In order to improve the security and reduce maintenance costs we may do a PoC to try to introduce a concept of having whole Wordpress behind basic auth and serving only statically generated HTML to the visitors. Of course that should be an optional mode.
Benefits:
Reduces security surface significantly
Improves performance (no WAF required to protect WordPress, no security plugins required, visitors does not trigger PHP & Database)
No need to setup extra caching, just the client-side caching headers
Solutions worth to try:
https://wp2static.com/developers/wp-cli/ (has a CLI support, so we can write a simple Go application that would watch for changes in WP posts table, then trigger rebuild)
Requirements:
Setup NGINX to behave differently (what about WP installation process to be available when this mode is on?)
In order to improve the security and reduce maintenance costs we may do a PoC to try to introduce a concept of having whole Wordpress behind basic auth and serving only statically generated HTML to the visitors. Of course that should be an optional mode.
Benefits:
Solutions worth to try:
Requirements: