{"id":45058,"date":"2023-04-28T11:19:00","date_gmt":"2023-04-28T03:19:00","guid":{"rendered":"https:\/\/dp2024.sim-dp.com\/?p=45058"},"modified":"2023-04-28T11:21:20","modified_gmt":"2023-04-28T03:21:20","slug":"how-to-harden-wordpress-advanced-steps","status":"publish","type":"post","link":"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/","title":{"rendered":"How to Harden WordPress – Advanced Steps"},"content":{"rendered":"
In the previous article, we talked about the essential steps to harden WordPress<\/a>. Today, we will present you with more advanced steps to further reduce the risks of attacks.<\/div>\n
1. Block PHP execution in untrusted folders<\/strong><\/div>\n
This step includes blocking PHP files from being executed in folders that are not designed to run PHP code. This can be accomplished by adding a rule to the server’s .htaccess file that forbids PHP execution in specific directories, or by configuring the server’s PHP handler to disable PHP execution in untrusted folders. This helps to prevent malicious code from being executed and minimizes the risk of attacks.<\/div>\n
2. Disable file editing<\/strong><\/div>\n
WordPress has a file editor that allows users to edit theme and plugin files directly from the WordPress dashboard. However, attackers can use this feature to inject malicious code into the website. To avoid this, disable the file editor by adding the following line of code to the wp-config.php file:<\/div>\n
define('DISALLOW_FILE_EDIT', true);<\/code><\/div>\n
3. Change security keys<\/strong><\/div>\n
WordPress encrypts user passwords and other sensitive information with security keys. Changing these keys on a regular basis offers an extra layer of protection by making it more difficult for attackers to decrypt sensitive information. There are eight Security Keys located in your wp-config.php file just after the database credentials. They have a little section that looks like this:<\/div>\n
\ndefine('AUTH_KEY', 'put your unique phrase here');
\ndefine('SECURE_AUTH_KEY', 'put your unique phrase here');
\ndefine('LOGGED_IN_KEY', 'put your unique phrase here');
\ndefine('NONCE_KEY', 'put your unique phrase here');
\ndefine('AUTH_SALT', 'put your unique phrase here');
\ndefine('SECURE_AUTH_SALT', 'put your unique phrase here');
\ndefine('LOGGED_IN_SALT', 'put your unique phrase here');
\ndefine('NONCE_SALT', 'put your unique phrase here');
\n<\/code><\/p>\n
You may use the generator https:\/\/api.wordpress.org\/secret-key\/1.1\/salt\/<\/a> to help you generate a new set of unique keys and replace the existing keys in your wp-config.php file. <\/div>\n<\/div>\n
4. Disallow plugin installations<\/strong><\/div>\n
Allowing users to install plugins on a WordPress site can be risky since plugins might bring vulnerabilities and security problems. To prevent this, , only trusted users should be allowed to install plugins.
\nThis can be done by adding the following line of code to the wp-config.php file:\n<\/div>\n
define('DISALLOW_FILE_MODS', true);<\/code><\/div>\n
5. Secure your wp-config.php file<\/strong><\/div>\n
The wp-config.php file contains sensitive information such as database credentials, security keys, and other configuration settings. To protect this file, You can move the wp-config.php file to a directory outside of the web root. For example, if your WordPress files are in \/home\/username\/public_html\/<\/span>, you can move the wp-config.php file to\n<\/div>\n
Ensure that the file permissions for wp-config.php are set to read-only:<\/div>\n
chmod 600 wp-config.php<\/code><\/div>\n
6. Separating out databases<\/strong><\/div>\n
WordPress’s data is stored in a MySQL or MariaDB database. It is recommended to utilize a separate database for WordPress and to set up a unique user account with limited database access rights to enhance security. This minimizes the risk of attacks and limits the damage caused by a compromised WordPress installation.<\/div>\n
7. Securing wp-admin<\/strong><\/div>\n
The wp-admin folder is the backend of a WordPress site, and it is a common target for attackers. Access to this folder should be restricted to trusted users only. Strong passwords should be required for login. Additionally, two-factor authentication and IP blocking can be used to further enhance security.<\/div>\n
In conclusion, hardening your WordPress site is essential to ensure its security and protect it from potential attacks. By following the steps outlined in this article, you can significantly improve the security of your WordPress site, and reduce the risk of it being compromised. If you have any questions about our WordPress hosting<\/a> services, feel free to contact our customer service by phone at +852 3959 1800 or via email at cs@dp2024.sim-dp.com<\/a>.<\/div>\n","protected":false},"excerpt":{"rendered":"

