{"id":6697,"date":"2025-02-03T14:18:41","date_gmt":"2025-02-03T08:48:41","guid":{"rendered":"https:\/\/www.veeble.com\/kb\/?p=6697"},"modified":"2025-04-30T12:23:46","modified_gmt":"2025-04-30T06:53:46","slug":"how-to-improve-wordpress-security","status":"publish","type":"post","link":"https:\/\/www.veeble.com\/kb\/how-to-improve-wordpress-security\/","title":{"rendered":"How to improve WordPress security"},"content":{"rendered":"\n<div class=\"wp-block-uagb-image uagb-block-038a7e5b wp-block-uagb-image--layout-default wp-block-uagb-image--effect-static wp-block-uagb-image--align-none\"><figure class=\"wp-block-uagb-image__figure\"><a class=\"\" href=\"https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/01\/stephen-phillips-hostreviews-co-uk-zs98a0DtKL4-unsplash-scaled.jpg\" target=\"\" rel=\"noopener\"><img decoding=\"async\" srcset=\"https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/01\/stephen-phillips-hostreviews-co-uk-zs98a0DtKL4-unsplash-1024x683.jpg ,https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/01\/stephen-phillips-hostreviews-co-uk-zs98a0DtKL4-unsplash-scaled.jpg 780w, https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/01\/stephen-phillips-hostreviews-co-uk-zs98a0DtKL4-unsplash-scaled.jpg 360w\" sizes=\"auto, (max-width: 480px) 150px\" src=\"https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/01\/stephen-phillips-hostreviews-co-uk-zs98a0DtKL4-unsplash-1024x683.jpg\" alt=\"\" class=\"uag-image-6797\" width=\"742\" height=\"495\" title=\"stephen-phillips-hostreviews-co-uk-zs98a0DtKL4-unsplash\" loading=\"lazy\" role=\"img\"\/><\/a><\/figure><\/div>\n\n\n\n<p>WordPress is the backbone of most websites online, and thus it&#8217;s the go-to for bloggers, businesses, and developers. But its popularity also makes it a prime target for hackers. Securing your WordPress site is important for protecting your data, users, and reputation. Here are ten essential tips on how to improve WordPress security tailored for cPanel users with access to WordPress management tools. If you are looking for affordable WordPress hosting solutions, try checking out <a href=\"https:\/\/www.veeble.com\/in\/managed-wordpress\/\" target=\"_blank\" rel=\"noreferrer noopener\">Veeble hosting<\/a>.<\/p>\n\n\n\t\t\t\t<div class=\"wp-block-uagb-table-of-contents uagb-toc__align-left uagb-toc__columns-1  uagb-block-3a6c5f17      \"\n\t\t\t\t\tdata-scroll= \"1\"\n\t\t\t\t\tdata-offset= \"30\"\n\t\t\t\t\tstyle=\"\"\n\t\t\t\t>\n\t\t\t\t<div class=\"uagb-toc__wrap\">\n\t\t\t\t\t\t<div class=\"uagb-toc__title\">\n\t\t\t\t\t\t\tTable Of Contents\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"uagb-toc__list-wrap \">\n\t\t\t\t\t\t<ol class=\"uagb-toc__list\"><li class=\"uagb-toc__list\"><a href=\"#1-update-your-site\" class=\"uagb-toc-link__trigger\">1. Update your Site<\/a><li class=\"uagb-toc__list\"><a href=\"#2-enable-a-safelist-and-blocklist-for-the-admin-page\" class=\"uagb-toc-link__trigger\">2. Enable a Safelist and Blocklist for the Admin   Page<\/a><li class=\"uagb-toc__list\"><a href=\"#3-use-trusted-wordpress-themes\" class=\"uagb-toc-link__trigger\">3. Use Trusted WordPress Themes<\/a><li class=\"uagb-toc__list\"><a href=\"#4-install-an-ssl-certificate\" class=\"uagb-toc-link__trigger\">4. Install an SSL Certificate<\/a><li class=\"uagb-toc__list\"><a href=\"#5-two-factor-authentication-2fa\" class=\"uagb-toc-link__trigger\">5. Two-Factor Authentication (2FA)<\/a><li class=\"uagb-toc__list\"><a href=\"#6-regular-backups\" class=\"uagb-toc-link__trigger\">6. Regular Backups<\/a><li class=\"uagb-toc__list\"><a href=\"#7-regularly-scan-your-site-for-malware\" class=\"uagb-toc-link__trigger\">7. Regularly Scan Your Site for Malware<\/a><li class=\"uagb-toc__list\"><a href=\"#8-disable-file-editing\" class=\"uagb-toc-link__trigger\">8. Disable File Editing<\/a><li