WordPress

This tutorial will cover secure ways to set up your WordPress site with Security Parameters and plugin recommendations. Keep in mind, this setup does not guarantee the site will be fully Secure. We highly recommend that you update plugins regularly and update admin passwords with complexity regularly.

Click on the WordPress Manger
New Site
1) Create a Sub folder Directory. Please avoid using the Default WordPress Folder Directory.

  1. Create a Sub-folder Directory. Please avoid using the Default WordPress Folder Directory.
  2. Fill out the rest of Fields to set up WordPress. (Please use a complex password for Security)
  3. Please avoid using the Default Table Prefix WP and create a simple Table Prefix.
  4. Head over to http://yourdomain.tld/subfolder and Complete the installation.  

Ensure that you are on the root directory of your site and then click on settings.

Enable the Show Hidden File(dotfiles)

Head over to the sub directory that the WordPress installation was installed.

And then select the .htaccess and the index.php file.

 

Move the file over to the root directory

Now that those files have been moved over. Select and edit the index.php file.

Find require( dirname( FILE ) . ‘/wp-blog-header.php’ );

Then add the sub directory name as show below and then save the file.

require( dirname( FILE ) . ‘/mysite/wp-blog-header.php’ );

Login to the WordPress Dashboard. http://your-domain-name.tld/sub-directory/wp-login.php

Remove the sub directory from Site Address (URL)

This pretty much finalizes the the extensive install. However, we also recommend that you install the following plugins for security.

WordPress Plugins Recommendations

  1. Force Strong Passwords​
  2. WPS Hide Login (do not make it a guessable URL!)
  3. A two factor authentication login – miniorange is a good one.
  4. Wordfence