In the previous article, we talked about the essential steps to harden WordPress. Today, we will present you with more advanced steps to further reduce … read more<\/a><\/p>\n","protected":false},"author":27,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_cloudinary_featured_overwrite":false,"footnotes":""},"categories":[1],"tags":[],"acf":[],"yoast_head":"\nHow to Harden WordPress - Advanced Steps | Dataplugs<\/title>\n<meta name=\"description\" content=\"In the previous article, we talked about the essential steps to harden WordPress. Today, we will present you with more advanced steps to further reduce\" \/>\n<meta name=\"robots\" content=\"index, follow\" \/>\n<link rel=\"canonical\" href=\"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Harden WordPress - Advanced Steps | Dataplugs\" \/>\n<meta property=\"og:description\" content=\"In the previous article, we talked about the essential steps to harden WordPress. Today, we will present you with more advanced steps to further reduce\" \/>\n<meta property=\"og:url\" content=\"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/\" \/>\n<meta property=\"og:site_name\" content=\"Dataplugs\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/dataplugs\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-04-28T03:19:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-04-28T03:21:20+00:00\" \/>\n<meta name=\"author\" content=\"Debbie Ng\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@dataplugs\" \/>\n<meta name=\"twitter:site\" content=\"@dataplugs\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Debbie Ng\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/\"},\"author\":{\"name\":\"Debbie Ng\",\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/#\/schema\/person\/e48945e9052e7ca2a4fdc384c4cb4086\"},\"headline\":\"How to Harden WordPress – Advanced Steps\",\"datePublished\":\"2023-04-28T03:19:00+00:00\",\"dateModified\":\"2023-04-28T03:21:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/\"},\"wordCount\":358,\"publisher\":{\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/#organization\"},\"articleSection\":[\"Industry News\"],\"inLanguage\":\"en-US\",\"about\":{\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/\"},\"thumbnailUrl\":\"https:\/\/dp2024.sim-dp.com\/wp-content\/uploads\/2023\/04\/blog-750x410-2023-04-28.jpg\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/\",\"url\":\"https:\/\/dp2024.sim-dp.com\/wp-content\/uploads\/2023\/04\/blog-750x410-2023-04-28.jpg\",\"name\":\"How to Harden WordPress - Advanced Steps | Dataplugs\",\"isPartOf\":{\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/#website\"},\"datePublished\":\"2023-04-28T03:19:00+00:00\",\"dateModified\":\"2023-04-28T03:21:20+00:00\",\"description\":\"In the previous article, we talked about the essential steps to harden WordPress. Today, we will present you with more advanced steps to further reduce\",\"breadcrumb\":{\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/\"]}],\"contentUrl\":\"https:\/\/dp2024.sim-dp.com\/wp-content\/uploads\/2023\/04\/blog-750x410-2023-04-28.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/dp2024.sim-dp.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Harden WordPress – Advanced Steps\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/#website\",\"url\":\"https:\/\/dp2024.sim-dp.com\/en\/\",\"name\":\"Dataplugs\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/dp2024.sim-dp.com\/en\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/#organization\",\"name\":\"Dataplugs Limited\",\"url\":\"https:\/\/dp2024.sim-dp.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/dp2024.sim-dp.com\/wp-content\/uploads\/2021\/09\/logo_en-1.png\",\"contentUrl\":\"https:\/\/dp2024.sim-dp.com\/wp-content\/uploads\/2021\/09\/logo_en-1.png\",\"width\":1,\"height\":1,\"caption\":\"Dataplugs Limited\"},\"image\":{\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/dataplugs\/\",\"https:\/\/twitter.com\/dataplugs\",\"https:\/\/www.instagram.com\/dataplugs\/\",\"https:\/\/www.linkedin.com\/company\/dataplugs-limited\"]},{\"@type\":\"LocalBusiness\",\"@id\":\"https:\/\/dp2024.sim-dp.com\/en\/#\/schema\/person\/e48945e9052e7ca2a4fdc384c4cb4086\",\"name\":\"Dataplugs Limited\",\"image\":\"https:\/\/www.dataplugs.com\/wp-content\/uploads\/2018\/06\/logo_en.png\",\"telephone\":\"+852 3959 1888\",\"address\":{\"@type\":\"PostalAddress\",\"streetAddress\":\"Suite 3602, 36\/F., AIA Kowloon Tower, 100 How Ming Street, Kwun Tong, Kowloon, Hong Kong\",\"addressLocality\":\"Hong Kong\",\"addressCountry\":\"HK\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Harden WordPress - Advanced Steps | Dataplugs","description":"In the previous article, we talked about the essential steps to harden WordPress. Today, we will present you with more advanced steps to further reduce","robots":{"index":"index","follow":"follow"},"canonical":"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/","og_locale":"en_US","og_type":"article","og_title":"How