After reading a post on weblogtoolscollection.com about checklists for WordPress installs.
Note: This list shows some pointers for your WordPress install, nothing else and, it is a subject to change.
- Change table prefix to differ from the default one for your WordPress installation (wp-config.php file). To mitigate zero-day SQL Injection attacks.
- To your theme, functions.php file, add (for security reasons):
<?php remove_action (‘wp_head’, ‘wp_generator’); ?>
- To your .htaccess file (WordPress main directory) add (for security reasons):
Options All -Indexes
- Edit permalinks to:
- Delete WordPress test data: post, comment, page, links.
- Rename default post and link category to one of your liking.
- Create another admin level user, then rename or delete default WordPress user: admin (security reasons).
- Add a robots.txt file to your WordPress root directory.
- Post management:
- By default WordPress saves every post revision. After a while that will take up much space and clog your database. It is possible to tell wordpress to turn of post revisions (wp-config.php):
But, there are times you need that functionality. To get most out of both sides I use GD Press Tools. Not counting other functionality: It allows to delete old post revisions on demand.