Skip to content
install wp secure plugin and select most of the options!
Store your PHP passwords to access your MySQL databases in a file with a .inc.php and place this file in a directory which is above the server’s document root.
Run WP Security Scan
- Make sure you have most up to date wordpress
- change database prefix from wp_ to something else (WSD Security plugin will do this)
- change default admin username from admin to something else (add new admin, log out, log in under new user, delete old admin, choose import posts option when u do it.)
- move config.php and files containing Passwords to MySQL to a secure directory outside of the public_html folder and then add this to to wp_config.php
require(‘new path goes here…/yourconfigfile.php’);
- RESTRICT ADMIN TO YOUR IP so that no one else can login to your admin page:
go to wp-admin directory and add to htaccess file:
deny from all
allow from your.staticip.goes.here
- BEGIN WordPress