This tutorial will cover secure ways to set up your WordPress site with Security Parameters and plugin recommendations. Keep in mind, this setup does not guarantee the site will be fully Secure. We highly recommend that you update plugins regularly and update admin passwords with complexity regularly.
- Create a Sub-folder Directory. Please avoid using the Default WordPress Folder Directory.
- Fill out the rest of Fields to set up WordPress. (Please use a complex password for Security)
- Please avoid using the Default Table Prefix WP and create a simple Table Prefix.
- Head over to http://yourdomain.tld/subfolder and Complete the installation.
Ensure that you are on the root directory of your site and then click on settings.
Head over to the sub directory that the WordPress installation was installed.
Move the file over to the root directory
Now that those files have been moved over. Select and edit the index.php file.
Then add the sub directory name as show below and then save the file.
require( dirname( FILE ) . ‘/mysite/wp-blog-header.php’ );
Login to the WordPress Dashboard. http://your-domain-name.tld/sub-directory/wp-login.php
Remove the sub directory from Site Address (URL)
This pretty much finalizes the the extensive install. However, we also recommend that you install the following plugins for security.
WordPress Plugins Recommendations
- Force Strong Passwords
- WPS Hide Login (do not make it a guessable URL!)
- A two factor authentication login – miniorange is a good one.
- Wordfence