0
1) Automatic changing of database keys to a different file and adding require_once “wp-config-db.php”;
2) Auto debug change from standard to:
define(‘WP_DEBUG’, false);
if ( ! WP_DEBUG ) {
ini_set(‘display_errors’, 0);
}
3) Adding htaccess
<FilesMatch “wp-config.*.php|.htaccess|readme.html”>
Order allow,deny
Deny from all
</FilesMatch>
And at the end
4) Hiding WP version in head, RSS and scripts
5) For wp-includes
<FilesMatch “.(?i:php)$”>
Order allow,deny
Deny from all
</FilesMatch>
<Files wp-tinymce.php>
Allow from all
</Files>
<Files ms-files.php>
Allow from all
</Files>
6) For wp-content catalog and each and every inside create a htaccess files
<FilesMatch “.(?i:php)$”>
Order allow,deny
Deny from all
</FilesMatch>
