DigitalOcean

Report this

What is the reason for this report?
Question

How to secure WordPress server on Ubuntu 18.04 when starting from scratch

Posted on May 9, 2020
WordPress
344575f7a7d64554823746d18841f3

By 344575f7a7d64554823746d18841f3

I’m planning on spending the time and setting up an Ubuntu server 18.04 for a WordPress website, but I want to make sure the installation is secure as the One-Click WordPress droplet offered by DigitalOcean.

So, besides the enabling the firewall and using the wp fail2ban plugin do I need anything else to have a secure server online?



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
alexdo
alexdo
May 10, 2020

Hello, @mhweb

There are other tweaks that you can implement in order to tight up the security. You can disable the PasswordAuthentication and also limit the root login to a certain amount of IP addresses. Tweak IP tables as well as using fail2ban and UFW.

I will recommend you to check this tutorial on how to secure your Linux VPS:

https://www.digitalocean.com/community/tutorials/an-introduction-to-securing-your-linux-vps

Hope this helps!

Regards, Alex

0
Akash Kanaujiya
Akash Kanaujiya
May 10, 2020

Hi @mhweb,

You may enable a couple of things on your server to make it secure,

  1. Setup new user and disable root login via SSH.
  2. Disable Password Authentication, always use SSH tunnel.
  3. Secure Mysql server
  4. Secure Phpmyadmin (If you’re using)
  5. Setup firewall to enabled and disable inbound and outbound network connections, (You should use Cloudflare as it provides additional securities including Firewall, DDOS protection)

If you’ll use the Cloudflare, no one could easily know your real IP address, However, it is possible to know, but it is like an extra layer of security.

Never open all network ports, use only selected port.

0
alexdo
alexdo
August 30, 2022

Hello there,

As this question popped up again in our community, I would like to link another question that was answered on this same mather

https://www.digitalocean.com/community/questions/how-to-secure-wordpress-one-click-install

Regards

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and AI-native businesses

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2026 DigitalOcean, LLC.Sitemap.