WordPress Security: How to Secure & Protect WordPress (2024 Guide)

<!DOCTYPE html> <html lang="en-US"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, viewport-fit=cover" /> <meta name='robots' content='index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1' />  <title>WordPress Security: How to Secure & Protect WordPress (2024 Guide)</title> <meta name="description" content="Learn how to secure and harden your WordPress site with best practices, tips, instructions and plugins to protect your WP site from attacks and hackers." /> <link rel="canonical" href="https://sucuri.net/guides/wordpress-security/" /> <meta property="og:locale" content="en_US" /> <meta property="og:type" content="article" /> <meta property="og:title" content="WordPress Security Guide" /> <meta property="og:description" content="Learn how to secure and harden your WordPress site with best practices, tips, instructions and plugins to protect your WP site from attacks and hackers." /> <meta property="og:url" content="https://sucuri.net/guides/wordpress-security/" /> <meta property="og:site_name" content="Sucuri" /> <meta property="article:publisher" content="https://www.facebook.com/SucuriSecurity" /> <meta property="article:modified_time" content="2024-04-24T22:30:31+00:00" /> <meta property="og:image" content="https://sucuri.net/wp-content/uploads/2023/02/2022_Sucuri_Guide_Wordpress-Security-Guide.png" /> <meta property="og:image:width" content="2048" /> <meta property="og:image:height" content="962" /> <meta property="og:image:type" content="image/png" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:site" content="@sucurisecurity" /> <meta name="twitter:label1" content="Est. reading time" /> <meta name="twitter:data1" content="31 minutes" />  <link rel='dns-prefetch' href='//cdn.jsdelivr.net' /> <link rel='dns-prefetch' href='//cdnjs.cloudflare.com' /> <link rel="alternate" type="application/rss+xml" title="Sucuri » Feed" href="https://sucuri.net/feed/" /> <link rel="alternate" type="application/rss+xml" title="Sucuri » Comments Feed" href="https://sucuri.net/comments/feed/" /> <script type="text/javascript"> /* <![CDATA[ */ window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/sucuri.net\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.6.2"}}; /*! This file is auto-generated */ !function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every(function(e,t){return e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!n(e,"\ud83d\udc26\u200d\u2b1b","\ud83d\udc26\u200b\u2b1b")}return!1}function f(e,t,n){var r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"});return void(a.onmessage=function(e){c(n=e.data),a.terminate(),t(n)})}catch(e){}c(n=f(s,u,p))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings); /* ]]> */ </script> <style id='wp-emoji-styles-inline-css' type='text/css'> img.wp-smiley, img.emoji { display: inline !important; border: none !important; box-shadow: none !important; height: 1em !important; width: 1em !important; margin: 0 0.07em !important; vertical-align: -0.1em !important; background: none !important; padding: 0 !important; } </style> <link rel='stylesheet' id='wp-components-css' href='https://sucuri.net/wp-includes/css/dist/components/style.min.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='wp-preferences-css' href='https://sucuri.net/wp-includes/css/dist/preferences/style.min.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='wp-block-editor-css' href='https://sucuri.net/wp-includes/css/dist/block-editor/style.min.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='wp-reusable-blocks-css' href='https://sucuri.net/wp-includes/css/dist/reusable-blocks/style.min.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='wp-patterns-css' href='https://sucuri.net/wp-includes/css/dist/patterns/style.min.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='wp-editor-css' href='https://sucuri.net/wp-includes/css/dist/editor/style.min.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='sucuri_framework-cgb-style-css-css' href='https://sucuri.net/wp-content/mu-plugins/sucuri-framework/dist/blocks.style.build.css?ver=1645707241' type='text/css' media='all' /> <style id='classic-theme-styles-inline-css' type='text/css'> /*! This file is auto-generated */ .wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none} </style> <style id='global-styles-inline-css' type='text/css'> :root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #fff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--color--green: #12A94B;--wp--preset--color--secondary-green: #41BA6E;--wp--preset--color--tertiary-green: #94D8AD;--wp--preset--color--blue: #2188AB;--wp--preset--color--secondary-blue: #6EB1C8;--wp--preset--color--tertiary-blue: #9AC9D8;--wp--preset--color--teal: #2D7A6D;--wp--preset--color--secondary-teal: #76A8A0;--wp--preset--color--tertiary-teal: A0C3BD;--wp--preset--color--darkblue: #0E406A;--wp--preset--color--secondary-darkblue: #61829D;--wp--preset--color--tertiary-dark-blue: #91A8BB;--wp--preset--color--red: #EA3232;--wp--preset--color--secondary-red: #F17070;--wp--preset--color--tertiary-red: #F5A2A2;--wp--preset--color--yellow: #F6DA23;--wp--preset--color--secondary-yellow: #F9E66F;--wp--preset--color--tertiary-yellow: #FAEE9B;--wp--preset--color--gray: #5D5D5D;--wp--preset--color--secondary-gray: #959595;--wp--preset--color--tertiary-gray: #B5B5B5;--wp--preset--color--form-gray: #D3D3D3;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}:where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;} :where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;} :where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;} :root :where(.wp-block-pullquote){font-size: 1.5em;line-height: 1.6;} </style> <link rel='stylesheet' id='slick-css-css' href='https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='sucuriwp-style-css' href='https://sucuri.net/wp-content/themes/sucuriwp/style.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='sucuriwp-theme-css' href='https://sucuri.net/wp-content/themes/sucuriwp/css/style.css?ver=1731466407' type='text/css' media='all' /> <link rel='stylesheet' id='elementor-frontend-css' href='https://sucuri.net/wp-content/uploads/elementor/css/custom-frontend.min.css?ver=1731961065' type='text/css' media='all' /> <link rel='stylesheet' id='widget-image-css' href='https://sucuri.net/wp-content/plugins/elementor/assets/css/widget-image.min.css?ver=3.25.4' type='text/css' media='all' /> <link rel='stylesheet' id='widget-nav-menu-css' href='https://sucuri.net/wp-content/uploads/elementor/css/custom-pro-widget-nav-menu.min.css?ver=1731961065' type='text/css' media='all' /> <link rel='stylesheet' id='swiper-css' href='https://sucuri.net/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6' type='text/css' media='all' /> <link rel='stylesheet' id='e-swiper-css' href='https://sucuri.net/wp-content/plugins/elementor/assets/css/conditionals/e-swiper.min.css?ver=3.25.4' type='text/css' media='all' /> <link rel='stylesheet' id='elementor-post-8778-css' href='https://sucuri.net/wp-content/uploads/elementor/css/post-8778.css?ver=1731961065' type='text/css' media='all' /> <link rel='stylesheet' id='e-popup-style-css' href='https://sucuri.net/wp-content/plugins/elementor-pro/assets/css/conditionals/popup.min.css?ver=3.25.2' type='text/css' media='all' /> <link rel='stylesheet' id='widget-heading-css' href='https://sucuri.net/wp-content/plugins/elementor/assets/css/widget-heading.min.css?ver=3.25.4' type='text/css' media='all' /> <link rel='stylesheet' id='widget-text-editor-css' href='https://sucuri.net/wp-content/plugins/elementor/assets/css/widget-text-editor.min.css?ver=3.25.4' type='text/css' media='all' /> <link rel='stylesheet' id='widget-menu-anchor-css' href='https://sucuri.net/wp-content/plugins/elementor/assets/css/widget-menu-anchor.min.css?ver=3.25.4' type='text/css' media='all' /> <link rel='stylesheet' id='widget-code-highlight-css' href='https://sucuri.net/wp-content/plugins/elementor-pro/assets/css/widget-code-highlight.min.css?ver=3.25.2' type='text/css' media='all' /> <link rel='stylesheet' id='elementor-post-9115-css' href='https://sucuri.net/wp-content/uploads/elementor/css/post-9115.css?ver=1731962927' type='text/css' media='all' /> <link rel='stylesheet' id='elementor-post-10522-css' href='https://sucuri.net/wp-content/uploads/elementor/css/post-10522.css?ver=1731961666' type='text/css' media='all' /> <link rel='stylesheet' id='elementor-post-10539-css' href='https://sucuri.net/wp-content/uploads/elementor/css/post-10539.css?ver=1731961065' type='text/css' media='all' /> <link rel='stylesheet' id='google-fonts-1-css' href='https://fonts.googleapis.com/css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CTitillium+Web%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6.2' type='text/css' media='all' /> <link rel="preconnect" href="https://fonts.gstatic.com/" crossorigin><script type="text/javascript" src="https://sucuri.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1" id="jquery-core-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1" id="jquery-migrate-js"></script> <link rel="https://api.w.org/" href="https://sucuri.net/wp-json/" /><link rel="alternate" title="JSON" type="application/json" href="https://sucuri.net/wp-json/wp/v2/guides/9115" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://sucuri.net/xmlrpc.php?rsd" /> <link rel='shortlink' href='https://sucuri.net/?p=9115' /> <link rel="alternate" title="oEmbed (JSON)" type="application/json+oembed" href="https://sucuri.net/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fsucuri.net%2Fguides%2Fwordpress-security%2F" /> <link rel="alternate" title="oEmbed (XML)" type="text/xml+oembed" href="https://sucuri.net/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fsucuri.net%2Fguides%2Fwordpress-security%2F&format=xml" /> <script type='text/javascript'>/*<![CDATA[*/(function(n,d,c){d.setTime(d.getTime()+2592000000);c=(new RegExp('[?&]'+n+'=([^&#]*)','i')).exec(window.location.search);if(c=c?c[1]:null)document.cookie=n+'='+c+';expires='+d.toUTCString()+';domain=.sucuri.net;path=/';})('cjevent',new Date());/*]]>*/</script><script src="https://tags.tiqcdn.com/utag/gpl/sucuri/prod/utag.sync.js"></script><script type="application/ld+json"> { "@context": "https://schema.org", "@type": "HowTo", "name": "How to Secure a WordPress Site", "step": [{ "@type": "HowToStep", "name": "Patch WordPress Software Vulnerabilities", "text": "The WordPress security team works diligently to provide important security updates and vulnerability patches. However, the use of third-party plugins and themes and other website software exposes users to additional security threats. By regularly installing the latest versions of core WordPress files and extensions, you can ensure that your website possesses all of the prevailing security patches and your WordPress site is more secure.", "url": "https://sucuri.net/guides/wordpress-security/#Step-1" }, { "@type": "HowToStep", "name": "Limit Access to Your WordPress Site", "text": "Attackers frequently exploit weak user credentials to obtain access to WordPress websites. Locking down your WP Admin access can prevent hacking and secure your WordPress site. By default WordPress does not limit access to the login page of your admin panel which renders it particularly vulnerable to brute-force attacks. Restricting access to this page is one of the most effective things you can do to help secure your website and reduce risk.", "url": "https://sucuri.net/guides/wordpress-security/#Step-2" }, { "@type": "HowToStep", "name": "Set Up WordPress Monitoring & Detection", "text": "In the field of Information Security (InfoSec) we like to use the phrase defense in depth. To appreciate this ideology, you have to subscribe to a very simple principle: There is no 100% complete solution capable of protecting any environment. In this section, we’ve listed a number of solutions you can employ on your WordPress website to provide an effective defense in depth strategy. By layering these defensive controls, you’ll be able to identify and mitigate attacks against your website.", "url": "https://sucuri.net/guides/wordpress-security/#Step-3" }, { "@type": "HowToStep", "name": "Harden Your WordPress Site", "text": "The .htaccess file is what most vendors will modify when they say they are hardening your WordPress environment. This critical configuration file is specific for web servers running on Apache. If you’re running your WordPress instance on a LAMP stack using Apache, then we recommend hardening your site by updating your .htaccess file with the following rules.", "url": "https://sucuri.net/guides/wordpress-security/#Step-5" }, { "@type": "HowToStep", "name": "Protect WordPress With a Firewall", "text": "One of the easiest ways to protect your WordPress website from hackers is to employ the use of a Web Application Firewall (WAF) like the Sucuri Firewall. Website firewalls work to identify, filter, and block malicious traffic from reaching your site. All HTTP/HTTPS traffic is inspected. If a malicious bot or hacker tool attempts an attack, the website firewall blocks it automatically to protect your WordPress website before it even reaches your server.", "url": "https://sucuri.net/guides/wordpress-security/#Step-5" }, { "@type": "HowToStep", "name": "Implement SSL & HTTPS", "text": "SSL certificates has become imperative for WordPress in recent years, not only for securely transmitting information to and from your website, but also to increase visibility and rankings. At a basic level, SSL allows a website to be accessed over HTTPS, which encrypts the data sent between visitors and web servers to keep it safe. Since 2014, SSL has been a ranking signal for SEO and Google has now started to flag non-HTTPS websites that transmit password and credit card data.", "url": "https://sucuri.net/guides/wordpress-security/#Step-6" }] } </script> <script type="application/ld+json"> { "@context": "https://schema.org", "@type": "FAQPage", "mainEntity": [{ "@type": "Question", "name": "Is WordPress secure?", "acceptedAnswer": { "@type": "Answer", "text": "The question of whether WordPress is secure or not depends entirely on your website configuration and how closely you follow <a href='https://sucuri.net/guides/wordpress-security/#prowps'>WordPress security best practices</a>. Website security is about risk reduction. By following security best practices and employing a <a href='https://sucuri.net/website-firewall/wordpress-firewall/'>web application firewall</a>, you can harden and protect your website from threats and known vulnerabilities." } }, { "@type": "Question", "name": "How do I increase WordPress security?", "acceptedAnswer": { "@type": "Answer", "text": "WordPress website owners can increase their security by practicing strong password security and access control. You should keep all software and third-party components up to date with the latest security patches to prevent vulnerabilities, and employ proactive WordPress security principles for an effective defense strategy. We also encourage website owners to prevent attacks and protect their WordPress websites from hackers with a <a href='https://sucuri.net/website-firewall/wordpress-firewall'/>web application firewall (WAF)</a> that automatically blocks website attacks and hack" } }, { "@type": "Question", "name": "What WordPress plugins should I use?", "acceptedAnswer": { "@type": "Answer", "text": "The <a href='https://sucuri.net/wordpress-security-plugin/'>Sucuri Security WordPress plugin</a> offers a variety of helpful security features, including activity auditing, file integrity monitoring, remote malware scanning, and blocklist monitoring to identify and protect your website from threats. Other useful plugins include backup, auditing, and utility plugins which address a variety of security functions." } }, { "@type": "Question", "name": "How can I protect my WordPress site from malware?", "acceptedAnswer": { "@type": "Answer", "text": "One of the easiest ways to protect your WordPress website from hackers is to employ the use of a <a href='https://sucuri.net/website-firewall/wordpress-firewall/'>web application firewall (WAF)</a>, which can block malicious traffic from ever reaching your server." } }, { "@type": "Question", "name": "How do I remove malware from my WordPress site?", "acceptedAnswer": { "@type": "Answer", "text":"We've put together a helpful guide on how to clean a WordPress hack to help website owners walk through the process of identifying and cleaning up malware from a compromised website. This guide also includes <a href='https://sucuri.net/website-security/what-to-do-after-a-website-hack/'>post-hack instructions</a> to help you protect your site from future infections. If you need assistance, our security analysts are here to help. We remove malware from thousands of WordPress websites every week."