Replace ${WP_ROOT} with the directory location of wordpress. If you are already in the wp document root, replace with a dot .

find ${WP_ROOT} -exec chown :apache {} \;
find ${WP_ROOT} -type d -exec chmod 755 {} \;
find ${WP_ROOT} -type f -exec chmod 644 {} \;

Check the current URL, first select the database with the 'use' command (eg. use live_database;):

SELECT * FROM wp_options WHERE option_name = 'siteurl' OR option_name = 'home' ;

UPDATE wp_options SET option_value = 'http://notes.lukeslinux.co.uk' WHERE option_name = 'siteurl' OR option_name = 'home';

Used for permalinks

RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(.*)\ HTTP/ [NC]
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^/?(wp-admin/|wp-login\.php) https://mysite.com%{REQUEST_URI}%{QUERY_STRING} [R=301,QSA,L]

define('FS_METHOD', 'direct');
define('FTP_BASE', '/var/www/vhosts/example.com/httpdocs/');
define('FTP_CONTENT_DIR', '/var/www/vhosts/example.com/httpdocs/wp-content/');
define('FTP_PLUGIN_DIR ', '/var/www/vhosts/example.com/httpdocs/plugins/');
#define('FTP_PUBKEY', '/var/www/vhosts/example.com/httpdocs/.ssh/id_rsa.pub');
#define('FTP_PRIKEY', '/var/www/vhosts/example.com/httpdocs/.ssh/id_rsa');
define('FTP_USER', 'FTPusername');
define('FTP_PASS', 'FTPpassword');
define('FTP_HOST', 'localhost');
define('FTP_SSL', false);

vim /var/www/vhost/website/wp-config.php

define('FS_METHOD', 'direct');

To prevent xmlrpc attacks add the following to a .htaccess

<Files "xmlrpc.php">
Order Allow,Deny
deny from all
</Files>

xml-rpc can use system.multicall - this can be used to execute multiple methods inside a single request. This allows applications to pass multiple commands with one http request.
You could also use a plugin called JetPack to assist - more information to come soon

https://wordpress.org/plugins/jetpack/