wpvidZ

Learn WordPress With Video Tutorials

  • Blog
  • Browse
    • Backup & Restore
    • WordPress Localhost
    • WordPress Hosting
    • WordPress themes
    • Version Updates
    • Plugin Tips
    • Security
    • Tutorials
    • WordPress SEO
    • WP Miscellaneous
    • Sitemap
  • WP 5+ Tutorial
  • Search
wpvidZ Blog Security How To Secure Your Blog

Security

How To Secure Your Blog

Last updated on February 18, 2017
Posted on May 22, 2010

WordPress blog security with Plugins Part 2

We will continue the part 1 of tips to secure wordpress blog.

We are going to install three important wordpress security plugins and move wp-config file but, back up everything first.
10. Wp security plugins.
This wordpress security plugin will detect what we should fix, and it shows us red fonts. If we all do what we did in part 1 steps, it will just show one thing we should do, which is adding .htaccess file in wp-admin folder.


11. .htaccess in wp-admin

So basically we will do this step:
– Create .htaccess file inside wp-admin folder.
– Open wp-admin/.htaccess and you will find it empty.
– Open public_html/.htaccess = you can find this .htaccess in the folder where you install your wordpress or where wp-config file stays. Open this file and copy the code: it will look like this:


# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

There is more, once you have this .htaccess in wp-admin folder, check again in Admin dashboard/Security/scanner (see image).

Once you click “Scanner” you should see all the lists green as shown in image, if not, change file permission as it is suggested.

  • Is my site loading fast? I use this shared hosting
  • Try my theme >

12. Block bad queries plugin
As explained in the plugin name, this plugin will block all bad queries which try to access your blog.

13. Secure wordpress plugin
This is a must have plugin as well, once you installed it, you don’t have to change any settings, however if you are using windows live writer you should tick the option of it.

14. Move wp-config.php
Moving wp-config to one up folder. Which means the folder one step above public_html.
//Don’t do this if you have two wordpress blogs in main domain and subdomain and also do backup first.

So we are done with improving wordpress security using plugins. I hope it’s going to be helpful. (also the dish washer sound in the audio background :))

secure Wordpress

Latest Posts

  • Twenty Nineteen Theme Full Tutorial – Creating a Website
  • Uninstall W3 Total Cache Plugin – Incredibly Easy!
  • Create WordPress Website 2018 on SiteGround Genesis
  • WordPress Noopener Noreferrer Rel Attribute Quick Fix
  • WordPress CDN Setup with MaxCDN and W3 Total Cache Plugin
  • Twenty Seventeen One Page Parallax Scrolling Website Style
  • How To Add Google Map in WordPress Contact Page
  • WordPress 4.7 Justify Text and Underline
  • Twenty Seventeen Footer “Proudly Powered By WordPress” Text
  • How To Add YouTube Subscribe Button To WordPress Website
← WordPress security with Plugins Part 1
→ TimThumb WordPress vulnerability – is your theme or plugin affected by TimThumb security?

Comments

  1. Shelley says

    January 17, 2011 at 1:57 am

    Thanks for the article. When I change my Chmod to the recommended settings, however, they always revert back. Any suggestions?

    • Kimi says

      January 17, 2011 at 8:12 am

      Hi Shelley,

      Contact your host, they should fix it.

      Kind regards,

      Kimi.

      • Shelley says

        January 17, 2011 at 8:26 pm

        Kim, thanks for your help. GoDaddy tells me they will not allow me to change htaccess file permissions nor the root directory. What are your thoughts? Thanks for your help!

        • Kimi says

          January 19, 2011 at 11:28 am

          Hi Shelley,

          I don’t understand why they don’t allow you to change htaccess.

          Godaddy is recently receiving bad reviews on some forums anyway.

          As i never use GoDaddy, i can’t help much..

          Probably best is to ask in wordpress forum.

          Good luck.

  2. Shelley says

    January 19, 2011 at 6:01 pm

    Thanks, Kim. I ended up changing hosting providers over the weekend. I appreciate your feedback and this post.

    • Kimi says

      January 20, 2011 at 7:20 am

      Most welcome, Shelley!

  3. chris says

    May 1, 2011 at 7:54 am

    hi, Kimi, i add secure plugging to my wp, unable to access admin.please advice how to turn off plugging from hosting.regards chris

    • Kimi says

      May 2, 2011 at 8:27 am

      Hi Chris,

      You can login to your cPanel, or using FTP, and delete the plugin folder.

      The plugin folder will be in: wp-content → plugins → yourpluginname.

      It should bring back the admin page. This is why, before trying any plugins I suggest to install it in local installation of wp first, before applying in the live blog.

      I hope this helps!

      Regards,

      Kimi.

Comment form on this post is closed after 60 days.

Search

Worth Reading

  • WordPress Admin ID with a Custom Number
  • Plugin to Check TimThumb vulnerability
  • TimThumb WordPress vulnerability - is your theme or plugin affected by TimThumb security?
  • Wordpress security with Plugins Part 1

Backup & Restore

Backup WordPress Without a Plugin or FTP

Export WordPress Database using phpMyAdmin

BigDump Alternative – When BigDump Failed Importing Large WP Database

At This Place The Current Query Includes More Than 300 Dump Lines

View All..

Live Online Website

View All..

Offline Installation

How to Upload WordPress localhost to live server manually

Steps to Install WordPress on Windows 8 and WAMP 2.4

Install WordPress on Mavericks OS X 2014

Maximum upload file size in WAMP WordPress

View All..


WPvidz Hosting Image

  • About Me
  • Contact
  • Affiliate Disclosure
  • Privacy Policy
  • Term of Use

Copyright© 2023 wpvidz.com SG2021 | sitemap.xml


WPvidz.com is independent from WordPress.org but is proudly powered by WordPress & its block-based editor (Gutenberg)

WpvidZ.com uses cookies" to give you the best browsing experience possible. If you click "I Accept" below then you are consenting to this. For more information about your privacy settings on this website, please visit the Privacy Policy page. I Accept