} } , { "@type": "Question", "name": "How do I secure my WordPress site with HTTPS?", "acceptedAnswer": { "@type": "Answer", "text": "SSL certificates do not protect your website, but they help defend data in transit between the host (web server or firewall) and the client (web browser). SSL works as a barrier to prevent data visibility or modification by intruders. To install an SSL certificate on a WordPress website, you'll need to either purchase one from a certificate authority, such as GoDaddy, or use a free certificate from Let's Encrypt. We've written an extensive guide that instructs you on <a href='https://sucuri.net/guides/how-to-install-ssl-certificate/'>how to add a Let's Encrypt SSL certificate</a> to your WordPress website and encrypt its data with HTTPS. Sucuri offers free SSL on the firewall to ensure that visitors reach your website via HTTPS by default." } }] } </script> <meta name="generator" content="performance-lab 3.5.1; plugins: "> <meta name="generator" content="Elementor 3.25.4; features: e_font_icon_svg, additional_custom_breakpoints, e_optimized_control_loading; settings: css_print_method-external, google_font-enabled, font_display-swap"> <style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style> <style> .e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload), .e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload) * { background-image: none !important; } @media screen and (max-height: 1024px) { .e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload), .e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload) * { background-image: none !important; } } @media screen and (max-height: 640px) { .e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload), .e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload) * { background-image: none !important; } } </style> <link rel="icon" href="https://sucuri.net/wp-content/uploads/2022/02/cropped-Sucuri_FavIcon_512x512-1-32x32.png" sizes="32x32" /> <link rel="icon" href="https://sucuri.net/wp-content/uploads/2022/02/cropped-Sucuri_FavIcon_512x512-1-192x192.png" sizes="192x192" /> <link rel="apple-touch-icon" href="https://sucuri.net/wp-content/uploads/2022/02/cropped-Sucuri_FavIcon_512x512-1-180x180.png" /> <meta name="msapplication-TileImage" content="https://sucuri.net/wp-content/uploads/2022/02/cropped-Sucuri_FavIcon_512x512-1-270x270.png" /> <style type="text/css" id="wp-custom-css"> a{ color: #028673; } .sucuri-widget-hero-internal-revamp-section.parent .wrapper{ justify-content: flex-end; } p.priceText.spacerContentNeg { padding-top: 0px; } .btn-primary{ color: #fff; background-color: #028673; border-color: #028673; } .hero-nav{ z-index: 99 !important; } .cookie-policy-banner p { color: #028673 !important; } #no-underline p a{ text-decoration: none !important; } body, a:visited, p, select, textarea{ font-size: 16px; } .elementor-widget-text-editor ol, .elementor-widget-text-editor ul { margin-left: 0; padding-left: revert; } footer li a:hover{ color: #26ba9e !important; } .elementor-widget-text-editor .elementor-widget-container h1{ font-weight: 700 !important; font-size: 50px !important; line-height: 50px !important; margin-bottom: 50px !important; font-family: "Titillium Web", Sans-serif; } .elementor-widget-text-editor .elementor-widget-container h2{ font-weight: 700 !important; font-size: 25px !important; line-height: 25px !important; margin-bottom: 25px !important; } .elementor-widget-text-editor .elementor-widget-container h3{ font-weight: 700 !important; font-size: 23px !important; line-height: 24px !important; margin-bottom: 25px !important; } .elementor-widget-text-editor .elementor-widget-container h4{ font-weight: 700; font-size: 20px !important; line-height: 23px !important; margin-bottom: 25px !important; } .elementor-widget-text-editor .elementor-widget-container h5{ font-weight: 700 !important; font-size: 18px !important; line-height: 23px !important; margin-bottom: 25px !important; } .elementor-widget-text-editor .elementor-widget-container h6{ font-weight: 700 !important; font-size: 16px !important; line-height: 23px !important; margin-bottom: 25px !important; } .guides-template-default.single.single-guides .elementor-widget-container h1{ font-weight: 700 !important; font-size: 64px !important; line-height: 64px !important; margin-bottom: 100px !important; font-family: "Titillium Web", Sans-serif; } .guides-template-default.single.single-guides .elementor-widget-container h2{ font-weight: 700 !important; font-size: 50px !important; line-height: 1 !important; margin-top: 50px !important; margin-bottom: 15px !important; font-family: "Titillium Web", Sans-serif; } .guides-template-default.single.single-guides .archive .elementor-widget-container h2{ margin-bottom: 25px !important; } .guides-template-default.single.single-guides .elementor-widget-container h3{ font-weight: 600 !important; font-size: 25px !important; line-height: 25px !important; margin-top: 30px !important; margin-bottom: 10px !important; } .guides-template-default.single.single-guides .elementor-widget-container h4{ font-weight: 500; font-size: 20px; line-height: 24px; margin-top: 25px; } .guides-template-default.single.single-guides .elementor-widget-container h5{ font-weight: 500 !important; font-size: 18px !important; line-height: 23px !important; margin-top: 20px !important; } .guides-template-default.single.single-guides .elementor-widget-container h6{ font-weight: 500 !important; font-size: 16px !important; line-height: 23px !important; margin-top: 15px !important; } .header-b .top-nav-wrapper .nav-bar.ua-lg .u-attack { background-color: #028673; } /*custom css*/ /*hero nav in double line when screen is small*/ .hero-nav__list{ flex-wrap: nowrap } .sucuri-widget-sub-nav.fixed{ top:90px !important; } .responsive-table{ overflow-x: auto; } .table_breakdown{ width: unset; min-width: 1080px; } .home .hero-nav{ top: 90px !important; } .sucuri-widget-table-content .linkContainer{ height: auto !important; } /* .guides-template-default.single.single-guides h1{ font-family: "Titillium Web" !important; font-size: 64px !important; font-weight: 700; margin-bottom: 100px !important; } .guides-template-default.single.single-guides h2{ font-family: "Titillium Web" !important; font-weight: 700 !important; font-size: 25px !important; line-height: 25px !important; margin-bottom: 25px !important; } .guides-template-default.single.single-guides h3{ font-family: "Open Sans" !important; font-weight: 700 !important; font-size: 23px !important; line-height: 24px !important; margin-bottom: 25px !important; } .guides-template-default.single.single-guides h4{ font-family: "Open Sans" !important; font-size: 22px !important; font-weight: 700 !important; margin-bottom: 30px !important; } .guides-template-default.single.single-guides h5{ font-family: "Open Sans" !important; font-size: 21px !important; font-weight: 700 !important; margin-bottom: 20px !important; } .guides-template-default.single.single-guides h6{ font-family: "Open Sans" !important; font-size: 18px !important; font-weight: 400 !important; margin-bottom: 20px !important; } */ .hero-nav__list { padding-left: 10px; } @media (min-width: 1200px){ .v2-subnav { height: auto; } } .v2-subnav { height: auto !important; } .sucuri-widget-sub-nav.fixed{ z-index: 1 !important; } .sucuri-widget-sub-nav ul li a{ font-size: 12px; } .sucuri-widget-card-plans .card-plans-container .card-plans-list #card-plans-list-single.background-important .card-plans-single .absolute-footer .card-sub-button p a{ color: #fff; } .sucuri-widget-brands-banner .sucuri-widget-brands-banner-internal .imgContainer.fiveRow{ padding-left:20px; padding-right:20px; } .sucuri-widget-faq-content h2{ font-weight: 700 !important; } /* chat bubble colors */ .chat-widget-wrapper .phone-banner { background-color: #26ba9e; } .chat-widget-wrapper .chat-widget-container { background-color: #028673; } .chat-widget-wrapper .chat-widget-container .chat-widget-avatar { background-color: #26ba9e; border: 4px solid #26ba9e; } /* footer custom css */ @media (min-width: 1400px) { footer .container { max-width: 1140px; padding: 0; } } .footer-b hr { width: 97%; display: block; margin: 0 auto; margin-top: 3rem; margin-bottom: 1rem; } /* custom css for hero nav menu list */ @media(min-width: 992px){ .header-b .top-nav-wrapper .nav-bar.pro-sol{ margin-left: 3rem; } } @media(min-width: 1400px){ .hero-nav__list{ max-width: 1300px; } .sucuri-widget-sub-nav ul{ max-width: 1300px; } } @media(min-width: 1920px){ .hero-nav__list{ max-width: 1140px; } .sucuri-widget-sub-nav ul{ max-width: 1300px !important; } } .v2-subnav .hero-nav__item a{ padding-left: 5px; padding-right: 10px; font-size: 10px; font-weight: 400; } .sucuri-widget-sub-nav ul li a{ font-weight: 400; font-size: 10px !important; padding-right:30px; } @media(min-width: 992px){ .v2-subnav .hero-nav__item a{ padding-left: 20px; } } @media(min-width: 1440px){ .v2-subnav .hero-nav__item a{ padding-left: 20px; padding-right: 20px; font-size: 12px; } .sucuri-widget-sub-nav ul li a{ font-size: 12px !important; } } @media(min-width: 1920px){ .v2-subnav .hero-nav__item a{ padding-left: 0px; } .sucuri-widget-sub-nav ul li a{ padding-left: 0 !important; } } /* custom css for nav content */ .elementor-widget.elementor-widget-text-editor a{ text-decoration: none !important; } .elementor-widget.elementor-widget-text-editor h4{ font-weight: 700; } .sucuri-widget-nav-content ul li a{ padding: 20px 12px !important; font-size: 14px; } /* cards */ .archive.post-type-archive .elementor-post__card .elementor-post__title{ font-size: 20px !important; } .archive.post-type-archive .elementor-post__card .elementor-post__title{ margin-top: 0px !important; } .archive.post-type-archive .elementor-post__card .elementor-post__title a{ font-size: 20px !important; line-height: 1.4 !important; } /* FAQ CONTENT */ .sucuri-widget-faq-content .faq-content-single p span{ display:block; padding-left:20px; } .sucuri-widget-faq-content .faq-content-single p span:first-child{ padding-top:10px } .sucuri-widget-faq-content .faq-content-single > ul > li input[type=checkbox]{ height: auto !important; } .sucuri-widget-faq-content .faq-content-single h4{ font-size: 18px !important; margin-top: 0px !important; margin-bottom: 0px !important; font-weight: 700 !important; } pre code{ padding: 0px; } article.post{ box-shadow: 0 0 10px 0 rgba(0,0,0,.15); border-radius: 8px; overflow: hidden; } article.post .post-content{ padding: 20px; } article.post .post-content .post-title{ color: #028673; font-family: "Titillium Web", Sans-serif; font-size: 20px; font-weight: 700; } .container-grid-layout{ display: flex; grid-template-columns: repeat(3, 1fr); grid-template-rows: repeat(auto-fit, minmax(200px, 1fr)); grid-auto-rows: 200px; grid-auto-flow: row dense; grid-gap: 14px; /* padding: 10px; */ box-sizing: border-box; padding-right: 15px; grid-template-rows: 160px 170px 0px; flex-direction: column; } .container-grid-layout .frame-1x1{ grid-column: span 1; grid-row: span 1; } .container-grid-layout .frame-1x2{ grid-column: span 1; grid-row: span 2; } .container-grid-layout .frame-2x1 { grid-column: span 2; grid-row: span 2; } @media(min-width: 768px){ .container-grid-layout{ display: grid; grid-template-columns: repeat(3, 1fr); grid-template-rows: repeat(auto-fit, minmax(200px, 1fr)); grid-auto-rows:200px; grid-auto-flow:row dense; grid-gap: 14px; /* padding: 10px; */ box-sizing:border-box; padding-right: 15px; grid-template-rows: 107px 113px 0px; flex-direction: column; } } @media(min-width: 992px){ .container-grid-layout{ grid-template-rows: 145px 145px 0px; } } @media(min-width: 1440px){ .container-grid-layout{ grid-template-rows: 160px 170px 0px; } } .container-grid-third{ display: flex; grid-template-columns: 1fr; place-items: start; padding: 0px; padding-right: 10px; grid-template-columns: 1fr 1fr 1fr; grid-gap: 8px; margin-bottom: 10px; flex-direction: column; flex-wrap: nowrap; align-content: center; } .container-grid-third .post{ width: calc(100% - 5px); position: relative; height: 0; width: calc(100% - 5px); position: relative; background-repeat: no-repeat; background-position: 50% 50%; background-size: cover; display: flex; flex-direction: column; justify-content: space-between; } .container-grid-third .frame-1x1{ padding-bottom: calc(48% - 5px); grid-row: span 2 / auto; } .container-grid-third .frame-1x2{ padding-bottom: calc(130% - 5px); grid-row: span 3 / auto; } @media(min-width: 768px){ .container-grid-third{ display: grid; grid-template-columns: 1fr; place-items: start; padding: 0px; padding-right: 10px; grid-template-columns: 1fr 1fr 1fr; grid-gap: 8px; margin-bottom: 10px; } .container-grid-third .frame-1x1{ padding-bottom: calc(48% - 5px); } .container-grid-third .frame-1x2{ padding-bottom: calc(250% - 5px); } } @media(min-width: 992px){ .container-grid-third .frame-1x2{ padding-bottom: calc(165% - 5px); } } @media(min-width: 1440px){ .container-grid-third .frame-1x2{ padding-bottom: calc(135% - 5px); } } .shortcodes-custom-container .box{ display: none; } .container-ad{ box-shadow: 0 0 10px 0 rgba(0,0,0,.15); border-radius: 8px; grid-column: span 1; grid-row: span 2; display: flex; flex-direction: column; flex-wrap: nowrap; align-items: center; justify-content: center; background-image: url('https://sucuri.net/wp-content/uploads/2023/07/23-sucuri-content-hub-we-are-here-to-help-bg.png'); background-position: center; background-repeat: no-repeat; background-size: cover; } .container-ad p{ margin-bottom: 0px !important; } .container-ad h2{ margin-top: 0px !important; font-family: "Titillium Web"; font-size: 50px; line-height: 1.2; } .container-ad h2, .container-ad p, .container-ad .link{ text-align: center; color: white; font-weight: 700; } .container-ad .btn{ background: #028673; color: white; margin: 0px 0 20px 0; } .elementor-widget-text-editor strong span { text-decoration: none !important; } select#post-filter-select { padding: 5px 10px; border: 1px solid #F0F1F2; box-shadow: 0 0 10px 0 rgba(0,0,0,.15); min-width: 180px; margin-right: 40px; border-radius: 7px; border-right: 10px solid transparent; } .custom-post-filter a{ background-color: #4F6CB5; color: white; padding: 7.5px 25px; border-radius: 7px; font-size: 16px; font-weight: 500; } .container-grid-third.second-option .frame-1x1{ padding-bottom: calc(82% - 5px); } /* faq section */ .sucuri-widget-faq-content .faq-content-single h4{ margin-top: 0px !important; } .sucuri-widget-faq-content-advanced .faq-content-single h4{ margin-top: 0px !important; } .sucuri-widget-faq-content-advanced .faq-content-single > ul > li input[type=checkbox]:checked ~ h4{ margin-top: 0px !important; } .sucuri-widget-faq-content h2{ margin-bottom: 50px !important; } .sucuri-widget-faq-content-advanced h4{ font-size: 25px; } /* table sign up */ .sucuri-widget-new-card-plans .sucuri-widget-platform-static-cards-widget .dropdown-content-table ul li:nth-child(2n+1) table tbody tr td svg{ max-width: 20px; } svg.e-font-icon-svg.e-fas-check-circle{ fill: #028673; } svg.e-font-icon-svg.e-fas-circle { fill: #f2f5f5; } .sucuri-widget-new-card-plans .sucuri-widget-platform-static-cards-widget .dropdown-content-table .table_breakdown tbody tr td:not(:first-child) svg{ max-width: 20px } .sucuri-widget-platform-static .dropdown-content-table .table_breakdown tbody tr td:not(:first-child) svg{ max-width: 20px } .sucuri-widget-platform-dropdown .platform-dropdown-single .dropdown-content-table .table_breakdown tbody tr td:not(:first-child) svg{ max-width: 20px } /* end table sign up */ .sucuri-widget-sub-nav.fixed{ z-index: 98 !important; } .sucuri-widget-hero-revamp-section.parent .wrapper .div2 img{ max-width: 480px; } .sucuri-widget-hero-revamp-section.parent .wrapper .div2{ margin: 0 auto; } @media(min-width: 1440px){ .sucuri-table-plans-security-three-revamp .sucuri-widget-platform-static-cards-widget .dropdown-content-table .shadow { position: absolute; top: 7px; width: 1044px; right: 20px; } } @keyframes marquee { 0% { transform: translateX(0); } 100% { transform: translateX(-50%); } } .marquee { overflow: hidden; background-color: #00BB9F; height: 31px; display: flex; align-items: center; position: relative; } .marquee-content { display: flex; width: max-content; animation: marquee 50s linear infinite; } .marquee-content div { white-space: nowrap; display: flex; align-items: center; margin-right: 20px; /* Extra Styling */ font-size: 17px; font-family: 'Titilium Web', Helvetica, Arial, sans-serif; font-weight: 500; color: #02141B; } .marquee-content div span { font-weight: 700; margin:0 4px; } </style> </head> <body class="guides-template-default single single-guides postid-9115 single-format-standard wp-custom-logo elementor-default elementor-kit-8778 elementor-page elementor-page-9115"> <script type="text/javascript">(function(a,b,c,d){a='//tags.tiqcdn.com/utag/gpl/sucuri/prod/utag.js';b=document;c='script';d=b.createElement(c);d.src=a;d.type='text/java'+c;d.async=true;a=b.getElementsByTagName(c)[0];a.parentNode.insertBefore(d,a)})();</script> <div data-elementor-type="header" data-elementor-id="10522" class="elementor elementor-10522 elementor-location-header" data-elementor-post-type="elementor_library"> <section class="elementor-section elementor-top-section elementor-element elementor-element-e6284d1 elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="e6284d1" data-element_type="section" data-settings="{"sticky":"top","sticky_on":["desktop","tablet_extra","tablet","mobile"],"sticky_offset":0,"sticky_effects_offset":0,"sticky_anchor_link_offset":0}"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-49d7753" data-id="49d7753" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-d46c653 elementor-widget elementor-widget-html" data-id="d46c653" data-element_type="widget" data-widget_type="html.default"> <div class="elementor-widget-container"> <a href="https://sucuri.net/live-chat/"> <div class="marquee"> <div class="marquee-content"> <div>Get <span>15%</span>, <span>20%</span> or <span>30%</span> on your first year, discount on our plans just for black friday, chat now and stay safe</div> <div> <img src="https://sucuri.net/wp-content/uploads/2024/11/Offer.svg" alt="Offer"> </div> <div>Get <span>15%</span>, <span>20%</span> or <span>30%</span> on your first year, discount on our plans just for black friday, chat now and stay safe</div> <div> <img src="https://sucuri.net/wp-content/uploads/2024/11/Offer.svg" alt="Offer"> </div>  <div>Get <span>15%</span>, <span>20%</span> or <span>30%</span> on your first year, discount on our plans just for black friday, chat now and stay safe</div> <div> <img src="https://sucuri.net/wp-content/uploads/2024/11/Offer.svg" alt="Offer"> </div> <div>Get <span>15%</span>, <span>20%</span> or <span>30%</span> on your first year, discount on our plans just for black friday, chat now and stay safe</div> <div> <img src="https://sucuri.net/wp-content/uploads/2024/11/Offer.svg" alt="Offer"> </div> <div>Get <span>15%</span>, <span>20%</span> or <span>30%</span> on your first year, discount on our plans just for black friday, chat now and stay safe</div> <div> <img src="https://sucuri.net/wp-content/uploads/2024/11/Offer.svg" alt="Offer"> </div> <div>Get <span>15%</span>, <span>20%</span> or <span>30%</span> on your first year, discount on our plans just for black friday, chat now and stay safe</div> <div> <img src="https://sucuri.net/wp-content/uploads/2024/11/Offer.svg" alt="Offer"> </div> </div> </div> </a> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-5dd7eb5 elementor-section-height-min-height elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-items-middle" data-id="5dd7eb5" data-element_type="section" id="header-container" data-settings="{"background_background":"classic","sticky":"top","sticky_on":["desktop","tablet_extra","tablet","mobile"],"sticky_offset":0,"sticky_effects_offset":0,"sticky_anchor_link_offset":0}"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-ff5a8e8" data-id="ff5a8e8" data-element_type="column" id="menu-column-one"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-b873b2a elementor-widget elementor-widget-theme-site-logo elementor-widget-image" data-id="b873b2a" data-element_type="widget" data-widget_type="theme-site-logo.default"> <div class="elementor-widget-container"> <a href="https://sucuri.net"> <img src="https://sucuri.net/wp-content/uploads/elementor/thumbs/Sucuri-Logo-qio221wlg9vvaaewra0jqjt8rf04jyn1vtdestgfmi.png" title="Sucuri Logo" alt="Sucuri" loading="lazy" /> </a> </div> </div> </div> </div> <div class="elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-42d43ff" data-id="42d43ff" data-element_type="column" id="menu-column-two"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-c6a03bd elementor-nav-menu__align-start elementor-nav-menu__text-align-center elementor-nav-menu--stretch elementor-widget-tablet__width-initial elementor-nav-menu--dropdown-tablet_extra elementor-nav-menu--toggle elementor-nav-menu--burger elementor-widget elementor-widget-nav-menu" data-id="c6a03bd" data-element_type="widget" id="header-main-menu" data-settings="{"submenu_icon":{"value":"<svg class=\"fa-svg-chevron-down e-font-icon-svg e-fas-chevron-down\" viewBox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M207.029 381.476L12.686 187.132c-9.373-9.373-9.373-24.569 0-33.941l22.667-22.667c9.357-9.357 24.522-9.375 33.901-.04L224 284.505l154.745-154.021c9.379-9.335 24.544-9.317 33.901.04l22.667 22.667c9.373 9.373 9.373 24.569 0 33.941L240.971 381.476c-9.373 9.372-24.569 9.372-33.942 0z\"><\/path><\/svg>","library":"fa-solid"},"full_width":"stretch","layout":"horizontal","toggle":"burger"}" data-widget_type="nav-menu.default"> <div