In order to make updating wordpress nice and easy, you should install an ftp server. What we do not account for in this setup, is having more than one wordpress site, or other service, accessible via ftp.
For security, you want to listen only on localhost, regardless of whether you have a firewall, as you should not depend on one level of security.
SocketBindTight on DefaultAddress localhost
Some more basic changes that I made…
DefaultRoot /var/www/site/ #AuthOrder mod_auth_pam.c* mod_auth_unix.c
Lastly, you need to add a user and give them a password. Always remember that you should never give the apache group write access to everything in /var/www, otherwise you are open to more exploits.
useradd -m -g apache blog passwd blog chown -R blog:apache /var/www/site