1.37 Puncte = 1 Vella / Vella= 0.00002667583 BTC si 43.2183406114 Doge

How to secure yor WordPress site


Active Member
Oracol XOR Partner
Official Support
Oracol (XOR)
Fan Adevărat!
0.00 Puncte
The security of WordPress has become much easier lately, thanks to the WordPress team, which continually resolves vulnerabilities and updates. Wordfence is one of the tools that can help secure WordPress platform.

Backup is the most important security method. In case of a vulnerability or data loss, all files with this active service can be restored. Also, in case of file changes, it is recommended to perform a full backup before. The hosting provider should be able to generate a full backup archive. Otherwise, there are backups, such as UpdraftPlus, which have good ratings.

Delete old WordPress programs installed
You can log in to the WordPress website via FTP or through the File Manager to view the files in your hosting account. Check if there is any older installation of the WordPress platform. You can check directories such as 'backup', 'doc_root.old', 'old_wordpress' or similar folders.

If you do not know what a director means, ask for help from the hosting provider or programmer you are working with. Any directories that are old or not used should be deleted. They may not be protected, and attackers may find vulnerabilities to access the site. The same is recommended for each installed but outdated or used program, including old PHP applications such as PHPMyAdmin, MediaWiki, Joomla, and Drupal.

Delete unused themes or plugins
To delete unused plugins, visit the WordPress administration panel, Plugins-> Installed Plugins. Delete all plugins that are no longer in use. Each plugin can be checked by clicking the Details button to see when the last date was updated. It is recommended to delete the plugins that have not been updated for more than 2 years, as there are a lot of vulnerabilities.

The same procedure is for the themes: WordPress -> Appearance -> Themes panel deletes themes that are no longer used. By deleting all the themes, plugins or extensions that are no longer used, the vulnerability and hacking risk are significantly reduced.

Access security panel Wordpress
Make sure each user has access to the WordPress panel just as much as necessary, and only one admin has total access that you trust. If you are creating users (Users-> All Users) that you do not recognize, it is advisable to delete them. Also, the access password must be a strong password and not be used to access other accounts.

All WordPress software needs to be updated to the latest versions available: plugins, themes, all installed extensions. The latest version eliminates a number of vulnerabilities identified in the previous version.

If the theme you use is a custom one, it is recommended to contact the developer who created the theme.

Install Wordfence
Install the Wordfence plugin on your WordPress site. Go to the "Firewall" menu and enable "Extended Protection". This ensures the following:

Wordfence Firewall will analyze each application before running the PHP code, including the WordPress PHP code. This allows Wordfence to intercept any site vulnerability before affecting existing PHP applications.
Wordfence will also protect any PHP applications installed on the WordPress directory. We recommend that you proceed to Wordfence Premium if possible to ensure blacklists, firewall rules, and malicious files are viewed to prevent new attacks.

Full scan of the site
If you use Wordfence, access the Wordfence menu -> Scan menu, click for a scan. All issues that are identified will appear on the screen and will be removed for good site security.

Enables 2 phone factor authentication
Access Wordfence -> Tools, click on the Cellphone Sign-in tab and enable this option for all users with administrator rights. This feature will alert you by SMS or email every time you connect to Wordpress on a new device.

By going through these steps to verifying the WordPress site, you will increase the security level of the site and you will be able to remove any vulnerabilities that could have devastating effects.