bunch of sites using WordPress multisite in a very competitive industry. I recently refused to give a competitor backlinks and he threatened to ‘take my sites down’.
While I know they are just empty threats I wanted to find out if there is anything more I might need to do to protect my sites. I have been using WordPress for the past 5 years and this is my current setup.
1. I use cloudways to host the sites on a single multisite. Most of the sub sites are just cctlds and other language versions.
2. I use Astra with Kadence blocks as my pagebuilder.
3. I use very few and necessary plugins and I keep them all up to date.
4. For security I just use Wordfence premium.
5. I use perfmatters to disable xmlrpc and to hide the default login.
6. I also use the cloudflare enterprise offered by cloudways for the WAF and bot protection.
What more can I do to keep the site secure from any hacking or ddos attempts?
Thank you in advance!
[ad_2]
Are you taking any automated backups? Backup your Cloudways server and your WordPress install daily if you can. Preferably with offsite backups not on the same server/site. And remember to test the restoring method every once in a while too.
Look in your private messages. I don’t want to advertise and get blocked.
You’re missing strong, unique, passwords from your list – that (along with regular updates) is the most important thing.
The douche probably doesn’t have the technical knowledge to get past what you already do. It doesn’t take much technical knowledge to set up a DDOS attack these days though. I think CF will save you there though.