class="elementor-widget-container"> <nav aria-label="Menu" class="elementor-nav-menu--main elementor-nav-menu__container elementor-nav-menu--layout-horizontal e--pointer-none"> <ul id="menu-1-c6a03bd" class="elementor-nav-menu"><li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-10468"><a href="https://sucuri.net/website-security/" class="elementor-item">Products</a> <ul class="sub-menu elementor-nav-menu--dropdown"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10591"><a href="https://sucuri.net/website-security-platform/" class="elementor-sub-item">Website Security Platform</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10473"><a href="https://sucuri.net/website-firewall/" class="elementor-sub-item">Website Firewall</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10474"><a href="https://sucuri.net/custom/agency/" class="elementor-sub-item">Agency Plans</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10589"><a href="https://sucuri.net/custom/enterprise/" class="elementor-sub-item">Custom & Enterprise Plans</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10590"><a href="https://sucuri.net/partners/" class="elementor-sub-item">Partnerships</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10764"><a href="https://sucuri.net/developers/" class="elementor-sub-item">Junior Dev</a></li> </ul> </li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-10530"><a href="#" class="elementor-item elementor-item-anchor">Features</a> <ul class="sub-menu elementor-nav-menu--dropdown"> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10592"><a href="https://sucuri.net/malware-detection-scanning/" class="elementor-sub-item">Detection<small>Website Monitoring & Alerts</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10593"><a href="https://sucuri.net/intrusion-detection-system/" class="elementor-sub-item">Protection<small>Future Website Hacks</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10594"><a href="https://sucuri.net/website-performance/" class="elementor-sub-item">Performance<small>Speed Up Your Website</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10595"><a href="https://sucuri.net/website-malware-removal/" class="elementor-sub-item">Response<small>Help For Hacked Websites</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10596"><a href="https://sucuri.net/website-backups/" class="elementor-sub-item">Backups<small>Disaster Recovery Plan</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10597"><a href="https://sucuri.net/ecommerce-website-security/" class="elementor-sub-item">Ecommerce<small>Security For Online Stores</small></a></li> </ul> </li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-10531"><a href="#" class="elementor-item elementor-item-anchor">Resources</a> <ul class="sub-menu elementor-nav-menu--dropdown"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10598"><a href="https://sucuri.net/guides/" class="elementor-sub-item">Guides</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10599"><a href="https://sucuri.net/webinars/" class="elementor-sub-item">Webinars</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10600"><a href="https://sucuri.net/infographics/" class="elementor-sub-item">Infographics</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10601"><a href="https://blog.sucuri.net/" class="elementor-sub-item">Blog</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10602"><a href="https://sitecheck.sucuri.net/" class="elementor-sub-item">SiteCheck</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10603"><a href="https://sucuri.net/reports/" class="elementor-sub-item">Reports</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10604"><a href="https://sucuri.net/email-courses/" class="elementor-sub-item">Email Courses</a></li> <li class="menu-item menu-item-type-post_type menu-item-object-page menu-item-11216"><a href="https://sucuri.net/ebooks/" class="elementor-sub-item">Ebooks</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10605"><a href="https://sucuri.net/technical-hub/" class="elementor-sub-item">Technical Hub</a></li> </ul> </li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10532"><a href="https://sucuri.net/website-security-platform/signup/" class="elementor-item">Pricing</a></li> </ul> </nav> <div class="elementor-menu-toggle" role="button" tabindex="0" aria-label="Menu Toggle" aria-expanded="false"> <svg aria-hidden="true" role="presentation" class="elementor-menu-toggle__icon--open e-font-icon-svg e-eicon-menu-bar" viewBox="0 0 1000 1000" xmlns="http://www.w3.org/2000/svg"><path d="M104 333H896C929 333 958 304 958 271S929 208 896 208H104C71 208 42 237 42 271S71 333 104 333ZM104 583H896C929 583 958 554 958 521S929 458 896 458H104C71 458 42 487 42 521S71 583 104 583ZM104 833H896C929 833 958 804 958 771S929 708 896 708H104C71 708 42 737 42 771S71 833 104 833Z"></path></svg><svg aria-hidden="true" role="presentation" class="elementor-menu-toggle__icon--close e-font-icon-svg e-eicon-close" viewBox="0 0 1000 1000" xmlns="http://www.w3.org/2000/svg"><path d="M742 167L500 408 258 167C246 154 233 150 217 150 196 150 179 158 167 167 154 179 150 196 150 212 150 229 154 242 171 254L408 500 167 742C138 771 138 800 167 829 196 858 225 858 254 829L496 587 738 829C750 842 767 846 783 846 800 846 817 842 829 829 842 817 846 804 846 783 846 767 842 750 829 737L588 500 833 258C863 229 863 200 833 171 804 137 775 137 742 167Z"></path></svg> <span class="elementor-screen-only">Menu</span> </div> <nav class="elementor-nav-menu--dropdown elementor-nav-menu__container" aria-hidden="true"> <ul id="menu-2-c6a03bd" class="elementor-nav-menu"><li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-10468"><a href="https://sucuri.net/website-security/" class="elementor-item" tabindex="-1">Products</a> <ul class="sub-menu elementor-nav-menu--dropdown"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10591"><a href="https://sucuri.net/website-security-platform/" class="elementor-sub-item" tabindex="-1">Website Security Platform</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10473"><a href="https://sucuri.net/website-firewall/" class="elementor-sub-item" tabindex="-1">Website Firewall</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10474"><a href="https://sucuri.net/custom/agency/" class="elementor-sub-item" tabindex="-1">Agency Plans</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10589"><a href="https://sucuri.net/custom/enterprise/" class="elementor-sub-item" tabindex="-1">Custom & Enterprise Plans</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10590"><a href="https://sucuri.net/partners/" class="elementor-sub-item" tabindex="-1">Partnerships</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10764"><a href="https://sucuri.net/developers/" class="elementor-sub-item" tabindex="-1">Junior Dev</a></li> </ul> </li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-10530"><a href="#" class="elementor-item elementor-item-anchor" tabindex="-1">Features</a> <ul class="sub-menu elementor-nav-menu--dropdown"> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10592"><a href="https://sucuri.net/malware-detection-scanning/" class="elementor-sub-item" tabindex="-1">Detection<small>Website Monitoring & Alerts</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10593"><a href="https://sucuri.net/intrusion-detection-system/" class="elementor-sub-item" tabindex="-1">Protection<small>Future Website Hacks</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10594"><a href="https://sucuri.net/website-performance/" class="elementor-sub-item" tabindex="-1">Performance<small>Speed Up Your Website</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10595"><a href="https://sucuri.net/website-malware-removal/" class="elementor-sub-item" tabindex="-1">Response<small>Help For Hacked Websites</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10596"><a href="https://sucuri.net/website-backups/" class="elementor-sub-item" tabindex="-1">Backups<small>Disaster Recovery Plan</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10597"><a href="https://sucuri.net/ecommerce-website-security/" class="elementor-sub-item" tabindex="-1">Ecommerce<small>Security For Online Stores</small></a></li> </ul> </li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-10531"><a href="#" class="elementor-item elementor-item-anchor" tabindex="-1">Resources</a> <ul class="sub-menu elementor-nav-menu--dropdown"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10598"><a href="https://sucuri.net/guides/" class="elementor-sub-item" tabindex="-1">Guides</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10599"><a href="https://sucuri.net/webinars/" class="elementor-sub-item" tabindex="-1">Webinars</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10600"><a href="https://sucuri.net/infographics/" class="elementor-sub-item" tabindex="-1">Infographics</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10601"><a href="https://blog.sucuri.net/" class="elementor-sub-item" tabindex="-1">Blog</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10602"><a href="https://sitecheck.sucuri.net/" class="elementor-sub-item" tabindex="-1">SiteCheck</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10603"><a href="https://sucuri.net/reports/" class="elementor-sub-item" tabindex="-1">Reports</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10604"><a href="https://sucuri.net/email-courses/" class="elementor-sub-item" tabindex="-1">Email Courses</a></li> <li class="menu-item menu-item-type-post_type menu-item-object-page menu-item-11216"><a href="https://sucuri.net/ebooks/" class="elementor-sub-item" tabindex="-1">Ebooks</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10605"><a href="https://sucuri.net/technical-hub/" class="elementor-sub-item" tabindex="-1">Technical Hub</a></li> </ul> </li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10532"><a href="https://sucuri.net/website-security-platform/signup/" class="elementor-item" tabindex="-1">Pricing</a></li> </ul> </nav> </div> </div> </div> </div> <div class="elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-75d4b41 elementor-hidden-mobile" data-id="75d4b41" data-element_type="column" id="menu-column-three"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-aa77472 elementor-widget__width-initial elementor-widget-tablet__width-initial elementor-widget elementor-widget-html" data-id="aa77472" data-element_type="widget" data-widget_type="html.default"> <div class="elementor-widget-container"> <div class="float-right-next"> <div class="nav-bar ua-lg"> <ul class="nav"> <li> <a href="/website-security-platform/help-now/" class="mp-under-attack-button u-attack auto-track" data-gatrack="Button_Click, Top_Nav_Under_Attack">Immediate Help</a> </li> </ul> </div> <div class="nav-bar plt"> <div class="login"> <a href="https://dashboard.sucuri.net/login/" class="login mp-login-btn auto-track" data-gatrack="Button_Click, Top_Nav_Login">Login</a> <svg width="32" height="32" viewBox="0 0 32 32" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M16 17.667C18.7614 17.667 21 15.4284 21 12.667C21 9.90557 18.7614 7.66699 16 7.66699C13.2386 7.66699 11 9.90557 11 12.667C11 15.4284 13.2386 17.667 16 17.667Z" stroke="white" stroke-opacity="0.88" stroke-linecap="round" stroke-linejoin="round"/> <path d="M24.3333 24.3332C24.3333 20.6498 20.6016 17.6665 16 17.6665C11.3983 17.6665 7.66663 20.6498 7.66663 24.3332" stroke="white" stroke-opacity="0.88" stroke-linecap="round" stroke-linejoin="round"/> <path d="M26 1H6C3.23858 1 1 3.23858 1 6V26C1 28.7614 3.23858 31 6 31H26C28.7614 31 31 28.7614 31 26V6C31 3.23858 28.7614 1 26 1Z" stroke="#38B299" stroke-opacity="0.88" stroke-linecap="round" stroke-linejoin="round"/> </svg> <div class="login-drop-down inner-nav-bar"> <i class="pointer"></i> <div class="login-container"> <a href="https://dashboard.sucuri.net/login" class="login-btn" data-gatrack="Button_Click, Top_Nav_Login">Login</a> <div class="sign-up"> <p>New Customer? </p> <a href="/website-security-platform/signup/" style="padding: 0px">Sign up now.</a> </div> <ul> <li><a href="https://support.sucuri.net/support/?new" class="login-link">Submit a ticket</a></li> <li><a href="https://docs.sucuri.net/" class="login-link">Knowledge base</a></li> <li><a href="/live-chat/" class="login-link">Chat now</a></li> </ul> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </section> </div> <div data-elementor-type="wp-post" data-elementor-id="9115" class="elementor elementor-9115" data-elementor-post-type="guides"> <section class="elementor-section elementor-top-section elementor-element elementor-element-39c98b3 elementor-section-stretched elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="39c98b3" data-element_type="section" data-settings="{"background_background":"gradient","stretch_section":"section-stretched"}"> <div class="elementor-background-overlay"></div> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-c807468" data-id="c807468" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-23af49a elementor-widget elementor-widget-html" data-id="23af49a" data-element_type="widget" data-widget_type="html.default"> <div class="elementor-widget-container"> <div class="navigation-wrapper d-none d-md-flex"> <ul class="nav nav-inline breadcrumb-list p-0 c-lg-12"> <li class="nav-item"><a href="/" class="nav-link">Home</a></li> <li class="nav-item"><a href="/guides/" class="nav-link">Guides</a></li> <li class="nav-item active"><a href="" class="nav-link">WordPress Security Guide</a></li> </ul> </div> </div> </div> <div class="elementor-element elementor-element-ba3c9ea elementor-widget__width-initial elementor-widget elementor-widget-heading" data-id="ba3c9ea" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h1 class="elementor-heading-title elementor-size-default">The Definitive WordPress Security Guide</h1> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-623d1c0 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="623d1c0" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-a6be583" data-id="a6be583" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-104193a elementor-widget elementor-widget-text-editor" data-id="104193a" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p><em>Last updated on: April 24th, 2024<br /></em></p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-9494606 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="9494606" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-66708c8" data-id="66708c8" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-a8ca78b elementor-widget elementor-widget-heading" data-id="a8ca78b" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">Introduction</h2> </div> </div> <div class="elementor-element elementor-element-e5df825 elementor-widget elementor-widget-text-editor" data-id="e5df825" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>WordPress is renowned for its usability and ease of access. It is by far the most popular way to build a website. In fact, recent statistics show that <a href="https://w3techs.com/technologies/details/cm-wordpress">43% of websites use WordPress</a>. This popularity comes at a price, however; insecure WordPress websites can be an easy target for hackers and spammers who are looking to leverage known vulnerabilities to their advantage.</p><p>If you’re putting a lot of time and effort into building your website, then you need to pay close attention to WordPress security best practices.</p><p>Keep in mind: WordPress security is about risk reduction, not risk elimination. Because there will always be risk, securing your WordPress site will remain a continuous process, requiring frequent assessment of attack vectors and threats.</p><p>In this guide, we’ll dive into the ins and outs of WordPress security and outline the steps you can take to protect your site (and your traffic) from hackers and malware.</p> </div> </div> <div class="elementor-element elementor-element-7025847 elementor-align-center auto-track elementor-widget elementor-widget-button" data-id="7025847" data-element_type="widget" data-gatrack="Button_Click, WPSecurity_Guide_Protect_Your_Site" data-widget_type="button.default"> <div class="elementor-widget-container"> <div class="elementor-button-wrapper"> <a class="elementor-button elementor-button-link elementor-size-lg" href="https://sucuri.net/website-security-platform/signup/"> <span class="elementor-button-content-wrapper"> <span class="elementor-button-text">Secure Your WordPress Website</span> </span> </a> </div> </div> </div> </div> </div> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-5ea8d76 elementor-hidden-mobile" data-id="5ea8d76" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-da41603 elementor-widget elementor-widget-heading" data-id="da41603" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <p class="elementor-heading-title elementor-size-default">Content</p> </div> </div> <div class="elementor-element elementor-element-a37fc27 elementor-widget elementor-widget-table_contents" data-id="a37fc27" data-element_type="widget" data-widget_type="table_contents.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-table-content"> <div class="tabs"> <div class="tab"> <input type="checkbox" id="1 - Patch Software Vulnerabilities"> <label class="tab-label" for="1 - Patch Software Vulnerabilities">1 - Patch Software Vulnerabilities</label> <div class="tab-content"> <ul> <li><a href="#audit-wordpress-plugins-themes">1.1 Regularly Audit WordPress Plugins & Themes</a></li> <li><a href="#update-wordpress-core">1.2. Keep WordPress Core Updated</a></li> <li><a href="#update-wordpress-plugins-themes">1.3 Patch WordPress Plugins</a></li> <li><a href="#update-wordpress-plugins-themes">1.4 Patch WordPress Themes</a></li> </ul> </div> </div> </div> </div> </div> </div> <div class="elementor-element elementor-element-925688e elementor-widget elementor-widget-table_contents" data-id="925688e" data-element_type="widget" data-widget_type="table_contents.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-table-content"> <div class="tabs"> <div class="tab"> <input type="checkbox" id="2 - Limit Access To Your WordPress Site"> <label class="tab-label" for="2 - Limit Access To Your WordPress Site">2 - Limit Access To Your WordPress Site</label> <div class="tab-content"> <ul> <li><a href="#manage-user-accounts">2.1 Manage User Accounts</a></li> <li><a href="#use-strong-passwords">2.2 Use Strong Passwords</a></li> <li><a href="#limit-login-attempts">2.3 Limit WordPress Login Attempts</a></li> <li><a href="#use-captchas">2.4 Use Pre-Login CAPTCHAs</a></li> <li><a href="#restrict-access-urls">2.5 Restrict Access to Authenticated URLs</a></li> </ul> </div> </div> </div> </div> </div> </div> <div class="elementor-element elementor-element-91705f4 elementor-widget elementor-widget-table_contents" data-id="91705f4" data-element_type="widget" data-widget_type="table_contents.