General Security Advice about Custom Code

[AW]

My website is running on Woocommerce, and as a site for other to upload information as well : my website : https://sabah.website

Questions 1
I check on the S-Monitor and found out that there’s some code which is not set. I would need your advise on which one is advisable to put into my custom code for better security.

S-Monitor Reset | Recheck Result

• I click on S-Monitor > Reset | Recheck
• Then it prompt out the status as below
  • The Windows IIS Dismiss Notice is NOT set. Nothing to reset.
  • The Plugin Firewall Additional Roles IP Whitelist Dismiss Notice is NOT set. Nothing to reset.
  • The Sucuri 1-click Hardening wp-content .htaccess file Dismiss Notice is NOT set. Nothing to reset.
  • The WordPress Firewall 2 Plugin Dismiss Notice is NOT set. Nothing to reset.
  • The Broken Link Checker plugin HEAD Request Method filter Dismiss Notice is NOT set. Nothing to reset.
  • The PHP|php.ini handler htaccess code check Dismiss Notice is NOT set. Nothing to reset.
  • The Safe Mode HUD Check Dismiss Notice is NOT set. Nothing to reset.
  • The Custom Permalinks HUD Check Dismiss Notice is NOT set. Nothing to reset.
  • The LiteSpeed Server|Plugin Firewall Notice is NOT set. Nothing to reset.
  • The Bonus Custom Code: Dismiss All Notice is NOT set. Nothing to reset.
  • The Bonus Custom Code: Brute Force Login Protection Dismiss Notice is NOT set. Nothing to reset.
  • The Bonus Custom Code: Speed Boost Cache Code Dismiss Notice is NOT set. Nothing to reset.
  • The Bonus Custom Code: Author Enumeration BOT Probe Code Dismiss Notice is NOT set. Nothing to reset.
  • The Bonus Custom Code: XML-RPC DDoS Protection Code Dismiss Notice is NOT set. Nothing to reset.
  • The Bonus Custom Code: POST Request Attack Protection Code Dismiss Notice is NOT set. Nothing to reset.
  • The Bonus Custom Code: Mime Sniffing|Drive-by Download Attack Protection Code Dismiss Notice is NOT set. Nothing to reset.
  • The Bonus Custom Code: External iFrame|Clickjacking Protection Code Dismiss Notice is NOT set. Nothing to reset.
  • The Jetpack XML-RPC Bonus Custom Code & Site Uptime Monitor Notices are NOT set. Nothing to reset.
  • The WooCommerce Notice is NOT set. Nothing to reset.
  • The BPS Pro WooCommerce Options Notice: Enable Login Security for WooCommerce & Enable JTC for WooCommerce is NOT set. Nothing to reset.
  • The New Improved BPS Speed Boost Cache Code Notice is NOT set. Nothing to reset.

Question 2
Is there any custom code that can block other website to check on what theme, plugins and version that my website are using ?
Example; wprecon.com could check and show all information of my website on what theme, plugins and version that I am using.

Thanks and looking forward for your advise.

Regards,

Alex

[AITpro Admin]

I recommend using these Bonus Custom Codes below.  If you want to use other Bonus Custom Codes then click the Bonus Custom Code link, read the forum topic help/description information about what each Bonus Custom Code does and then decide if you want to use that Bonus Custom Code or not.
Author Enumeration BOT Probe Code
Mime Sniffing|Drive-by Download Attack Protection Code
External iFrame|Clickjacking Protection Code

Note: You can also find all Bonus Custom Code in this forum by clicking the Bonus Custom Code Tag in the right sidebar of this forum site:  https://forum.ait-pro.com/forums/topic-tag/bonus-custom-code/

There is no need to hide WP, plugin or theme versions.  So nope we don’t bother with doing that.

[Author]

Posts