Join Jeff Starr for an in-depth discussion in this video Protect the installation page, part of WordPress: Developing Secure Sites .
- [Narrator] In this video, you'll see how to…protect the WordPress installation file…using a variety of different methods.…Protecting the installation file is important…because if things go wrong on the server,…it could be used by an attacker to gain access to your site.…Here we are looking at the WordPress install.php file,…which is located in the wp-admin directory.…This file is used when installing WordPress…and should be removed or protected…after the installation process is complete.…There are three different ways to do this.…
Method 1, we can simply delete the file…after installing WordPress.…Method 2, we can deny access to the file using htaccess…or Method 3, we can replace the file…with something more useful.…Any of these methods takes only a minute…and works just fine.…Let's run through each of them.…Method 1, delete the file.…The first method is to just delete the file from the server.…There is no reason to keep it after WordPress is installed.…The only real downside to this approach is…that WordPress may replace the missing file…
Author
Jeff Starr
Released
9/16/2016- Backing up and restoring your site
- Setting up strong passwords
- Understanding users and roles
- Choosing trusted plugins and themes
- Changing and recovering passwords
- Configuring authentication keys
- Securing the login page
- Fighting spam in the comments
- Blocking access and detecting hacks
- Building a firewall for WordPress
- Detecting and blocking bots
- Auditing your WordPress security
Skill Level Intermediate
Duration
Views
-
Introduction
-
Welcome1m 3s
-
Using the exercise files2m 14s
-
-
1. Getting Started
-
Back up your site4m 6s
-
Restore your site5m 36s
-
Keep your site up to date4m 37s
-
-
2. Security Essentials
-
Implement strong passwords4m 28s
-
Understand users and roles3m 29s
-
Change and recover passwords3m 30s
-
Disable user registration2m 41s
-
-
3. Hardening WordPress
-
Prevent directory listings3m 59s
-
Remove version numbers3m 47s
-
Disable error display3m 7s
-
4. Improving Security with Plugins
-
Fight comment spam3m 25s
-
Secure your login page4m 34s
-
Stop user enumeration4m 50s
-
Monitor admin users4m 19s
-
Implement a firewall3m 6s
-
Block access6m 5s
-
Detect hacks7m 47s
-
-
5. Advanced Tips and Tricks
-
Stop file hotlinking4m 18s
-
Stop automated spam2m 32s
-
Control proxy access4m 21s
-
Control admin access4m 59s
-
-
6. Applying Best Practices
-
Choose a good host6m 16s
-
Further security techniques6m 55s
-
Conclusion
-
Next steps2m 9s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Protect the installation page