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-table-content"> <div class="tabs"> <div class="tab"> <input type="checkbox" id="3 - WordPress Monitoring & Detection"> <label class="tab-label" for="3 - WordPress Monitoring & Detection">3 - WordPress Monitoring & Detection</label> <div class="tab-content"> <ul> <li><a href="#security-plugins">3.1 WordPress Security Plugins</a></li> <li><a href="#hosting-security">3.2 Website Hosting Security</a></li> <li><a href="#backup-wordpress">3.3 Backup Your WordPress</a></li> <li><a href="#intrusion-detection-tools">3.4 Intrusion Detection Tools</a></li> </ul> </div> </div> </div> </div> </div> </div> <div class="elementor-element elementor-element-b005816 elementor-widget elementor-widget-table_contents" data-id="b005816" data-element_type="widget" data-widget_type="table_contents.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-table-content"> <div class="tabs"> <div class="tab"> <input type="checkbox" id="4 - Harden Your WordPress Site"> <label class="tab-label" for="4 - Harden Your WordPress Site">4 - Harden Your WordPress Site</label> <div class="tab-content"> <ul> <li><a href="#secure-htaccess">4.1 Secure .htaccess Configurations</a></li> <li><a href="#wordpress-security-application-configurations">4.2 WordPress Security Application Configurations</a></li> </ul> </div> </div> </div> </div> </div> </div> <div class="elementor-element elementor-element-67bd088 elementor-widget elementor-widget-table_contents_link" data-id="67bd088" data-element_type="widget" data-widget_type="table_contents_link.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-table-content"> <div class="linkContainer"> <a class="tabContentLink" href="#protect-wordpress-with-a-firewall">5 - Protect WordPress With a Firewall</a> </div> </div> </div> </div> <div class="elementor-element elementor-element-250ed9e elementor-widget elementor-widget-table_contents_link" data-id="250ed9e" data-element_type="widget" data-widget_type="table_contents_link.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-table-content"> <div class="linkContainer"> <a class="tabContentLink" href="#implement-ssl-https">6 - Implement SSL & HTTPS</a> </div> </div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-4a2473e elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="4a2473e" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-83a74e2" data-id="83a74e2" data-element_type="column" data-settings="{"background_background":"classic"}"> <div class="elementor-widget-wrap elementor-element-populated"> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-3544fd5 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="3544fd5" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-861dc79" data-id="861dc79" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-f5dc288 elementor-widget elementor-widget-text-editor" data-id="f5dc288" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <h2>Is WordPress Secure?</h2><p>WordPress is reliable and safe to use. The CMS provides regular patches and updates to fix known security problems. But the core platform itself represents only a tiny fraction of security vulnerabilities. Unfortunately, WordPress’ extensibility and massive plugin and theme library is the culprit for the majority of security issues facing WordPress sites.</p><p>But the <a href="https://blog.sucuri.net/2023/01/is-wordpress-secure.html" target="_blank" rel="noopener">question of whether WordPress is secure or not</a> depends entirely on you, the website owner. How many plugins, themes, and other extensible components you choose to install and how often you patch and maintain your site’s software will dictate how secure it really is.</p><p>According to PatchStack’s State of WordPress Security study, there was a 150% increase in the number of vulnerabilities facing WordPress websites in 2021, with a whopping total of 29% which were never patched at all.</p><p>But this doesn’t mean that you need to avoid using WordPress entirely in order to maintain a secure website.</p><p>Website security is all about <a href="https://wordpress.org/support/article/hardening-wordpress/" target="_blank" rel="noopener">risk reduction, not risk elimination</a>. And thankfully, WordPress security can be simple if you take the right steps.</p><h2>Why is WordPress Security Important?</h2><p>Protecting your WordPress site against phishing, malware, and DDoS is vital to protecting your visitors – and keeping it online in the first place.</p><h3>1. Insecure WordPress sites can lead to malware</h3><p>If you don’t pay attention to the security of your WordPress site, you may find that attackers are able to infect your website, exploit system resources, steal sensitive information, or even take your site offline. You may even end up distributing ransomware or other nasty malware to unsuspecting site visitors. Ultimately, a hacked website can affect your website’s reputation, incur financial losses, and affect your search rankings.</p><h3>2. Website customers expect (and deserve) to be protected</h3><p>Just like how a physical store needs to be protected from thieves, your online website also needs to be shielded from bad actors.</p><p>Site visitors and customers expect to be safeguarded from attacks. And if you run an ecommerce website, security becomes even more important to ensure that you maintain <a href="https://sucuri.net/guides/pci-compliance-requirements-checklist/" target="_blank" rel="noopener">PCI DSS Compliance</a>. Ecommerce websites who aren’t compliant with these standards could risk hefty fines or even lose the ability to accept credit card payments.</p><h3>3. WordPress security is really important for SEO</h3><p>Search engines like Google like secure websites. And your website’s search visibility is directly affected by its security.</p><p>In fact, search engines like Google even use <a href="https://sucuri.net/guides/how-to-install-ssl-certificate/" target="_blank" rel="noopener">HTTPS encryption</a> as one of their many ranking factors. Furthermore, if your site is detected to be distributing malware, phishing, or spam, they’ll downgrade your search rankings pretty quickly in an effort to protect search traffic.</p><p>So, if you want a high-ranking website, you will want to pay close attention to your sites’ security and take steps to protect it from attack.</p> </div> </div> <div class="elementor-element elementor-element-1b02c4d elementor-widget elementor-widget-text-editor" data-id="1b02c4d" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <h1>How to Secure a WordPress Site</h1><p> </p> </div> </div> <div class="elementor-element elementor-element-603c22b elementor-widget elementor-widget-text-editor" data-id="603c22b" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>This WordPress security guide is an introduction into how to protect visitors, tackle the threat of malware infection, and build a more secure WordPress site. To educate WordPress administrators on basic security techniques, we’ve outlined a number of actionable steps you can take to protect your website.</p><p>Let’s dive into the top steps you can take to protect and secure your WordPress site.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-24b0d52 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="24b0d52" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-041ad57" data-id="041ad57" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <section class="elementor-section elementor-inner-section elementor-element elementor-element-565d66e elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="565d66e" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-e680c76" data-id="e680c76" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-2fef7c4 elementor-widget elementor-widget-menu-anchor" data-id="2fef7c4" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="Step-1"></div> </div> </div> <div class="elementor-element elementor-element-d8a6fed elementor-widget elementor-widget-heading" data-id="d8a6fed" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">1</h2> </div> </div> </div> </div> </div> </section> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-c1ebead elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="c1ebead" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-9b31265" data-id="9b31265" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <section class="elementor-section elementor-inner-section elementor-element elementor-element-4f3e622 elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="4f3e622" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-1bfceb9" data-id="1bfceb9" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-7ef7cc5 elementor-widget elementor-widget-heading" data-id="7ef7cc5" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">Patch WordPress Software Vulnerabilities</h2> </div> </div> <div class="elementor-element elementor-element-0589d2c elementor-widget elementor-widget-text-editor" data-id="0589d2c" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <h3>Keep WordPress, Themes & Plugins Updated</h3><p>The WordPress security team works diligently to provide important security updates and vulnerability patches. However, the use of third-party plugins and themes and other website software exposes users to additional security threats.</p><p>By regularly installing the latest versions of core WordPress files and extensions, you can ensure that your website possesses all of the prevailing security patches and your WordPress site is more secure.</p> </div> </div> </div> </div> </div> </section> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-a53a0e1 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="a53a0e1" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-568600b" data-id="568600b" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-ea092e3 elementor-widget elementor-widget-menu-anchor" data-id="ea092e3" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="audit-wordpress-plugins-themes"></div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-e68f12b elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="e68f12b" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-5c689f0" data-id="5c689f0" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-52a1580 elementor-widget elementor-widget-heading" data-id="52a1580" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">1.1 Regularly Audit WordPress Plugins & Themes</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-762a1da elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="762a1da" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3b61a4a" data-id="3b61a4a" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-67a32b5 elementor-widget elementor-widget-text-editor" data-id="67a32b5" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>Plugins and themes can become deprecated, obsolete, or include bugs that pose serious security risks to your WordPress website.</p><p>To secure your WordPress installation and improve security, we recommend that you audit your plugins and themes on a regular basis.</p><h4>Assess Your Plugin Security</h4><p>You can assess the security of WordPress plugins and themes by reviewing a couple of important indicators:</p><ul><li><b>Does the plugin or theme have a large install base?</b>: Check the number of installs before adding a new plugin to your WordPress site.</li><li><b>Are there a lot of user reviews, and is the average rating high?</b>: Check WordPress plugin reviews and ratings before adding a new plugin.</li><li><b>Are the developers actively supporting their plugin and pushing frequent updates or security patches?</b>: If a plugin has not been updated in a long time it can have vulnerabilities used by malicious users to compromise WordPress websites.</li><li><b>Does the vendor list terms of service or a privacy policy?</b>: It is important to check if the plugin has a privacy policy or TOS.</li><li><b>Does the vendor include a physical contact address in the ToS or from a contact page?</b>: Having a physical contact address adds credibility to a WordPress plugin.</li></ul><p>Carefully read the Terms of Service – it may include unwanted extras that the authors didn’t advertise on their homepage. If the plugin or theme doesn’t meet any of these requirements or has recently changed owners before the latest update, you may want to look for a more secure solution for your WordPress site.</p><h4>Remove Unused WordPress Plugins & Themes</h4><p>When it comes to unused plugins, less is more. Storing unwanted plugins in your WordPress installation increases the chance of a compromise, even if they are disabled and not actively being used in your installation. Removing unused plugins and themes helps improve security and <a href="https://blog.sucuri.net/2019/05/wordpress-hacks-5-ways-to-protect-wordpress-from-hacking.html">protects WordPress from hacking</a>.</p><p>Not using that WordPress plugin? Remove it from your installation.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-636d8d3 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="636d8d3" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-a6c6177" data-id="a6c6177" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-029bb98 elementor-widget elementor-widget-alert_sucuri" data-id="029bb98" data-element_type="widget" data-widget_type="alert_sucuri.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-alert-sucuri type-5"> <div class="alert-sucuri-flex sucuri-box"> <div class="right-content"> <div class="headingContent"> <p class="headingTitle"><p>Note</p></p> </div> <div class="descriptionContent"> <p> </p><p>Sometimes bad actors will purchase a plugin to add malicious or unwanted functionality. Exercise caution when installing plugins that have <a href="https://blog.sucuri.net/2015/07/sweetcaptcha-returns-hijacking-another-plugin.html">recently changed owners</a> before the latest update.</p> </div> </div> </div> </div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-d62fca4 elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="d62fca4" data-element_type="section" data-settings="{"background_background":"gradient"}"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-9eb0307" data-id="9eb0307" data-element_type="column" data-settings="{"background_background":"classic"}"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-a09231d elementor-widget elementor-widget-heading" data-id="a09231d" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">Looking for reliable WordPress security you can depend on?</h2> </div> </div> <div class="elementor-element elementor-element-9e3b314 elementor-widget elementor-widget-text-editor" data-id="9e3b314" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p style="text-align: center;">The Sucuri platform monitors for indicators of compromise, malware, and blocklisting while our robust WAF helps secure your WordPress website.</p> </div> </div> <div class="elementor-element elementor-element-9359415 elementor-align-center elementor-mobile-align-center elementor-widget elementor-widget-button" data-id="9359415" data-element_type="widget" data-gatrack="Button_Click, WPSecurity_Guide_Learn_More" data-widget_type="button.default"> <div class="elementor-widget-container"> <div class="elementor-button-wrapper"> <a class="elementor-button elementor-button-link elementor-size-sm" href="https://sucuri.net/website-security-platform/signup-page/"> <span class="elementor-button-content-wrapper"> <span class="elementor-button-text">Get Protected</span> </span> </a> </div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-dd736d6 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="dd736d6" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-c4a3ce0" data-id="c4a3ce0" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-04cdabf elementor-widget elementor-widget-menu-anchor" data-id="04cdabf" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="update-wordpress-core"></div> </div> </div> <div class="elementor-element elementor-element-260ed43 elementor-widget elementor-widget-heading" data-id="260ed43" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">1.2 Keep WordPress Core Updated</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-fb2188c elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="fb2188c" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b66253c" data-id="b66253c" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-8dad938 elementor-widget elementor-widget-text-editor" data-id="8dad938" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <h4>How to update WordPress</h4><p>When a new WordPress update is available, you’ll be notified in the <strong>Dashboard > Updates</strong> menu.</p><p>You should always apply updates as soon as possible to keep your WordPress site safe & secure. Logging into your site on a frequent basis will ensure that you’re aware of updates as they are released. If you cannot update your site for any reason, consider using a website firewall to virtually patch the problem and minimize the risk.</p><p><strong>To set up automatic updates in WordPress:</strong></p><ol><li>Log into your server via SFTP or SSH.</li><li>Locate the wp-config.php file, normally located in the document root folder <strong>public_html.</strong></li><li>Add the following snippet to the file: define( ‘WP_AUTO_UPDATE_CORE’, true );</li></ol><p>Advanced users can refer to the <a href="https://codex.wordpress.org/Installing/Updating_WordPress_with_Subversion" target="_blank" rel="noopener">WordPress Codex’s guide on updates using subversion</a>.</p> </div> </div> <div class="elementor-element elementor-element-51309a7 elementor-widget elementor-widget-alert_sucuri" data-id="51309a7" data-element_type="widget" data-widget_type="alert_sucuri.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-alert-sucuri type-5"> <div class="alert-sucuri-flex sucuri-box"> <div class="right-content"> <div class="headingContent"> <p class="headingTitle">Note</p> </div> <div class="descriptionContent"> <p> </p><p>Some updates can break your website, so be sure to verify your site is fully operational after an update is applied.</p> </div> </div> </div> </div> </div> </div> <div class="elementor-element elementor-element-38a80f4 elementor-widget elementor-widget-text-editor" data-id="38a80f4" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p><strong>To manually apply updates in WordPress:</strong></p><ol><li>Log into your server via SFTP or SSH.</li><li>Manually remove the wp-admin and wp-includes directories</li><li>Replace the core files from the root directory, /wp-admin/ and /wp-includes/ using copies from the official WordPress repository.</li><li>Log into WordPress as an admin – you may see a prompt to update the database.</li><li>Click on <strong>Update WordPress Database</strong>.</li><li>Once the database has updated, navigate to <strong>Dashboard > Updates</strong>.<br />Apply any missing updates.</li><li>Open your website to verify it is operational.</li></ol> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-f2ae96a elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="f2ae96a" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-99addd3" data-id="99addd3" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-3cfb1ea elementor-widget elementor-widget-alert_sucuri" data-id="3cfb1ea" data-element_type="widget" data-widget_type="alert_sucuri.