AI-Assisted Docs and Related Work
WordPress Security Benchmark
WordPress security benchmark: prescriptive full-stack hardening controls for current supported WordPress releases on the LEMP/LAMP stack.
Audit the Stack Control by Control
This benchmark answers the question, βWhat do I verify?β It is meant for security engineers, auditors, and sysadmins who need prescriptive controls they can assess consistently across a real stack.
Controls are organized in two tiers. Essential Hardening covers the baseline configurations required for any WordPress site on this stack β the minimum standard for a defensible deployment. Defense-in-Depth covers additional controls that reduce attack surface, limit lateral movement, and increase resilience β recommended for production environments or any site where the cost of compromise is high.
Each control includes a description, a rationale, an audit command, and a remediation step for supported WordPress releases on the LEMP/LAMP stack.
Repository Details
- Owner
- @dknauss
- Source
- dknauss/wp-security-benchmark
- Latest release
- v1.1.0
- CI
- GitHub Actions
- License
- CC BY-SA 4.0
- Last updated
- Stars
- 3
A prescriptive benchmark with pass-fail controls, audit commands, remediation steps, and target versions for current supported stacks.
