I need to protect the sites with a .htaccess
changing the permissions of some folders and files
definitely change the way to work and make some special mental changes for coding inside WordPress
- DesktopServer – There are a variety of tools for creating local WordPress sites. In my opinion, the best tool is Vagrant, but the easiest and second best is DesktopServer. Vagrant is an automated system for creating and managing complete server environments in a virtual machine. DesktopServer creates a server for you using XAMMP, using a simple GUI.
- SourceTree – A free, easy to use and very powerful GUI tool for Git.
- Private BitBucket Git Repository – While most of the time the only truly sensitive information in a WordPress install is in the wp-config file, which I don’t include in my Git repository, I keep whole sites in private repos, which are free from Bitbucket. Open-sourcing your entire site might make sense, but it’s something to think through thoroughly before doing so, and erring on the side of caution is a good policy, especially when doing client work.
- WP Migrate DB Pro – While Git can keep all of the site’s files in sync between environments, a different tool is required for keeping the MySQL databses in sync. WP Migrate DB Pro is an excellent plugin that automates this process.
- Web Hosting With Git – More and more these days, even shared hosting offers Git preinstalled and SSH access. If your shared host doesn’t offer these features, I recommend you get a new one as Git and SSH are essentials for modern web development. Many hosts, such as WP Engine and Site Ground, now offer Git as a standard feature in their lower-end hosting packages.
….The principal principal is allow all the files inside a GIT repository.
If you have any problem just set -> git status for check the last modifications and if you did not agree with this or is rare set -> git commit -ament
Yes all the input way of information need to be tracked or in some cases removed
How to Completely Disable Comments
There some importat services who offer a god service for check out the malware and other bad things of out wordpress
recently i installed the plugin in my wordpress and is also!
Way for improve the site charge http://kb.mediatemple.net/questions/1567/Compressing+web+pages+with+mod_deflate#dv
Finally block the ip from the site who are hacked your page , here a list from country of put inside iptables
Some instructions for working with hacked or compromised website
- What steps can I take to prevent my service from being hacked?
- I’ve been hacked. What can I do?
- More General Tips
- Use Strong Passwords
- Use Secure Protocols
- Maintain Regular Backups
- Harden your PHP Settings
- Working with third-party applications
Finally install a firewall aplication package for improve the quality in iptables and make the security a premise into all operations of the wordpress administration servers.