Atlassian uses cookies to improve your browsing experience, perform analytics and research, and conduct advertising. Accept all cookies to indicate that you agree to our use of cookies on your device. Atlassian cookies and tracking notice, (opens new window)
Documentation
Results will update as you type.
  • Application Hosting
  • Business Voice
  • Residential Internet
  • Residential Voice
  • Web Hosting
    • Access Logs
    • Databases
    • Web Hosting DNS
    • Domain Management
    • Email
    • File Management
    • Security
    • Wordpress
      • How to Add a Post in WordPress
      • How to Change a Theme in WordPress
      • How to Change Your WordPress Password
      • How to Create a New Page in WordPress
      • How to Create a New WordPress User
      • How to Customize Your Theme
      • How to Display Social Media Links on Your WordPress Site
      • How to Identify What Database is Assigned to Which WordPress Site From cPanel
      • How to Install a Plugin
      • How to Install WordPress using WP-Toolkit
      • How to Login to Your WordPress Dashboard
      • How to Make Updates in WordPress
      • How to Manually Install WordPress
      • How to Password Protect a WordPress Page or Post
      • How to Reset Your WordPress Password From cPanel
      • How to Resize Images in Your WordPress Media Library
      • Suggested Plugins for every WordPress Site
      • Troubleshooting the White Screen of Death Error in WordPress
      • Understanding the WordPress Dashboard
      • WordPress Security
    • How to Login to cPanel
    • How to reset your cPanel Password
  • Zimbra
  • Support Portal
  • Colocation
    You‘re viewing this with anonymous access, so some content might be blocked.
    /
    WordPress Security
    Published Jul 30, 2024

      WordPress Security

      If you are using WordPress, then you need to be aware that improper use of the WordPress software can leave you vulnerable to unscrupulous hackers. Once a hacker gains control of your website, he can add links, change content, change passwords, and even use your site as a spam engine, sending tens of thousands of spam email--and ultimately blacklisting your domain.

      You can increase the security of your website by following the security measures listed below. If you have any questions concerning any of these suggestions, please, contact one of our support engineers at Voonami. We will be happy to assist you.

      1. Install the All In One Wp Security Plugin
        The All In One WP Security plugin is an easy way to quickly asses and manage your site’s security. It is any easy plugin to use. Once installed, a WP Security link will appear in the WordPress main menu. Taking the time to check each of the items in the WP Security menu will vastly increase your site’s overall security.

      NOTE: Some items suggest backing-up your website before making a security improvement. Make sure to back up your website when the product suggests you do so first.

      1. Install the BackWPUp Plugin
        The BackWPUp plugin is an easy way to create—and even schedule—backups of your website. You should be backing-up your site regularly depending on how often you add new content to your site.
            In some cases, a complete recovery of your site may be your only option.

      2. Select Strong Usernames and Passwords
        When you create accounts for WordPress, do not use “admin” as a username. Furthermore, select a strong password. You can use a site like http://passwordsgenerator.net/  to help you generate a password.
           Yes, these passwords are difficult to remember. That also means they are more difficult to hack.
           Lastly, do not use the same username and password combination for multiple sites.

      3. Keep WordPress Up to Date
        Make sure to update your install of WordPress whenever it is available. WordPress is constantly working to plug holes and strengthen the security of their software. These changes are released as updates. If you login and see that your software can be updated, update it.

      NOTE: Updating your software may possibly affect custom coding changes you have made or possibly affect the functionality of any plugins you are using. It is always wise to backup your site before updating.

      1. Use Plugins Carefully
        Use only validated plugins--plugins that appear within the WordPress plugin search and that have a large number of users. Also, do a search for "plugin-name review" and see what people are saying. Do not blindly add any plugin--it would be the ultimate Trojan horse. Do your research. 
           Lastly, remember to keep plugins up to date and to delete any plugins that you are not currently using.

      2. Robots.txt
        Use the following code for the robots.txt file. It will prevent search engine bots from cataloging important WordPress files that pose security risks.:

      User-agent: *

      Disallow: /cgi-bin
      Disallow: /wp-admin
      Disallow: /wp-includes
      Disallow: /wp-content/plugins
      Disallow: /wp-content/cache
      Disallow: /wp-content/themes
      Disallow: /trackback
      Disallow: /feed
      Disallow: /comments
      Disallow: /category/*/*
      Disallow: */trackback
      Disallow: */feed
      Disallow: */comments
      Disallow: /*?*
      Disallow: /*?
      Allow: /wp-content/uploads

      1. Additional Resources
        The following link includes a few other resources you may want to consider:

      10 WordPress Plugins to Harden Website's Security

      Hardening WordPress – Advanced Administration Handbook | Developer.WordPress.org

      {"serverDuration": 61, "requestCorrelationId": "debab8bcfba14246b7522249ed5ff329"}