What You Need to Know About Securing Wordpress On AWS Lightsail

There are many articles about securing your Wordpress site running on AWS Lightsail. Some information is outdated, such as configuring .htaccess files on the Bitnami Wordpress bundle. Other articles suggest copy-and-paste solutions without explaining how changing or adding these configuration options affect either the Lightsail virtual private server or the Bitnami Wordpress site.

If you're curious about securing your Lightsail instance by updating security headers, automating system updates and security patches, or automating maintenance to keep your Wordpress fast and responsive checkout Securing Wordpress on Lightsail: Lock Down Your Server.

The other part of the equation is hardening Wordpress. The Bitnami Wordpress bundle has a basic default security posture. However, there is room for improvement. In a follow-up article, Securing Wordpress on Lightsail: Hardening Wordpress, we explain how security headers prevent common attacks and why you need to do more than delete the default application password.

Be sure to check out these AWS Wordpress articles:

• Create a Load Balanced WordPress Website
  in Amazon Lightsail

• Deploying a high-availability WordPress website with an external Amazon RDS database to Elastic Beanstalk