Rate this article :
This article was useful to you ?
Yes
No
Vous avez noté 0 étoile(s)
Sommaire
Procédure
Securing your website is a top priority for all website owners. At LWS, we offer a simple yet powerful solution for managing the security of your WordPress site: WP Manager. In this article, we'll go over the different security options you can configure with WP Manager.
First, you need to log in to your LWS account and access the shared hosting where you want to manage the installed WordPress instances.
Then click on"WP Manager" in the"Software" section of your web hosting.
Then click on the"Manage" button for the site whose security you wish to manage.
Once you are in the WordPress installation management, click on the"Security" tab to view the list of security features that can be configured on your WordPress instance:
The general security settings in WP Manager allow you to optimize the operation of your site while improving its security. Here are the options you can set:
LWS WP Manager gives you access to a series of htaccess rules and other advanced security measures to ensure optimum protection of your WordPress site.
WP Manager offers 3 pre-configured security levels, details of which can be found below:
Security parameter |
Level 1 (basic security) |
Level 2 (Recommended) |
Level 3 (Paranoid mode) |
Using WordPress Crons | ✔ | ✔ | ✔ |
Visibility on search engines | |||
Debug mode | |||
Force https | ✔ | ✔ | ✔ |
Restrict access to files and folders | ✔ | ✔ | ✔ |
Deactivate the listing of files in folders without an index | ✔ | ✔ | ✔ |
Block unauthorised access to the xmlrpc.php file | ✔ | ✔ | ✔ |
Block downloading of .sql files | ✔ | ✔ | ✔ |
Block access to readme and license files | ✔ | ✔ | ✔ |
Block access to .htaccess and .htpasswd files | ✔ | ✔ | |
Disable pingbacks | ✔ | ||
Disable file editing in the WordPress dashboard | ✔ | ✔ | |
Hide author ID | ✔ | ✔ | |
Prohibit the execution of PHP scripts in the wp-content/uploads directory | ✔ | ✔ | |
Disable script concatenation for the WordPress admin panel | ✔ | ||
Block access to the comment page for browsers without UserAgent or Referer | ✔ | ||
Block access to sensitive files | ✔ | ||
Enable protection against robots | ✔ | ✔ |
The "custom" security level allows you to enable or disable the settings of your choice.
Once you have accessed the list of security features, click on the slider on the line of the feature you wish to enable or disable.
If the slider is grey, then the feature is inactive. Conversely, if the slider is green, then the feature is currently active.
A WordPress integrity scan is a process that checks the integrity of the files in your WordPress installation. Essentially, it is a check of the structure and integrity of the main WordPress files, such as the WordPress core files, themes and installed plugins.
The main purpose of a WordPress integrity scan is to detect unwanted changes or corrupted files that could compromise the security or proper functioning of your website. This could include malicious files added by hackers, unauthorised modifications to the WordPress source code or accidental alterations that could occur during updates or plugin installations.
The WordPress integrity scan compares the files in your installation with a reference of the original files. If a difference is detected, this may indicate an unauthorised alteration or modification. In this case, you can take steps to resolve the problem, such as deleting the malicious files or restoring the original files from a backup.
In summary, a WordPress integrity scan is a verification process that ensures that the files in your WordPress installation have not been altered in any undesirable way, thus guaranteeing the security and integrity of your website.
The Change the salts of the WordPress configuration file button allows you to update the 4 unique authentication keys which encrypt the passwords in the wp-config.php file, which is located at the root of your site, on your FTP space.
But what are the 4 unique authentication keys?
The keys are generated automatically when WordPress is installed and are stored both in the database and in the wp-config.php configuration file.
In simpler terms, a secret key is a password with elements that make it more complicated to break through security barriers. Consequently, a password such as "password" or "try" is far too simple and too easy to find. A combination such as "88A7DA62429BA6AD3CB3C76A" is very difficult to crack.
You now know how to :
🛡️ Thanks to this article, you are now equipped to keep your WordPress site secure with disconcerting ease. Remember, prevention is the best defence against online threats!
✨ We hope this information helps you make the most of WP Manager's potential and ensure optimal protection for your WordPress site.
🙏 Thank you for taking the time to read this article. Please feel free to share your experiences or ask any questions you may have by leaving a comment below. Your feedback is valuable and helps us to continually improve our service.
Rate this article :
This article was useful to you ?
Yes
No
1mn reading
How do I search for Wordpress installations on my hosting?
1mn reading
How do I manage Wordpress users with WP Manager?
1mn reading
How do I manage updates to my Wordpress site using WP Manager?
1mn reading
How do I manage extensions and plugins with WP Manager?