After recently being hacked (first time ever) I need help to secure my site(s). I have deleted all content completely, to start afresh.
Before I start again, I am wondering what steps I should take immediately after I re-install WP.
For example, immediately after installing WP should I:
1. Install WordFence (https://wordpress.org/plugins/wordfence/)
2. Install Sitelock (http://help.secureserver.net/article/12273?locale=en&prog_id=uworlds)
3. Install iThemes Security (https://wordpress.org/plugins/better-wp-security/)
4. Do everything on this page: http://codex.wordpress.org/Hardening_WordPress
5. Do everything on the list on this page: https://premium.wpmudev.org/blog/keeping-wordpress-secure-the-ultimate-guide/
Is this a bunch of overkill? I don’t have the expertise this afternoon to dissect which elements of which of the 5 links above would be the most relevant for me but I am rolling out 40 sites so to have to do all of the above for all of the sites seems positively overwhelming!
From what I have read Multisite does not sound like a viable option in my scenario.
If there is an easier way to secure 40 sites all at once I am all ears! I don’t want to embark on anything and waste time in case there is an easier method and don’t want to have to roll back a mistake 40 times and apply a fix 40 times.
Also … I really need to learn how to back up all my sites in such a way that I can rollback in the event of a disaster / hack etc.
If anyone could help me with this, it will help me actually get started as I don’t want to do anything until I have this piece sorted out.