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-alert-sucuri type-4"> <div class="alert-sucuri-flex red-bg"> <div class="right-content"> <div class="headingContent"> <p class="headingTitle"><p>Caution</p></p> </div> <div class="descriptionContent"> <p> </p><p>Before updating your website to the latest version of WordPress, we recommend taking the following precautionary steps:</p><ol><li>Back up your website, especially any customized content. We recommend having a <a href="https://sucuri.net/website-backups/">daily backup service</a> for your website</li><li>Review the release notes to identify if changes will have any negative impact on your website.</li><li>Test the update on a development site to verify that your themes, plugins, and other extensions are compatible with the latest version.</li></ol> </div> </div> </div> </div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-12753d9 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="12753d9" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-4d87a77" data-id="4d87a77" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-e2f4ed7 elementor-widget elementor-widget-image" data-id="e2f4ed7" data-element_type="widget" data-widget_type="image.default"> <div class="elementor-widget-container"> <img fetchpriority="high" decoding="async" width="520" height="280" src="https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Database-Update.png" class="attachment-medium_large size-medium_large wp-image-9122" alt="" srcset="https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Database-Update.png 520w, https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Database-Update-300x162.png 300w" sizes="(max-width: 520px) 100vw, 520px" /> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-8ececfb elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="8ececfb" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3899320" data-id="3899320" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-8def84e elementor-widget elementor-widget-menu-anchor" data-id="8def84e" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="update-wordpress-plugins-themes"></div> </div> </div> <div class="elementor-element elementor-element-4a604df elementor-widget elementor-widget-text-editor" data-id="4a604df" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <h3>1.3 Keep WordPress Plugins Updated</h3> <p>WordPress may not be able to update the extension if it has been downloaded from a third-party website. If this is the case, you may need to manually update the plugin using FTP or use an included updater to keep your WordPress secure.</p> <p><strong>To manually apply updates for plugins in WordPress:</strong></p> <ol> <li>Verify compatibility between the plugin and your current WordPress version.</li> <li>Download the latest version of the plugin from an official source and save it on your local machine.</li> <li>Check for special update instructions from the plugin developer or vendor. If none exist, proceed with steps 4-9.</li> <li>Log into your server via SFTP or SSH.</li> <li>Navigate to <strong>/wp-content/plugins/</strong> and download this folder to your computer to serve as a backup.</li> <li>Locate the directory of the plugin you want to update and delete it from FTP.</li> <li>Upload the latest version to the same location.</li> <li>Log into WordPress as an admin and click <strong>Dashboard > Plugins</strong>.</li> <li>Locate the plugin you just updated from the list and click<strong> Activate</strong>.</li> </ol> <h3>1.4 Keep WordPress Themes Updated</h3> <p>Keeping themes updated is another important aspect of WordPress security. If you are not using a child/parent theme for customizations, you’ll need to copy your modifications to a new theme folder, then update it to FTP.</p> <p>To manually update themes in WordPress:</p> <ol> <li>Connect to your website using FTP and go to <strong>/wp-content/themes/</strong>, then download the current theme folder to your computer.</li> <li>Visit the theme’s website to download the latest version of the theme and save it on your local machine – you will now have two copies of the theme folder.</li> <li>Copy any customizations and code changes from your old theme and add them to the new theme files.</li> <li>Upload the newest version of the theme directory, complete with customizations to WordPress using FTP.</li> </ol> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-41e596c elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="41e596c" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-857b255" data-id="857b255" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-c56fa3c elementor-widget elementor-widget-alert_sucuri" data-id="c56fa3c" data-element_type="widget" data-widget_type="alert_sucuri.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-alert-sucuri type-1"> <div class="alert-sucuri-flex blue-bg"> <div class="right-content"> <div class="headingContent"> <p class="headingTitle"><p>Note</p></p> </div> <div class="descriptionContent"> <p> </p><p>If you are using a customized child theme that is inheriting functionality from a parent theme, then updating your theme is fairly straightforward. Simply overwrite your copy of the parent theme with the latest version from the official source. Your customizations will remain intact in the child theme.</p> </div> </div> </div> </div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-6395479 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="6395479" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3ddc865" data-id="3ddc865" data-element_type="column" data-settings="{"background_background":"classic"}"> <div class="elementor-widget-wrap elementor-element-populated"> <section class="elementor-section elementor-inner-section elementor-element elementor-element-9bbbf98 elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="9bbbf98" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-8b189c5" data-id="8b189c5" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-b36ab14 elementor-widget elementor-widget-menu-anchor" data-id="b36ab14" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="Step-2"></div> </div> </div> <div class="elementor-element elementor-element-81fe497 elementor-widget elementor-widget-heading" data-id="81fe497" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">2</h2> </div> </div> <div class="elementor-element elementor-element-954edb4 elementor-widget elementor-widget-heading" data-id="954edb4" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">Limit Access to Your WordPress Site</h2> </div> </div> </div> </div> </div> </section> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-4f023c3 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="4f023c3" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-18fe8b0" data-id="18fe8b0" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-711bc24 elementor-widget elementor-widget-text-editor" data-id="711bc24" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>Attackers frequently exploit weak user credentials to obtain access to WordPress websites. Locking down your WP Admin access can prevent hacking and secure your WordPress site. </p><p>By default WordPress does not limit access to the login page of your admin panel which renders it particularly vulnerable to <a href="https://sucuri.net/guides/what-is-brute-force-attack/" target="_blank" rel="noopener">brute force attacks</a>. Restricting access to this page is one of the most effective things you can do to help secure your website and reduce risk.</p><p>Increase security to your WordPress website by utilizing strong, unique passwords restricting the privileges available to users through assigned roles, enabling two-step or multi-factor authentication and limiting user sessions, you can reduce the risk of a website compromise by a bad actor.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-15af35e elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="15af35e" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-0a58105" data-id="0a58105" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-970c988 elementor-widget elementor-widget-menu-anchor" data-id="970c988" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="manage-user-accounts"></div> </div> </div> <div class="elementor-element elementor-element-b0b2839 elementor-widget elementor-widget-heading" data-id="b0b2839" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">2.1 Manage WordPress User Accounts</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-ef19448 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="ef19448" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3cc5942" data-id="3cc5942" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-f673464 elementor-widget elementor-widget-text-editor" data-id="f673464" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <h4>Remove Default WP-Admin</h4><p>A large majority of attacks target the <strong>wp-admin</strong>, <strong>wp-login.php</strong>, and <strong>xmlrpc.php</strong> access points by using a combination of common usernames and passwords. By using a unique username and removing the default admin account in your WordPress installation, you make it much more difficult for attackers to guess (brute force) their way into your website.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-e3d148f elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="e3d148f" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-6d7a189" data-id="6d7a189" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-763b39a elementor-widget elementor-widget-alert_sucuri" data-id="763b39a" data-element_type="widget" data-widget_type="alert_sucuri.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-alert-sucuri type-2"> <div class="alert-sucuri-flex green-bg"> <div class="right-content"> <div class="headingContent"> <p class="headingTitle"><p>Tip</p></p> </div> <div class="descriptionContent"> <p> </p><p>Create a nickname that's different from your existing username and set it as your public display name. This will make it more difficult for attackers to brute force your login credentials.</p> </div> </div> </div> </div> </div> </div> <div class="elementor-element elementor-element-d38d96b elementor-widget elementor-widget-text-editor" data-id="d38d96b" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <h4>User Roles & the Principle of Least Privilege</h4><p>The <a href="https://blog.sucuri.net/2017/04/the-principle-of-least-privilege.html">principle of least privilege</a> is composed of two very simple steps:</p><ul><li>Use the minimal set of privileges on a system in order to perform an action.</li><li>Grant privileges only for the exact duration that an action is necessary. </li></ul><p>With this concept in mind, WordPress includes built-in roles for Administrators, Authors, Editors, Contributors, and Subscribers. These roles specify what can and cannot be accomplished by a user.</p><h5>Follow these access control recommendations to secure WordPress:</h5><ul><li>Create new user accounts at the lowest level of permission.</li><li>Grant temporary permissions and revoke access when they are no longer needed.</li><li>Delete accounts that are no longer being used.</li><li>Ensure that the default user role is set to Subscriber:<ol><li>Log into WordPress as an <strong>Administrator</strong>.</li><li>Verify that your Subscriber permissions include only the ability to log in and update a profile.</li><li>From the Dashboard, select <strong>Settings > General</strong>.</li><li>Set the New User Default Role to <strong>Subscriber</strong>.</li></ol></li></ul><p>Every so often a vulnerability within a plugin or theme will surface which allows for low-level accounts such as subscribers or contributors to escalate privileges or compromise the website. So, even these accounts should be kept to minimum permissions for best security practices.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-2f8acd1 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="2f8acd1" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-49e5668" data-id="49e5668" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-3ae24ae elementor-widget elementor-widget-menu-anchor" data-id="3ae24ae" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="use-strong-passwords"></div> </div> </div> <div class="elementor-element elementor-element-68d4388 elementor-widget elementor-widget-heading" data-id="68d4388" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">2.2 Use Strong Passwords</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-b42c061 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="b42c061" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1e785b9" data-id="1e785b9" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-5223bbb elementor-widget elementor-widget-text-editor" data-id="5223bbb" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>WordPress password security is an important factor in hardening your website and increasing your WP admin security. Password lists are often used by attackers to brute force WordPress websites. This is why you should always use strong, unique passwords for all of your accounts to improve the security of your WP site.</p><p>Strong passwords should meet the following standards:</p><ul><li>At least 1 uppercase character</li><li>At least 1 lowercase character</li><li>At least 1 digit</li><li>At least 1 special character</li><li>At least 10 characters, (the longer the better) with no more than two identical characters in a row</li></ul> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-f0bf6de elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="f0bf6de" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-5d6de5f" data-id="5d6de5f" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-ca43b9f elementor-widget elementor-widget-alert_sucuri" data-id="ca43b9f" data-element_type="widget" data-widget_type="alert_sucuri.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-alert-sucuri type-1"> <div class="alert-sucuri-flex blue-bg"> <div class="right-content"> <div class="headingContent"> <p class="headingTitle"><p>Note</p></p> </div> <div class="descriptionContent"> <p> </p><p>Using a password generator to generate a randomized string of letters and numbers is one of the simplest ways to create a secure password.</p> </div> </div> </div> </div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-b416a6a elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="b416a6a" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-336fc4c" data-id="336fc4c" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-3196276 elementor-widget elementor-widget-image" data-id="3196276" data-element_type="widget" data-widget_type="image.default"> <div class="elementor-widget-container"> <img decoding="async" width="492" height="579" src="https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Password-Generation.png" class="attachment-medium_large size-medium_large wp-image-9121" alt="" srcset="https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Password-Generation.png 492w, https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Password-Generation-255x300.png 255w" sizes="(max-width: 492px) 100vw, 492px" /> </div> </div> <div class="elementor-element elementor-element-022d555 elementor-widget elementor-widget-text-editor" data-id="022d555" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p style="text-align: center;">Password Generation Options</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-f0784e7 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="f0784e7" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-40a102b" data-id="40a102b" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-b1269e8 elementor-widget elementor-widget-alert_sucuri" data-id="b1269e8" data-element_type="widget" data-widget_type="alert_sucuri.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-alert-sucuri type-1"> <div class="alert-sucuri-flex blue-bg"> <div class="right-content"> <div class="headingContent"> <p class="headingTitle"><p>Note</p></p> </div> <div class="descriptionContent"> <p> </p><p>Using a password generator to generate a randomized string of letters and numbers is one of the simplest ways to create a secure password.</p> </div> </div> </div> </div> </div> </div> <div class="elementor-element elementor-element-a0733a2 elementor-widget elementor-widget-text-editor" data-id="a0733a2" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <h4>Use Two Factor Identification (2FA) / Multi Factor Identification (MFA)</h4><p>Two-factor authentication provides a second level of security for your WordPress account. This feature requires a user to approve a login via an app and protects your WordPress account in the event that someone is able to guess your password.</p><p><strong>How to add 2FA to WordPress using Google Authenticator:</strong></p><ol><li>Download and install Google Authenticator on your <a href="https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8">iPhone</a> or <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en">Android</a>.</li><li>Install and activate a 2FA plugin for WordPress like <a href="https://wordpress.org/plugins/miniorange-2-factor-authentication/">miniOrange’s 2FA</a>.</li><li>Select <strong>miniOrange 2-Factor</strong> from the left menu and follow the instructions.</li><li>Once you have obtained your QR code, open Google Authenticator and click on the Add button on the bottom-right hand side of the application.</li><li>Scan the QR code displayed by the plugin using your phone’s camera.</li><li>Verify the code on the plugin page.</li></ol><p><strong>Sucuri’s Website Security Platform</strong> includes a feature that helps you easily password protect or implement 2FA on any page of your website.</p><p>To add 2FA to any page on your website using Sucuri:</p><ol><li>Download and install Google Authenticator on your <a href="https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8">iPhone</a> or <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en">Android</a>.</li><li>Log into the <a href="https://dashboard.sucuri.net/login/">Sucuri Dashboard</a> and navigate to <strong>Website Firewall</strong>.</li><li>Click on the website you would like to protect, then select <strong>Access Control</strong> from the top navigation.</li><li>Enter the page name that you would like to protect (ie. /wp-login.php), then select 2FA with Google Auth from the drop-down menu.</li><li>Click <strong>Protect Page</strong> and scan the QR code with your mobile device using Google Authenticator.