Spent the morning securing a WordPress site for a local law firm. They had been getting spam form submissions and wanted a general security review.
What I Did
- Updated WordPress core, themes, and all plugins
- Installed and configured Wordfence
- Added reCAPTCHA to contact forms
- Implemented rate limiting on login attempts
- Set up automatic daily backups to offsite storage
- Added security headers via .htaccess
Time
About 3 hours including documentation for the client.