to Harden WordPress - Advanced Steps | Dataplugs","og_description":"In the previous article, we talked about the essential steps to harden WordPress. Today, we will present you with more advanced steps to further reduce","og_url":"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/","og_site_name":"Dataplugs","article_publisher":"https:\/\/www.facebook.com\/dataplugs\/","article_published_time":"2023-04-28T03:19:00+00:00","article_modified_time":"2023-04-28T03:21:20+00:00","author":"Debbie Ng","twitter_card":"summary_large_image","twitter_creator":"@dataplugs","twitter_site":"@dataplugs","twitter_misc":{"Written by":"Debbie Ng","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/#article","isPartOf":{"@id":"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/"},"author":{"name":"Debbie Ng","@id":"https:\/\/dp2024.sim-dp.com\/en\/#\/schema\/person\/e48945e9052e7ca2a4fdc384c4cb4086"},"headline":"How to Harden WordPress – Advanced Steps","datePublished":"2023-04-28T03:19:00+00:00","dateModified":"2023-04-28T03:21:20+00:00","mainEntityOfPage":{"@id":"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/"},"wordCount":358,"publisher":{"@id":"https:\/\/dp2024.sim-dp.com\/en\/#organization"},"articleSection":["Industry News"],"inLanguage":"en-US","about":{"@id":"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/"},"thumbnailUrl":"https:\/\/dp2024.sim-dp.com\/wp-content\/uploads\/2023\/04\/blog-750x410-2023-04-28.jpg"},{"@type":"WebPage","@id":"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/","url":"https:\/\/dp2024.sim-dp.com\/wp-content\/uploads\/2023\/04\/blog-750x410-2023-04-28.jpg","name":"How to Harden WordPress - Advanced Steps | Dataplugs","isPartOf":{"@id":"https:\/\/dp2024.sim-dp.com\/en\/#website"},"datePublished":"2023-04-28T03:19:00+00:00","dateModified":"2023-04-28T03:21:20+00:00","description":"In the previous article, we talked about the essential steps to harden WordPress. Today, we will present you with more advanced steps to further reduce","breadcrumb":{"@id":"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/"]}],"contentUrl":"https:\/\/dp2024.sim-dp.com\/wp-content\/uploads\/2023\/04\/blog-750x410-2023-04-28.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/dp2024.sim-dp.com\/en\/how-to-harden-wordpress-advanced-steps\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/dp2024.sim-dp.com\/en\/"},{"@type":"ListItem","position":2,"name":"How to Harden WordPress – Advanced Steps"}]},{"@type":"WebSite","@id":"https:\/\/dp2024.sim-dp.com\/en\/#website","url":"https:\/\/dp2024.sim-dp.com\/en\/","name":"Dataplugs","description":"","publisher":{"@id":"https:\/\/dp2024.sim-dp.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/dp2024.sim-dp.com\/en\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/dp2024.sim-dp.com\/en\/#organization","name":"Dataplugs Limited","url":"https:\/\/dp2024.sim-dp.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/dp2024.sim-dp.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/dp2024.sim-dp.com\/wp-content\/uploads\/2021\/09\/logo_en-1.png","contentUrl":"https:\/\/dp2024.sim-dp.com\/wp-content\/uploads\/2021\/09\/logo_en-1.png","width":1,"height":1,"caption":"Dataplugs Limited"},"image":{"@id":"https:\/\/dp2024.sim-dp.com\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/dataplugs\/","https:\/\/twitter.com\/dataplugs","https:\/\/www.instagram.com\/dataplugs\/","https:\/\/www.linkedin.com\/company\/dataplugs-limited"]},{"@type":"LocalBusiness","@id":"https:\/\/dp2024.sim-dp.com\/en\/#\/schema\/person\/e48945e9052e7ca2a4fdc384c4cb4086","name":"Dataplugs Limited","image":"https:\/\/www.dataplugs.com\/wp-content\/uploads\/2018\/06\/logo_en.png","telephone":"+852 3959 1888","address":{"@type":"PostalAddress","streetAddress":"Suite 3602, 36\/F., AIA Kowloon Tower, 100 How Ming Street, Kwun Tong, Kowloon, Hong Kong","addressLocality":"Hong Kong","addressCountry":"HK"}}]}},"_links":{"self":[{"href":"https:\/\/dp2024.sim-dp.com\/en\/wp-json\/wp\/v2\/posts\/45058"}],"collection":[{"href":"https:\/\/dp2024.sim-dp.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dp2024.sim-dp.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dp2024.sim-dp.com\/en\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/dp2024.sim-dp.com\/en\/wp-json\/wp\/v2\/comments?post=45058"}],"version-history":[{"count":24,"href":"https:\/\/dp2024.sim-dp.com\/en\/wp-json\/wp\/v2\/posts\/45058\/revisions"}],"predecessor-version":[{"id":45086,"href":"https:\/\/dp2024.sim-dp.com\/en\/wp-json\/wp\/v2\/posts\/45058\/revisions\/45086"}],"wp:attachment":[{"href":"https:\/\/dp2024.sim-dp.com\/en\/wp-json\/wp\/v2\/media?parent=45058"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dp2024.sim-dp.com\/en\/wp-json\/wp\/v2\/categories?post=45058"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dp2024.sim-dp.com\/en\/wp-json\/wp\/v2\/tags?post=45058"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}