</li></ol> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-881d80a elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="881d80a" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-e90e883" data-id="e90e883" data-element_type="column"> <div class="elementor-widget-wrap"> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-e68b508 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="e68b508" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-9f25d80" data-id="9f25d80" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-107d90d elementor-widget elementor-widget-image" data-id="107d90d" data-element_type="widget" data-widget_type="image.default"> <div class="elementor-widget-container"> <img decoding="async" width="640" height="234" src="https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Add-2fa-768x281.png" class="attachment-medium_large size-medium_large wp-image-9120" alt="" srcset="https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Add-2fa-768x281.png 768w, https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Add-2fa-300x110.png 300w, https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Add-2fa.png 800w" sizes="(max-width: 640px) 100vw, 640px" /> </div> </div> <div class="elementor-element elementor-element-dbc9877 elementor-widget elementor-widget-text-editor" data-id="dbc9877" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p style="text-align: center;">Add 2FA with Sucuri</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-02aae52 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="02aae52" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-9b37d6b" data-id="9b37d6b" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-caeaf3c elementor-widget elementor-widget-menu-anchor" data-id="caeaf3c" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="limit-login-attempts"></div> </div> </div> <div class="elementor-element elementor-element-b78b230 elementor-widget elementor-widget-heading" data-id="b78b230" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">2.3 Limit WordPress Login Attempts</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-9cd84b9 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="9cd84b9" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-6f499d9" data-id="6f499d9" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-b18ea28 elementor-widget elementor-widget-text-editor" data-id="b18ea28" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>WordPress allows users to attempt a login unlimited times by default, but this leaves your site vulnerable to brute force attacks as hackers try to attempt different password combinations.</p><p>You can add an extra layer of security by limiting the number of login attempts against an account through a plugin, or by using a Web Application Firewall (WAF).</p><p>Some popular plugins that provide you with this feature include Limit <a href="https://en-ca.wordpress.org/plugins/limit-login-attempts/">Login Attempts</a>, <a href="https://en-ca.wordpress.org/plugins/wp-limit-login-attempts/">WP Limit Login Attempts</a>, and <a href="https://en-ca.wordpress.org/plugins/loginizer/">Loginizer</a>.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-dfa5ea8 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="dfa5ea8" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-a268fb9" data-id="a268fb9" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-932e5ea elementor-widget elementor-widget-menu-anchor" data-id="932e5ea" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="use-captchas"></div> </div> </div> <div class="elementor-element elementor-element-b267c11 elementor-widget elementor-widget-heading" data-id="b267c11" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">2.4 Use Pre-login CAPTCHAs</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-3695a3e elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="3695a3e" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-0ae9cfe" data-id="0ae9cfe" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-ac27b52 elementor-widget elementor-widget-text-editor" data-id="ac27b52" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>The acronym stands for <strong>Completely Automated Public Turing test to tell Computers and Humans Apart</strong>. This feature is extremely useful for stopping automated bots from accessing your WordPress dashboard, as well as submitting unwanted spam through forms.</p><p>Popular plugins that add a CAPTCHA to your WordPress login page include <a href="https://en-ca.wordpress.org/plugins/captcha/">Captcha</a> and <a href="https://en-ca.wordpress.org/plugins/really-simple-captcha/">Really Simple Captcha</a>.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-2ffd799 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="2ffd799" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-543d6ae" data-id="543d6ae" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-2ac43ca elementor-widget elementor-widget-image" data-id="2ac43ca" data-element_type="widget" data-widget_type="image.default"> <div class="elementor-widget-container"> <img loading="lazy" decoding="async" width="314" height="125" src="https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Captcha.png" class="attachment-medium_large size-medium_large wp-image-9119" alt="" srcset="https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Captcha.png 314w, https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Captcha-300x119.png 300w" sizes="(max-width: 314px) 100vw, 314px" /> </div> </div> <div class="elementor-element elementor-element-ea59553 elementor-widget elementor-widget-text-editor" data-id="ea59553" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p style="text-align: center;">Pre-Login Captchas</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-6054780 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="6054780" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-e7c32f9" data-id="e7c32f9" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-4560c13 elementor-widget elementor-widget-menu-anchor" data-id="4560c13" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="restrict-access-urls"></div> </div> </div> <div class="elementor-element elementor-element-dd7b265 elementor-widget elementor-widget-heading" data-id="dd7b265" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">2.5 Restrict access to authenticated URLs</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-f0bbc27 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="f0bbc27" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-0179e28" data-id="0179e28" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-cd35fa7 elementor-widget elementor-widget-text-editor" data-id="cd35fa7" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>Limiting the access to your WordPress login page to only authorized IP’s will prevent unauthorized entries and better secure your site.</p><p>There are plugins available that can do this. If you are using a cloud-based WAF like the <a href="https://sucuri.net/website-firewall/">Sucuri Firewall</a>, you can restrict access to these URL’s via your dashboard without having to mess around with .htaccess files.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-010ec53 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="010ec53" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-633fbc8" data-id="633fbc8" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-524e1c6 elementor-widget elementor-widget-image" data-id="524e1c6" data-element_type="widget" data-widget_type="image.default"> <div class="elementor-widget-container"> <figure class="wp-caption"> <img loading="lazy" decoding="async" width="605" height="217" src="https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Allowlist.png" class="attachment-large size-large wp-image-9118" alt="" srcset="https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Allowlist.png 605w, https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-A-Wordpress-Guide-Allowlist-300x108.png 300w" sizes="(max-width: 605px) 100vw, 605px" /> <figcaption class="widget-image-caption wp-caption-text">Allowlist IP addresses with the <a href="https://sucuri.net/website-firewall/">Sucuri firewall</a>. </figcaption> </figure> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-cb07276 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="cb07276" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-4e9bb35" data-id="4e9bb35" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-99227a3 elementor-widget elementor-widget-menu-anchor" data-id="99227a3" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="Step-3"></div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-48ce268 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="48ce268" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b80ea4c" data-id="b80ea4c" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <section class="elementor-section elementor-inner-section elementor-element elementor-element-222d1ba elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="222d1ba" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-3306c15" data-id="3306c15" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-a74c436 elementor-widget elementor-widget-heading" data-id="a74c436" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">3</h2> </div> </div> <div class="elementor-element elementor-element-eb286ef elementor-widget elementor-widget-heading" data-id="eb286ef" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">Set Up WordPress Monitoring & Detection</h2> </div> </div> </div> </div> </div> </section> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-52d386d elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="52d386d" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b35d986" data-id="b35d986" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-94d7aad elementor-widget elementor-widget-text-editor" data-id="94d7aad" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>In the field of Information Security (InfoSec) we like to use the phrase <strong>defense in depth</strong>. To appreciate this ideology, you have to subscribe to a very simple principle: <strong>There is no 100% complete solution capable of protecting any environment</strong>.</p><p>In this section, we’ve listed a number of solutions you can employ on your WordPress website to provide an effective defense in depth strategy. By layering these defensive controls, you’ll be able to identify and mitigate attacks against your website.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-530de42 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="530de42" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-9c25251" data-id="9c25251" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-fc45b48 elementor-widget elementor-widget-menu-anchor" data-id="fc45b48" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="security-plugins"></div> </div> </div> <div class="elementor-element elementor-element-a27b65f elementor-widget elementor-widget-heading" data-id="a27b65f" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">3.1 WordPress Security Plugins</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-dcad2c9 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="dcad2c9" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-59b115c" data-id="59b115c" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-ae3e9a5 elementor-widget elementor-widget-text-editor" data-id="ae3e9a5" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>If you go to the <a href="https://wordpress.org/plugins/">official WordPress repository</a> and do a quick search for “security”, you will find thousands of plugins with distinct categorizations and feature sets. If you’re looking for a smaller list, be sure to check out our list of the <a href="https://sucuri.net/wordpress-security-plugin/">best WordPress security plugins</a> to help keep your website safe.</p><p>We’ll break down the categories and explain their importance so you can find the right solutions for your needs.</p><h4>WordPress Security Plugin – Prevention Category</h4><p>These plugins look to provide some level of prevention, otherwise known as a perimeter defense for your website. Their objective is to stop hacks from happening by filtering incoming traffic.</p><p>Prevention plugins are often limited to working at the application layer, meaning the attack has to hit the WordPress application for them to respond. Attacks against server software cannot be prevented with security plugins, which is why we recommend considering a cloud-based WAF instead.</p><h4>WordPress Security Plugin – Detection Category</h4><p>Protection is great for known issues, but not so great for the unknown. Being able to detect anything that gets past your perimeter defense is extremely valuable, which is where detection comes into play.</p><p>These plugins will attempt to identify intruders through File Integrity Checks, scanning for indicators of compromise, or a combination of the two mechanisms.</p><p>The effectiveness of these plugins is strictly determined by the order in which they are installed. For instance, if the plugin is based on integrity checks, then it needs to be installed on a fresh, known-good environment so that it can create a baseline to check from to keep your WordPress secure.</p><p>Some plugins may compare known third-party themes and plugins to their own repository in order to work with websites that have already been compromised, but these are not compatible with customized or little-known files.</p> </div> </div> <div class="elementor-element elementor-element-8bc6934 elementor-widget elementor-widget-alert_sucuri" data-id="8bc6934" data-element_type="widget" data-widget_type="alert_sucuri.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-alert-sucuri type-1"> <div class="alert-sucuri-flex blue-bg"> <div class="right-content"> <div class="headingContent"> <p class="headingTitle"><p>Tip</p></p> </div> <div class="descriptionContent"> <p> </p><p>Detection plugins are important in identifying if something has gone wrong on your website. These tools ensure that you’re informed when a security incident occurs.</p> </div> </div> </div> </div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-acbacc2 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="acbacc2" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-beffb9b" data-id="beffb9b" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-f56e7fc elementor-widget elementor-widget-text-editor" data-id="f56e7fc" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <h4>WordPress Security Plugin – Auditing Category</h4><p>Contrary to popular belief, WordPress security is not a set it and forget it undertaking. You have to invest time into the process and get acclimated with what is going on, who is logging in, what is changing, and when the changes are being made.</p><p>Auditing plugins can help you answer the questions above by offering basic administration features that help you identify, thwart, or respond to a compromise.</p><h4>WordPress Security Plugin – Utility Category</h4><p>This is perhaps the most diverse bucket of the entire WordPress Security Plugin ecosystem. Some plugins are those we consider to be the Swiss Army knives of the security landscape. These utility plugins have a much smaller set of functionality.</p><p>These plugins can be exhaustive in their security configuration options. They have every possible configuration you could or might ever want to employ and are best suited for users who like to tinker or want the ability to configure specific options to meet their needs. For example, some security plugins simply disable XML-RPC or move your login page.</p><p>We also reserve this category for toolsets like backups or maintenance plugins that address specific security functions.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-8c66ae0 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="8c66ae0" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1f3c351" data-id="1f3c351" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-c114a19 elementor-widget elementor-widget-menu-anchor" data-id="c114a19" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="hosting-security"></div> </div> </div> <div class="elementor-element elementor-element-bf91212 elementor-widget elementor-widget-heading" data-id="bf91212" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">3.2 Website Hosting Security</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-b1ebe2b elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="b1ebe2b" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-c05c172" data-id="c05c172" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-d2a29f4 elementor-widget elementor-widget-text-editor" data-id="d2a29f4" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>Website hosting security has matured in recent years, and it’s a complex topic.</p><p>Most hosts provide the security you require at various levels in the stack, but not for the website itself. There are a number of hosting providers that offer security for an additional fee, but unless you’ve purchased a security product from them, it’s unlikely that they’ll resolve a compromise for you.</p><p>There are four main hosting environments that can be used for your WordPress installation:</p><ul><li>Shared Hosting Environments</li><li>Virtual Private Server (VPS) Environments</li><li>Managed Hosting Environments</li><li>Dedicated Servers</li></ul><p>In theory, the environments that remove the most dependency from the user will offer the most security. If you have the time and skill to secure your own environment, then you have more options but also more responsibility.</p><p>In reality, however, the type of hosting environment you choose should be dictated by your needs and expertise:</p><ul><li>If you’re someone that has little understanding of how websites work, then it’s in your best interest to go with a managed environment.</li><li>If you’re an organization with your own network operations center (NOC), information security operations center (SOC), or dedicated sysadmins, then a VPS or dedicated server provides better isolation of your environment (assuming it’s properly configured).</li></ul><p>You can also initiate a conversation with your hosting provider to identify what their stance is on security. Some key points should be addressed:</p><ul><li>What security precautions are they taking to protect your website (not just their server)?</li><li>What actions will they take if they identify malware on one of your websites?</li><li>How often do they look for malware?</li><li>Do they offer incident response services?</li><li>Will you need to reach out to a third party if your site is hacked?</li></ul><h4>SFTP/SSH Connections</h4><p>Secure file transfer to and from your server is an important facet of website security in your hosting environment. Encryption ensures that any data sent is protected from prying eyes who may be sniffing your network traffic.</p><p>We recommend using one of the following methods to connect to your server and keep your WordPress secure:</p><p><strong>SSH</strong>: Secure Socket Shell is a secure network protocol and the most common way of safely administering remote servers. With Secure Socket Shell, any kind of authentication, including password authentication and file transfers, is completely encrypted.</p><p><strong>SFTP</strong>: SSH File Transfer Protocol is an extension of SSH and allows authentication over a secure channel. If you are using FileZilla or some other FTP client, you can often select SFTP instead. The default port for SFTP in most FTP services is 22.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-9fad9fc elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="9fad9fc" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-e897864" data-id="e897864" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-41835ec elementor-widget elementor-widget-alert_sucuri" data-id="41835ec" data-element_type="widget" data-widget_type="alert_sucuri.