1st Test: https://www.woorank.com/
Improve: Meta description. Downloading Yoast
2.- Security
Test1: https://sitecheck.sucuri.net/results/ntalam.com = Medium Security Risk
Solving: Directory Listing.
Modify /etc/apache2/sites-available/xxxx.conf adding
....
</VirtualHost>
<Directory /var/www/html/example.com/public_html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
Restart the server
sudo service apache2 restart
Fixing the headers for PHP wp
a2enmod headers
Now we have to modify the .conf file and add…
(notice the 443 port)
<VirtualHost *:443>
Header always append X-Frame-Options SAMEORIGIN
Header always set Strict-Transport-Security “max-age=31536000;”
Header set X-XSS-Protection "1; mode=block"
Header set X-Content-Type-Options nosniff
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
</VirtualHost>
Sources: https://www.linode.com/docs/web-servers/apache/how-to-set-up-htaccess-on-apache/
https://stackoverflow.com/questions/34554240/apache-edit-to-conf-file-produces-invalid-command-header
https://www.webarxsecurity.com/https-security-headers-wp/
https://www.xolphin.com/support/Apache_FAQ/Apache_-_Configuring_HTTP_Strict_Transport_Security