diff --git a/WordPress-Security-Tips.md b/WordPress-Security-Tips.md
index b07765e..c4f6a8c 100644
--- a/WordPress-Security-Tips.md
+++ b/WordPress-Security-Tips.md
@@ -80,4 +80,6 @@ Attackers may use search engines to find potential vulnerable victims. By removi
 
 21. Enable X-Frame-Options for unauthenticated users.
 
-WordPress in recent versions uses the 'X-Frame-Options' HTTP header for privileged users to tell the browser where HTML frames are allowed to be loaded from. This isn't however set for unauthenticated users, allowing for potential [ClickJacking](https://www.owasp.org/index.php/Clickjacking) attacks.
\ No newline at end of file
+WordPress in recent versions uses the 'X-Frame-Options' HTTP header for privileged users to tell the browser where HTML frames are allowed to be loaded from. This isn't however set for unauthenticated users, allowing for potential [ClickJacking](https://www.owasp.org/index.php/Clickjacking) attacks.
+
+For further WordPress hardening tips see: [http://codex.wordpress.org/Hardening_WordPress](http://codex.wordpress.org/Hardening_WordPress)
\ No newline at end of file