PROTECT MY WP

WordPress Security at the Server Level

Nginx config, PHP-FPM, MySQL hardening, Fail2Ban, UFW. Written for people who manage their own infrastructure.

Buy Now — £19 Read a free chapter

Beyond the plugin layer

🖥️

Server hardening, SSH, UFW, Fail2Ban, PHP-FPM isolation

🗄️

MySQL security, table prefix hardening, database user privileges

📡

SSL configuration, security headers, Nginx rules

“Most WordPress security advice stops at the plugin layer. This book doesn't.”

What's inside

  • Nginx security configuration and hardening rules
  • PHP-FPM pool isolation per site
  • MySQL user privileges and database hardening
  • UFW firewall setup and Fail2Ban configuration
  • SSH hardening and key-based authentication
  • SSL certificate management and HSTS configuration
  • Security headers: CSP, X-Frame-Options, HSTS, Referrer-Policy
  • Server-level log analysis and intrusion detection

From Chapter 2: WordPress Core Hardening 

location ~* /(wp-config\.php|xmlrpc\.php|readme\.html|license\.txt) {
    deny all;
    return 404;
}

Who wrote this

Stu is a WordPress administrator and hosting specialist with a long background in server management. That means Nginx configs, PHP-FPM pools, MySQL tuning, SSH hardening, firewall rules — the layer underneath WordPress that most WordPress security advice never touches.

The handbook is written for developers and sysadmins who run their own infrastructure and want to secure WordPress from the ground up rather than bolt security on top through plugins. Every chapter is rooted in real production experience, not theory.

Start with Chapter 1, it's free.

Read Chapter 1
Buy the full book — £19