Alright everyone, thank you so much for your thoughtful recommendations! To sum it up, here’s what I have done:
I used let’s encrypt’s Certbot to get my SSL certs and setup https, auto-renew every 3 months and I setup a reminder to update Certbot every month.
I setup a permanent redirect from http to https in Apache
I installed a firewall on the Pi, only 80, 443 and [22 from my computer to the RPi] are open. I couldn’t find the firewall settings on my router but I assume they exist since I had to forward 80 and 443 there.
installed the following plugins: WordFence and WP Fail2Ban
changed the user password on the pi to a better longer one
Alright everyone, thank you so much for your thoughtful recommendations! To sum it up, here’s what I have done:
I think I should be all set, shouldn’t I?