class=\"uagb-toc__list\"><a href=\"#9-hide-wordpress-version\" class=\"uagb-toc-link__trigger\">9. Hide WordPress Version<\/a><li class=\"uagb-toc__list\"><a href=\"#10-block-hotlinking-from-other-websites\" class=\"uagb-toc-link__trigger\">10. Block Hotlinking from Other Websites<\/a><li class=\"uagb-toc__list\"><a href=\"#conclusion\" class=\"uagb-toc-link__trigger\">Conclusion<\/a><ul class=\"uagb-toc__list\"><li class=\"uagb-toc__list\"><a href=\"#secure-windows-hosting-with-ssl\" class=\"uagb-toc-link__trigger\">Secure Windows Hosting with SSL<\/a><\/ul><\/ol>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-12459a36\"><h2 class=\"uagb-heading-text\">1. Update your Site <\/h2><\/div>\n\n\n\n<p class=\"has-text-align-left\">Using cPanel&#8217;s WordPress Manager, you can quickly keep your WordPress core, themes, and plugins updated. With the WordPress Toolkit in cPanel, you can enable automated updates for all the components, thereby ensuring that your site is kept secure against any known vulnerabilities.<\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-13e85716\"><h2 class=\"uagb-heading-text\"><strong>2. Enable a Safelist and Blocklist for the Admin   Page<\/strong> <\/h2><\/div>\n\n\n\n<p>Restrict access to your WordPress admin page (wp-admin) using IP restrictions available in cPanel. Navigate to the &#8220;IP Blocker&#8221; tool to block unauthorized IP addresses. Alternatively, configure .htaccess rules in the File Manager to safelist specific IPs for accessing your admin page.<\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-25263bb3\"><h2 class=\"uagb-heading-text\"><strong>3. Use Trusted WordPress Themes<\/strong><\/h2><\/div>\n\n\n\n<p>Only download themes from trusted sources via the WordPress Manager in cPanel. You can upload certified themes directly via the WordPress Toolkit or the File Manager. You should avoid downloading from third-party sites that are not well known or reputable.<\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-591b65ea\"><h2 class=\"uagb-heading-text\"><strong>4. Install an SSL Certificate<\/strong><\/h2><\/div>\n\n\n\n<p>Installing an SSL certificate through cPanel is a simple process. You can use the &#8220;SSL\/TLS&#8221; tool or the &#8220;Let&#8217;s Encrypt SSL&#8221; feature to secure your website with HTTPS. Additionally, you can explore <a href=\"https:\/\/www.veeble.com\/in\/ssl\/\" target=\"_blank\" rel=\"noreferrer noopener\">Veeble&#8217;s SSL certificate options available on our website<\/a>. After the SSL is installed, you can enforce HTTPS redirection using the WordPress Toolkit or by editing the .htaccess file.<\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-d4c5b6a0\"><h2 class=\"uagb-heading-text\"><strong>5. Two-Factor Authentication (2FA)<\/strong><\/h2><\/div>\n\n\n\n<p>Many of the WordPress management tools that come bundled with cPanel support security plugins for implementing two-factor authentication. Use security plugins like <a href=\"https:\/\/support.google.com\/accounts\/answer\/1066447?hl=en&amp;co=GENIE.Platform%3DAndroid\" target=\"_blank\" rel=\"noopener\">Google Authenticator<\/a> to set up 2FA using the WordPress Manager in cPanel, which helps secure the login process. <\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-eff628dc\"><h2 class=\"uagb-heading-text\"><strong>6. Regular Backups<\/strong><\/h2><\/div>\n\n\n\n<p>cPanel provides you with backup options such as &#8220;Backup Wizard&#8221;  to back up your WordPress site. Set up automatic backups of files and databases so that you can recover your site in case of a security breach.