WordPress Security Hardening includes:
- Security Headers (Strict Transport Security, Referrer Policy, XSS Protection, Frame, Content Security Policy, Permissions Policy)
- HotLink Protection
- Disable Directory Browsing
- WordFence Firewall implementation
- SSL (Secure Socket Layer) - https://
- Google ReCaptcha (Human Verification)
- Contact Form Spam Security (HoneyPots)
- Cloudflare Performance & Security
- WordFence & Cloudflare both working simultaneously
- DNSSEC (Prevention of: Hijacking Poisoning & Tunneling)
- Default wp login page url changing
- Securing wp-config.php file
- Locking Down /wp-includes/ + /wp-content/
- Bot Fight Mode
- Brute Force Protection (Restricting Login Attempts)
- 2FA - Two Factor Authentication
- Email Security - SPF, DKIM, DMARC (For Email Deliveribility & Prevention of Spoofing Attack)
- Email Protection - Encoding email for preventing bots to harvest email address on WordPress pages or contact page. This helps prevention of Spamvertising in your email inbox.
- Prevention of SQL Injection
- Prevention of DDoS - Distributed Denial of Service
- Theme/Plugin update
- and much much more.
This will definitely increase website performance in loading time & in SEO. This will increase 99% Security Hardening of WordPress.