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-alert-sucuri type-3"> <div class="alert-sucuri-flex yellow-bg"> <div class="right-content"> <div class="headingContent"> <p class="headingTitle"><p>Note</p></p> </div> <div class="descriptionContent"> <p>Use carefully isolated FTP and user accounts on Shared Server environments to prevent cross-site contamination.</p> </div> </div> </div> </div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-dba0d7d elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="dba0d7d" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-513f1fe" data-id="513f1fe" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-aa28298 elementor-widget elementor-widget-menu-anchor" data-id="aa28298" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="backup-wordpress"></div> </div> </div> <div class="elementor-element elementor-element-84e9a86 elementor-widget elementor-widget-heading" data-id="84e9a86" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">3.3 Backup your WordPress website</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-c63a6a4 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="c63a6a4" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-af078eb" data-id="af078eb" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-21d9eaf elementor-widget elementor-widget-text-editor" data-id="21d9eaf" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>Maintaining backups of your WordPress site should be one of the most important recurring tasks for an administrator in order to improve security.</p><p>A good set of backups can save your website when absolutely everything else has gone wrong. If a malicious attacker decides they want to wipe all your site files or corrupts your site files with their buggy scripts, the damage can be undone by restoring your site from your backups.</p><p>There are four key requirements for employing a <a href="https://sucuri.net/website-backups/">successful backup solution:</a></p><ol><li><strong>Offsite Location:</strong> Your backups should be stored offsite and not on the same server as your website. Backups stored on your web server pose a serious security risk because they often contain old unpatched software with vulnerabilities, and due to their publicly-accessible location, anyone can exploit them to attack your live website. Off-site backups also help protect against hardware failure. If your web server hard drive fails, you can easily lose all your data – the live site and the backups.</li><li><strong>Automatic:</strong> Backup systems should be completely automated to ensure that backups are made on a regular basis. Humans are lazy and forgetful so you can mitigate user error through automation. If a manual solution is your only option, then make sure you schedule a time to perform the backups regularly.</li><li><strong>Redundant:</strong> <a href="https://www.zdnet.com/article/follow-schofields-three-laws-of-computing-and-avoid-disasters/">Schofield’s Second Law of Computing</a> states that data doesn’t exist unless there are at least two copies of it. This means that your backup strategy has to include redundancy or backups of your backups.</li><li><strong>Tested & True:</strong> Make sure that the restore process actually works. Start with an empty web directory and then make sure you can use those backups to get all your data back and the website back online with a test domain using nothing but the backup file.</li></ol> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-92ef7f6 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="92ef7f6" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7f46777" data-id="7f46777" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-d6194f8 elementor-widget elementor-widget-menu-anchor" data-id="d6194f8" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="intrusion-detection-tools"></div> </div> </div> <div class="elementor-element elementor-element-3863a83 elementor-widget elementor-widget-heading" data-id="3863a83" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">3.4 Intrusion Detection Tools</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-4226229 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="4226229" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2444a72" data-id="2444a72" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-015582c elementor-widget elementor-widget-text-editor" data-id="015582c" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>There are a number of tools you can use to help identify when something has gone wrong on your website. To help you respond quickly to a security breach, employ a tool that includes the following services.</p><h4>Integrity Monitoring</h4><p>Integrity checks are an important aspect of auditing your WordPress installation and can give you an early warning of an intrusion on your website.</p><p>File Integrity Monitoring tools are normally installed on a server where they create a baseline cryptographic checksum of the critical files and registry entries. If a file or record is modified in any way, you’ll receive a notification of the changes.</p><p>You can install the <a href="https://sucuri.net/wordpress-security-plugin/">free Sucuri Scanner plugin for WordPress </a>to use our core file integrity monitoring system.</p><h4>Auditing / Alerts</h4><p>Auditing tools give you visibility into user activity on the website.</p><p>As the administrator of your website you should be asking questions like:</p><ol><li>Who is logging in?</li><li>Should they be logging in?</li><li>Why are they changing that post?</li><li>Why are they logging in when they should be sleeping?</li><li>Who installed that plugin?</li></ol><p>We cannot stress enough the importance of logging activity. Use a tool that logs and alerts you of any actions taken on your website, including:</p><ol><li>User authentication success and failures</li><li>User creation/removal</li><li>File uploads</li><li>Post and page creation</li><li>Post and page publishing</li><li>Widget modification/activation</li><li>Plugin installation</li><li>Theme modifications</li><li>Settings modifications</li></ol><h4>Create a Response and Recovery Plan</h4><p>Response and recovery aren’t just about responding to a compromise or incident, it’s about analyzing the impacts of an attack to understand what happened, and implementing controls to prevent it from happening again.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-e8b67fb elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="e8b67fb" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1172acb" data-id="1172acb" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-9575b63 elementor-widget elementor-widget-image" data-id="9575b63" data-element_type="widget" data-widget_type="image.default"> <div class="elementor-widget-container"> <figure class="wp-caption"> <img loading="lazy" decoding="async" width="640" height="519" src="https://sucuri.net/wp-content/uploads/2023/02/sucuri-wordpress-plugin-example-768x623.png" class="attachment-medium_large size-medium_large wp-image-10385" alt="Sucuri WordPress Plugin Core WordPress Files Modified" srcset="https://sucuri.net/wp-content/uploads/2023/02/sucuri-wordpress-plugin-example-768x623.png 768w, https://sucuri.net/wp-content/uploads/2023/02/sucuri-wordpress-plugin-example-300x243.png 300w, https://sucuri.net/wp-content/uploads/2023/02/sucuri-wordpress-plugin-example.png 985w" sizes="(max-width: 640px) 100vw, 640px" /> <figcaption class="widget-image-caption wp-caption-text">WordPress integrity monitoring alerts with the Sucuri WordPress plugin. </figcaption> </figure> </div> </div> <div class="elementor-element elementor-element-c4dc3e7 elementor-widget elementor-widget-text-editor" data-id="c4dc3e7" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <h3><strong><a style="color: #028673;">Secure & Clean Your WordPress Website</a></strong></h3><div> </div><p>We actively maintain a free <a href="https://sucuri.net/comparison-best-wordpress-security-plugin/">WordPress Security Plugin</a> that includes all of the features listed above to enhance security and identify indicators of compromise in your enviroment.</p><p>If you believe your WordPress site has been hacked, read our <a href="https://sucuri.net/guides/how-to-clean-hacked-wordpress">How to Clean a Hacked WordPress</a> guide or reach out to our Malware Removal team. <a href="https://sucuri.net/website-malware-removal/">Our professional Security Analysts are available 24/7/365</a>.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-d7fbc32 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="d7fbc32" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-f81a535" data-id="f81a535" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <section class="elementor-section elementor-inner-section elementor-element elementor-element-7fdac4a elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="7fdac4a" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-ce09949" data-id="ce09949" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-74b3838 elementor-widget elementor-widget-menu-anchor" data-id="74b3838" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="Step-4"></div> </div> </div> <div class="elementor-element elementor-element-7b14678 elementor-widget elementor-widget-heading" data-id="7b14678" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">4</h2> </div> </div> <div class="elementor-element elementor-element-5c62b8a elementor-widget elementor-widget-heading" data-id="5c62b8a" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">Harden Your WordPress Site</h2> </div> </div> <div class="elementor-element elementor-element-c77be02 elementor-widget elementor-widget-alert_sucuri" data-id="c77be02" data-element_type="widget" data-widget_type="alert_sucuri.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-alert-sucuri type-4"> <div class="alert-sucuri-flex red-bg"> <div class="right-content"> <div class="headingContent"> <p class="headingTitle"><p>Caution</p></p> </div> <div class="descriptionContent"> <p>The following recommendations are for server administrators with knowledge of how these files work. If you do not feel comfortable with these suggestions, we recommend using a <a href="https://blog.sucuri.net/2022/09/a-guide-to-virtual-patching-for-website-vulnerabilities.html" target="_blank" rel="noopener">website firewall that includes virtual hardening</a> instead.</p> </div> </div> </div> </div> </div> </div> </div> </div> </div> </section> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-354f6ef elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="354f6ef" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-e0a845a" data-id="e0a845a" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-87ee6af elementor-widget elementor-widget-menu-anchor" data-id="87ee6af" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="secure-htaccess"></div> </div> </div> <div class="elementor-element elementor-element-76676a3 elementor-widget elementor-widget-heading" data-id="76676a3" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">4.1 Secure .htacccess Configurations</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-389289c elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="389289c" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-52ce1ae" data-id="52ce1ae" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-e99cb50 elementor-widget elementor-widget-text-editor" data-id="e99cb50" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>The .htaccess file is what most vendors will modify when they say they are hardening your WordPress environment.</p><p>This critical configuration file is specific for web servers running on Apache. If you’re running your WordPress instance on a LAMP stack using Apache, then we recommend hardening your site by updating your .htaccess file with the following rules.</p> </div> </div> <div class="elementor-element elementor-element-3e95a51 elementor-widget elementor-widget-alert_sucuri" data-id="3e95a51" data-element_type="widget" data-widget_type="alert_sucuri.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-alert-sucuri type-1"> <div class="alert-sucuri-flex blue-bg"> <div class="right-content"> <div class="headingContent"> <p class="headingTitle"><p>Note</p></p> </div> <div class="descriptionContent"> <p>Some of the rules below are dependent on the version of Apache you are running. In those cases, we have included instructions for both versions 2.2 and 2.4 of Apache Server.</p> </div> </div> </div> </div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-55ec841 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="55ec841" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-c3cbd44" data-id="c3cbd44" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-35fb834 elementor-widget elementor-widget-heading" data-id="35fb834" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">/.HTACCESS</h3> </div> </div> </div> </div> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-5646b54" data-id="5646b54" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-edc3231 elementor-widget elementor-widget-heading" data-id="edc3231" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">Rule Explanation</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-60bbfb4 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="60bbfb4" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-1cfbfea" data-id="1cfbfea" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-57dd6e5 elementor-widget elementor-widget-code-highlight" data-id="57dd6e5" data-element_type="widget" data-widget_type="code-highlight.default"> <div class="elementor-widget-container"> <div class="prismjs-default copy-to-clipboard "> <pre data-line="" class="highlight-height language-json line-numbers"> <code readonly="true" class="language-json"> <xmp># BEGIN WordPress # Rewrite rule <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ – [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress</xmp> </code> </pre> </div> </div> </div> </div> </div> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-b95649e" data-id="b95649e" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-9b3b46e elementor-widget elementor-widget-text-editor" data-id="9b3b46e" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p><strong>Rewrite Rule:</strong></p><p>This rule is generated by WordPress if it has write access to your server, most notably to fix issues with pretty permalinks.</p><p>If it isn’t at the top of your file, place at the top of your .htaccess file. Any other rules should go after the # BEGIN WordPress and # END WordPress statements.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-276820a elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="276820a" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-11e1ebb" data-id="11e1ebb" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-a5f3cb2 elementor-widget elementor-widget-code-highlight" data-id="a5f3cb2" data-element_type="widget" data-widget_type="code-highlight.default"> <div class="elementor-widget-container"> <div class="prismjs-default copy-to-clipboard "> <pre data-line="" class="highlight-height language-json line-numbers"> <code readonly="true" class="language-json"> <xmp># Block IPs for login Apache 2.2 <files /wp-login.php> order deny, allow allow from MYIP allow from MYIPIP2 deny from all </files> # Block IPS for login Apache 2.4 <Files “wp-login.php”> Require all denied </Files></xmp> </code> </pre> </div> </div> </div> </div> </div> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-08d5817" data-id="08d5817" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-4defbfc elementor-widget elementor-widget-text-editor" data-id="4defbfc" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p><strong>Restrict Logins to IP Range</strong></p><p>This rule restricts access to wp-login.php to an IP, protecting you from unauthorized login attempts in other locations. Even if you do not have a static IP, you can still restrict logins to your ISP common range.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-1b8cdcb elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="1b8cdcb" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-4ca17eb" data-id="4ca17eb" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-b549edc elementor-widget elementor-widget-code-highlight" data-id="b549edc" data-element_type="widget" data-widget_type="code-highlight.default"> <div class="elementor-widget-container"> <div class="prismjs-default copy-to-clipboard "> <pre data-line="" class="highlight-height language-json line-numbers"> <code readonly="true" class="language-json"> <xmp><FilesMatch "wp-config\.php"> Require all denied </FilesMatch"> </xmp> </code> </pre> </div> </div> </div> </div> </div> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-0f550be" data-id="0f550be" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-1641135 elementor-widget elementor-widget-text-editor" data-id="1641135" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p><strong>Protect wp-config.php</strong></p><p>This rule restricts visitors from accessing your wp-config.php file, which contains sensitive database information, including name, host, username and password. It also defines advanced settings, security keys and developer options.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-c7edd56 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="c7edd56" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-340fe72" data-id="340fe72" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-085245f elementor-widget elementor-widget-code-highlight" data-id="085245f" data-element_type="widget" data-widget_type="code-highlight.default"> <div class="elementor-widget-container"> <div class="prismjs-default copy-to-clipboard "> <pre data-line="" class="highlight-height language-json line-numbers"> <code readonly="true" class="language-json"> <xmp># Prevent directory browsing Options All -Indexes</xmp> </code> </pre> </div> </div> </div> </div> </div> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-0ff1d06" data-id="0ff1d06" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-09ce9e1 elementor-widget elementor-widget-text-editor" data-id="09ce9e1" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p><strong>Prevent Directory Browsing</strong></p><p>This rule prevents attackers from viewing the folder contents of your website, restricting the information they have to exploit your website.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-b461b08 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="b461b08" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-b1928bf" data-id="b1928bf" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-57774aa elementor-widget elementor-widget-code-highlight" data-id="57774aa" data-element_type="widget" data-widget_type="code-highlight.default"> <div class="elementor-widget-container"> <div class="prismjs-default copy-to-clipboard "> <pre data-line="" class="highlight-height language-json line-numbers"> <code readonly="true" class="language-json"> <xmp># Prevent image hotlinking RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} \ !