<\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-a96295eb\"><h2 class=\"uagb-heading-text\"><strong>7. Regularly Scan Your Site for Malware<\/strong><\/h2><\/div>\n\n\n\n<p>cPanel includes ImunifyAV as a standard malware protection tool, helping detect potentially malicious files on your website. However, upgrading to Imunify360 provides enhanced security with features and seamless backup integration. These advanced protections help prevent attacks before they happen, ensuring your site remains secure. For WordPress users, <a href=\"https:\/\/www.veeble.com\/in\/managed-wordpress\/\">Veeble\u2019s hosting plans<\/a> come with Imunify360 as standard to safeguard your website from threats in real time. <\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-5083d949\"><h2 class=\"uagb-heading-text\"><strong>8. Disable File Editing<\/strong><\/h2><\/div>\n\n\n\n<p>To prevent unauthorized changes to your theme or plugin files, disable file editing using the WordPress Toolkit in cPanel. Alternatively, edit the wp-config.php file directly in the File Manager and add the following line:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><strong>define('DISALLOW_FILE_EDIT', true);<\/strong>     <strong>\/\/ Disable file editing<\/strong><\/code><\/pre>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-034f3c03\"><h2 class=\"uagb-heading-text\"><strong>9. Hide WordPress Version<\/strong><\/h2><\/div>\n\n\n\n<p>Hide your WordPress version to minimize exposure to targeted attacks. Many security plugins available through cPanel&#8217;s WordPress Manager include options to hide your WordPress version. Alternatively, you can add this code to your theme&#8217;s functions.php file:<\/p>\n\n\n\n<p><strong>\/\/ Remove WordPress version<\/strong><\/p>\n\n\n\n<p><strong>remove_action(&#8216;wp_head&#8217;, &#8216;wp_generator&#8217;);<\/strong><\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-cba78611\"><h2 class=\"uagb-heading-text\"><strong>10. Block Hotlinking from Other Websites<\/strong><\/h2><\/div>\n\n\n\n<p>Prevent other websites from consuming your bandwidth by blocking hotlinking. The &#8220;Hotlink Protection&#8221; feature in cPanel will also prevent direct linking to your images. This tool allows you to specify domains that can use your site&#8217;s resources.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-07-101254.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"340\" src=\"https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-07-101254-1024x340.jpg\" alt=\"\" class=\"wp-image-6947\" srcset=\"https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-07-101254-1024x340.jpg 1024w, https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-07-101254-300x100.jpg 300w, https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-07-101254-768x255.jpg 768w, https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-07-101254.jpg 1468w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n\n\n\n<div class=\"wp-block-uagb-image uagb-block-ea2a6068 wp-block-uagb-image--layout-default wp-block-uagb-image--effect-static wp-block-uagb-image--align-none\"><figure class=\"wp-block-uagb-image__figure\"><a class=\"\" href=\"https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-07-101447.png\" target=\"\" rel=\"noopener\"><img decoding=\"async\" srcset=\"https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-07-101447-1024x239.png ,https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-07-101447.png 780w, https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-07-101447.png 360w\" sizes=\"auto, (max-width: 480px) 150px\" src=\"https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/02\/Screenshot-2025-02-07-101447-1024x239.png\" alt=\"\" class=\"uag-image-6948\" width=\"1576\" height=\"368\" title=\"Screenshot 2025-02-07 101447\" loading=\"lazy\" role=\"img\"\/><\/a><\/figure><\/div>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-8303c067\"><h2 class=\"uagb-heading-text\"><strong>Conclusion<\/strong><\/h2><\/div>\n\n\n\n<p>Secure your WordPress site using the management tools of cPanel to provide a quick and effective way of having strong protection. The following ten steps will help minimize the risk of security breaches and give your users a safe browsing experience. Remember, vigilance is the watchword for a secure website.