Das PremiumWP Whitepaper
Security
○ Custom directories and “Security by obscurity”
· wp-config.php secured and moved
· official WordPress configuration methods used
· all WordPress core files in subfolder
· plugins in different subfolder
· media and plugin data in different subfolder
· Hidden server version strings
· Hidden WordPress generator name and version strings
○ .htaccess based file protection
Prevention of directory listings, (unauthorized/direct) denied access to wp-admin, wp-config.php, wp-login.php and xmlrpc.php, prevention of code execution in several directories
○ .htaccess firewall
○ HTTP security headers
SSL forced using mod_headers.c Strict-Transport-Security, X-XXS protection, no sniffing, SSL cookies, content security and referrer policy
○ WordFence
.htaccess firewall (auto_prepend_file), brute force & malware protection, file changes, spam filter, administrative and suspicious events reporting
○ Invisible Google reCaptcha
Trusted protection of all login forms, administrative forms and contact forms
○ Custom login URL
Performance
○ HTTP/2 and PHP 7.2 ¹
Technology for next-gen WordPress experience
○ Server-side PHP script caching ¹
With using OPcache technology
○ Nginx reverse proxy ¹
Load balanced serving of static files like images, JavaScript and CSS
○ Server-side static file caching
Serving of cached html files using a CDN (third party), Nginx/ Varnish cache ¹ or WordPress advanced cache
○ Browser caching
.htaccess based expiry optimization (mod_expires.c) and leverage browser caching (mod_mime.c)
○ Compressed content
.htaccess based serving of gzip encoded data using mod_deflate.c
○ Minimized requests and optimized code
By consolidated, minified and compressed HTML, JavaScript and CSS
○ Image optimization and lossless compression
○ Lazy load media ²
SEO
○ Multiple performance measures
(See above)
○ Content meta
Meta description for pages and posts, keywords, alt-tags using professional SEO extensions
○ Rich snippets
○ Conversion optimization
○ Open and connected
Sitemap, Facebook OpenGraph + Google + Twitter tags
○ Google Analytics
Content
○ Real visual editing ²
Using a performant visual frontpage editor with section and page templates
○ Responsive ²
○ Multilingual
Multi-domain, subdomain or /lang-style
○ Data protection
EU-GDPR compliant, SSL encrypted data transfer, Google reCaptcha protected forms
○ Forms
Encoded email addresses, cloud protected, EU-GDPR notifications
○ Third party services
Facebook, Google, Twitter, Instagram etc.
○ eCommerce ready
Full support of WooCommerce
Maintenance
○ Uptime monitoring
○ Updates
○ Activity monitoring
Updates, file changes, admin logins, new pages and posts
EXTRA: CLOUD & LOCAL IT
○ Microsoft-hosted Exchange Server
Domain connected (DNS MX record), 50GB storage, unlimited devices
○ On-Site IT: Server, Storage/Backup, PCs
¹ Depends on web host
² Depends on theme