The database is the fundamental part of a website and therefore it is very important to protect it, not only making backup copies to be able to replace it if necessary, but also changing the prefix of the tables to prevent possible attackers from get the data they contain.
Database service : makes access to the database only possible from the server or instance where WordPress is installed (not open). Database user : allows “wp-config” not to be root, but only one with access to the WordPress schema. To maintain security on your WordPress-based website, we recommend that you install a system that counts attempts to login to the “wp_login.php” page.
Number of Logins from The Same IP
In case of detecting a high number of logins from the same IP. It would be advisable to ban that address, either for a limited time (30 minutes, 50 minutes, 1 hour…) or permanently. This will prevent a bot from guessing the username and password through an alphabet or how to find phone number location in Cambodia dictionary attack. These attacks consist of trying to decipher usernames. Passwords by trying numerous attempts and basing these on words from a dictionary of previously used keys or passwords that they may have obtained in previous attacks.
Content Security Policy (CSP)
It consists of adding an HTTP header to the web page. Giving it specific values to control the resources that the user can load for that page. They serve as an additional security layer that helps prevent and reduce certain attacks such as Cross-Site Scripting.
Cross Site Scripting consists of executing malicious scripts in the browser. Since the browser trusts the source of the content even. When it does not come from where it is supposed to come from. adding the header will make attempting XSS. Less easy for the hacker trying to do it. It also serves to reduce data injection attacks. Which consist of inserting your own code into a website to access protected data from the website under attack.