<\/p>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<div class=\"wp-block-uagb-call-to-action uagb-block-ec339f42 wp-block-button\"><div class=\"uagb-cta__wrap\"><h3 class=\"uagb-cta__title\">Secure Windows Hosting with SSL<\/h3><p class=\"uagb-cta__desc\">Protect your site and visitors with our secure Windows hosting, including free SSL certificates. Reliable and safe!<\/p><\/div><div class=\"uagb-cta__buttons\"><a href=\"https:\/\/www.veeble.com\/in\/windows-hosting\/\" class=\"uagb-cta__button-link-wrapper wp-block-button__link\" target=\"_blank\" rel=\"noopener noreferrer\">Start Hosting<svg xmlns=\"https:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 512 512\"><path d=\"M504.3 273.6l-112.1 104c-6.992 6.484-17.18 8.218-25.94 4.406c-8.758-3.812-14.42-12.45-14.42-21.1L351.9 288H32C14.33 288 .0002 273.7 .0002 255.1S14.33 224 32 224h319.9l0-72c0-9.547 5.66-18.19 14.42-22c8.754-3.809 18.95-2.075 25.94 4.41l112.1 104C514.6 247.9 514.6 264.1 504.3 273.6z\"><\/path><\/svg><\/a><\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>WordPress is the backbone of most websites online, and thus it&#8217;s the go-to for bloggers, businesses, and developers. But its popularity also makes it [&hellip;]<\/p>\n","protected":false},"author":14,"featured_media":6797,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[29],"tags":[],"class_list":["post-6697","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-wordpress"],"uagb_featured_image_src":{"full":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/01\/stephen-phillips-hostreviews-co-uk-zs98a0DtKL4-unsplash-scaled.jpg",2560,1707,false],"thumbnail":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/01\/stephen-phillips-hostreviews-co-uk-zs98a0DtKL4-unsplash-150x150.jpg",150,150,true],"medium":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/01\/stephen-phillips-hostreviews-co-uk-zs98a0DtKL4-unsplash-300x200.jpg",300,200,true],"medium_large":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/01\/stephen-phillips-hostreviews-co-uk-zs98a0DtKL4-unsplash-768x512.jpg",768,512,true],"large":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/01\/stephen-phillips-hostreviews-co-uk-zs98a0DtKL4-unsplash-1024x683.jpg",1024,683,true],"1536x1536":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/01\/stephen-phillips-hostreviews-co-uk-zs98a0DtKL4-unsplash-1536x1024.jpg",1536,1024,true],"2048x2048":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2025\/01\/stephen-phillips-hostreviews-co-uk-zs98a0DtKL4-unsplash-2048x1365.jpg",2048,1365,true]},"uagb_author_info":{"display_name":"Jeevan Kurian","author_link":"https:\/\/www.veeble.com\/kb\/author\/jeevan\/"},"uagb_comment_info":0,"uagb_excerpt":"WordPress is the backbone of most websites online, and thus it&#8217;s the go-to for bloggers, businesses, and developers. But its popularity also makes it [&hellip;]","_links":{"self":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts\/6697","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/comments?post=6697"}],"version-history":[{"count":12,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts\/6697\/revisions"}],"predecessor-version":[{"id":8805,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts\/6697\/revisions\/8805"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/media\/6797"}],"wp:attachment":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/media?parent=6697"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/categories?post=6697"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/tags?post=6697"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}