^http://(www\.)example.com/.*$ [NC] RewriteRule \.(gif|jpg|jpeg|bmp|png)$ – [NC,F,L]</xmp> </code> </pre> </div> </div> </div> </div> </div> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-a5ac188" data-id="a5ac188" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-fc70681 elementor-widget elementor-widget-text-editor" data-id="fc70681" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p><strong>Prevent Image Hotlinking</strong></p><p>This rule prevents other websites from using images hosted on your website. While hotlinking won’t get your site hacked, it can result in a damaging exploitation of your server resources. Change example.com to your website.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-55c411d elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="55c411d" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-8a59613" data-id="8a59613" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-8d93d25 elementor-widget elementor-widget-code-highlight" data-id="8d93d25" data-element_type="widget" data-widget_type="code-highlight.default"> <div class="elementor-widget-container"> <div class="prismjs-default copy-to-clipboard "> <pre data-line="" class="highlight-height language-json line-numbers"> <code readonly="true" class="language-json"> <xmp># Protect htaccess Apache 2.2 <files ~ “^.*\.([Hh][Tt][Aa])”> order allow, deny deny from all satisfy all </files> # Protect htaccess Apache 2.4 <FilesMatch “^.*\.([Hh][Tt][Aa])”> Require all denied </FilesMatch></xmp> </code> </pre> </div> </div> </div> </div> </div> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-c4d6305" data-id="c4d6305" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-1b5f7ca elementor-widget elementor-widget-text-editor" data-id="1b5f7ca" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p><strong>Protect .htaccess</strong></p><p>This rule prevents attackers from accessing any files that start with “hta” – this ensures that .htaccess files are protected in all of the directories of your server.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-8d288da elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="8d288da" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-c93b340" data-id="c93b340" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-f52f596 elementor-widget elementor-widget-code-highlight" data-id="f52f596" data-element_type="widget" data-widget_type="code-highlight.default"> <div class="elementor-widget-container"> <div class="prismjs-default copy-to-clipboard "> <pre data-line="" class="highlight-height language-json line-numbers"> <code readonly="true" class="language-json"> <xmp># Block Includes <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^wp-admin/includes/ – [F,L] RewriteRule !^wp-includes/ – [S=3] RewriteRule ^wp-includes/[^/]+\.php$ – [F,L] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php \ – [F,L] RewriteRule ^wp-includes/theme-compat/ – [F,L] </IfModule></xmp> </code> </pre> </div> </div> </div> </div> </div> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-c9c68de" data-id="c9c68de" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-4c0494e elementor-widget elementor-widget-text-editor" data-id="4c0494e" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p><strong>Block Includes</strong></p><p>This rule blocks hackers from inserting malicious files into any of the four primary folders used for includes:</p><p>/wp-admin/includes/<br />/wp-includes<br />/wp-includes/js/tinymce/langs/<br />/wp-includes/theme-compat/</p><p><br />If you run a multisite instance of WordPress, these directives may cause issues. Always test and use caution.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-6d1b6ea elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="6d1b6ea" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-3a8bc44" data-id="3a8bc44" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-ee95f37 elementor-widget elementor-widget-heading" data-id="ee95f37" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">/WP-INCLUDES/.HTACCESS &</br></br> /WP-CONTENT/UPLOADS/.HTACCESS</h3> </div> </div> </div> </div> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-b729a0c" data-id="b729a0c" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-cba5152 elementor-widget elementor-widget-heading" data-id="cba5152" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">Rule Explanation</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-f06fffa elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="f06fffa" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-3228265" data-id="3228265" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-0844a59 elementor-widget elementor-widget-code-highlight" data-id="0844a59" data-element_type="widget" data-widget_type="code-highlight.default"> <div class="elementor-widget-container"> <div class="prismjs-default copy-to-clipboard "> <pre data-line="" class="highlight-height language-json line-numbers"> <code readonly="true" class="language-json"> <xmp># Backdoor Protection Apache 2.2 <Files *.php> deny from all </Files> # Backdoor Protection Apache 2.4 <FilesMatch “.+\.php$”> Require all denied </FilesMatch></xmp> </code> </pre> </div> </div> </div> </div> </div> <div class="elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-4f6ae4e" data-id="4f6ae4e" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-8293e78 elementor-widget elementor-widget-text-editor" data-id="8293e78" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p><strong>Prevent PHP Backdoors</strong></p><p>This rule prevents hackers from placing PHP backdoors in the <strong>/wp-includes/</strong> and <strong>/wp-content/uploads/</strong> folders, two popular locations for malicious file uploads.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-1cf57cf elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="1cf57cf" data-element_type="section" data-settings="{"background_background":"gradient"}"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-86e9458" data-id="86e9458" data-element_type="column" data-settings="{"background_background":"classic"}"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-a6f9527 elementor-widget elementor-widget-heading" data-id="a6f9527" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">Security from WordPress threats and malware.</h2> </div> </div> <div class="elementor-element elementor-element-4adce6d elementor-widget elementor-widget-text-editor" data-id="4adce6d" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p style="text-align: center;">Our Web Application Firewall (WAF) and Intrusion Prevention System (IPS) helps mitigate automated attacks, website malware, and bad bots.</p> </div> </div> <div class="elementor-element elementor-element-c2f2b25 elementor-align-center elementor-mobile-align-center elementor-widget elementor-widget-button" data-id="c2f2b25" data-element_type="widget" data-gatrack="Button_Click, WPSecurity_Guide_Learn_More" data-widget_type="button.default"> <div class="elementor-widget-container"> <div class="elementor-button-wrapper"> <a class="elementor-button elementor-button-link elementor-size-md" href="https://sucuri.net/website-hack-protection/"> <span class="elementor-button-content-wrapper"> <span class="elementor-button-text">Learn More</span> </span> </a> </div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-de4e61c elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="de4e61c" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-a4f11eb" data-id="a4f11eb" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-5622ce3 elementor-widget elementor-widget-menu-anchor" data-id="5622ce3" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="wordpress-security-application-configurations"></div> </div> </div> <div class="elementor-element elementor-element-307372b elementor-widget elementor-widget-heading" data-id="307372b" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h3 class="elementor-heading-title elementor-size-default">4.2 WordPress Security Application Configurations</h3> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-b28881a elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="b28881a" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-fa31276" data-id="fa31276" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-b15243f elementor-widget elementor-widget-text-editor" data-id="b15243f" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p><strong>Move WP-Config outside the root folder</strong></p><p>The wp-config.php file is a very important configuration file containing sensitive information about your WordPress site, including database connections.</p><p>If the wp-config.php file does not exist in the root folder, WordPress will automatically look for this file in the folder above the root directory. Moving this file out of the root folder prevents wp-config.php from being accessible from the Internet.</p><p><strong>Setup Salts & Keys</strong></p><p>The wp-config file includes a section dedicated to authentication salts and keys. These salts and keys improve the security of cookies and passwords that are in transit between your browser and the web server.</p><p>You can set up your keys by including or editing these lines after the other define statements in your <strong>wp-config.php</strong> file:</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-5ca4d35 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="5ca4d35" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-218e845" data-id="218e845" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-be76ca8 elementor-widget elementor-widget-code-highlight" data-id="be76ca8" data-element_type="widget" data-widget_type="code-highlight.default"> <div class="elementor-widget-container"> <div class="prismjs-default copy-to-clipboard "> <pre data-line="" class="highlight-height language-markup "> <code readonly="true" class="language-markup"> <xmp>define(‘AUTH_KEY’, ‘include salt here’); define(‘SECURE_AUTH_KEY’, ‘include salt here’); define(‘LOGGED_IN_KEY’, ‘include salt here’); define(‘NONCE_KEY’, ‘include salt here’);</xmp> </code> </pre> </div> </div> </div> <div class="elementor-element elementor-element-93f6b9d elementor-widget elementor-widget-text-editor" data-id="93f6b9d" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>You can easily generate your salts by navigating to the <a href="https://api.wordpress.org/secret-key/1.1/salt/">wordpress.org salt generator</a> or using the reset salts + keys option in our WordPress Plugin.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-33694da elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="33694da" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2527068" data-id="2527068" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-93a6650 elementor-widget elementor-widget-alert_sucuri" data-id="93a6650" data-element_type="widget" data-widget_type="alert_sucuri.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-alert-sucuri type-4"> <div class="alert-sucuri-flex red-bg"> <div class="right-content"> <div class="headingContent"> <p class="headingTitle">Important</p> </div> <div class="descriptionContent"> <p>If you suspect that the secret keys have been compromised, regenerate them as soon as possible. All users will need to re-authenticate.</p> </div> </div> </div> </div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-90edcc4 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="90edcc4" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-84639e6" data-id="84639e6" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-91b0c30 elementor-widget elementor-widget-text-editor" data-id="91b0c30" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>Disable File Editing</p><p>By default, file changes can be made through <strong>Appearance > Editor</strong> from the WordPress dashboard.</p><p>You can increase your WordPress security by disabling file editing from the dashboard. This prevents an attacker from changing your files through the backend or wp-admin. You will still be able to make changes via SFTP/SSH.</p><p>To disable file editing from the dashboard, include the following two lines of code at the end of your<strong> wp-config.php</strong> file:</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-4721cbf elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="4721cbf" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-cf81034" data-id="cf81034" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-51e51b8 elementor-widget elementor-widget-code-highlight" data-id="51e51b8" data-element_type="widget" data-widget_type="code-highlight.default"> <div class="elementor-widget-container"> <div class="prismjs-default copy-to-clipboard "> <pre data-line="" class="highlight-height language-markup "> <code readonly="true" class="language-markup"> <xmp>## Disable Editing in Dashboard define(‘DISALLOW_FILE_EDIT’, true);</xmp> </code> </pre> </div> </div> </div> <div class="elementor-element elementor-element-7870117 elementor-widget elementor-widget-text-editor" data-id="7870117" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>The purpose of this function is to prevent attackers from being able to modify files directly through the wp-admin dashboard. It is very common for attackers to edit in backdoors into theme or plugin files after a successful wp-admin compromise. By defining disallow_file_edit, you’ll limit attackers’ ability to establish backdoor access as well as deliver their payload.</p><p>Keep in mind that this can limit admin functionality once enabled.</p> </div> </div> <div class="elementor-element elementor-element-a0f9305 elementor-widget elementor-widget-alert_sucuri" data-id="a0f9305" data-element_type="widget" data-widget_type="alert_sucuri.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-alert-sucuri type-1"> <div class="alert-sucuri-flex blue-bg"> <div class="right-content"> <div class="headingContent"> <p class="headingTitle">Note</p> </div> <div class="descriptionContent"> <p>Some plugins disable file editing as part of their hardening process, or as an extra setting.</p> </div> </div> </div> </div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-4b19bf3 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="4b19bf3" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-d72c83d" data-id="d72c83d" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-e450d4f elementor-widget elementor-widget-text-editor" data-id="e450d4f" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p><strong>Virtual Hardening</strong></p><p>Virtual hardening is part of a defense-in-depth strategy that protects your web server and database from vulnerability exploitation. Virtual hardening is the act of adding multiple layers of protection to a website to reduce the attack surface.</p><p>If a security patch is released but you are unable to update your site, it becomes an easy target for hackers. One effective way to mitigate this risk is to employ a virtual patching service on your website.</p><p>Virtual patching can be accomplished through the use of a Web Application Firewall, where vulnerabilities are patched automatically to protect against known security threats.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-621397c elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="621397c" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-4c94e69" data-id="4c94e69" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <section class="elementor-section elementor-inner-section elementor-element elementor-element-c438cbd elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="c438cbd" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-d2123eb" data-id="d2123eb" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-c3fa93a elementor-widget elementor-widget-menu-anchor" data-id="c3fa93a" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="protect-wordpress-with-a-firewall"></div> </div> </div> <div class="elementor-element elementor-element-b6017b4 elementor-widget elementor-widget-heading" data-id="b6017b4" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">5</h2> </div> </div> <div class="elementor-element elementor-element-e7b2032 elementor-widget elementor-widget-heading" data-id="e7b2032" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">Protect WordPress With a Firewall</h2> </div> </div> </div> </div> </div> </section> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-8316afc elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="8316afc" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-80e6370" data-id="80e6370" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-1fcb1c3 elementor-widget elementor-widget-text-editor" data-id="1fcb1c3" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>One of the easiest ways to protect your WordPress website from hackers is to employ the use of a Web Application Firewall (WAF) like the <a href="https://sucuri.net/website-firewall/wordpress-firewall/">Sucuri Firewall</a>.</p><p>Website firewalls work to identify, filter, and block malicious traffic from reaching your site. All HTTP/HTTPS traffic is inspected. If a malicious bot or hacker tool attempts an attack, the website firewall blocks it automatically to protect your WordPress website before it even reaches your server.</p> </div> </div> <div class="elementor-element elementor-element-0c57fb9 elementor-widget elementor-widget-image" data-id="0c57fb9" data-element_type="widget" data-widget_type="image.default"> <div class="elementor-widget-container"> <figure class="wp-caption"> <img loading="lazy" decoding="async" width="640" height="443" src="https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-Web-Application-Firewall-Image2.png" class="attachment-medium_large size-medium_large wp-image-9132" alt="How an application firewall works to filter malicious traffic." srcset="https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-Web-Application-Firewall-Image2.png 650w, https://sucuri.net/wp-content/uploads/2023/02/22-Sucuri-Guide-Web-Application-Firewall-Image2-300x208.png 300w" sizes="(max-width: 640px) 100vw, 640px" /> <figcaption class="widget-image-caption wp-caption-text">How a web application firewall works to filter malicious traffic to your web server. </figcaption> </figure> </div> </div> <div class="elementor-element elementor-element-bf1ff80 elementor-widget elementor-widget-text-editor" data-id="bf1ff80" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>There are a number of professional services that take care of your website security needs for you. Not all services are the same – some charge more to fix complex hacks, and others provide different tiered feature sets. You should choose the one that best fits your needs. If your host provides security services, take some time to research exactly what features they include. They’re normally happy to advise you on ways you can complement their baseline feature sets with additional services.</p><p>The benefit to employing a cloud-based security service like Sucuri is that it provides complete end-to-end website security. This means protection, detection, and response services are included with an all-in-one platform and no hidden fees. Our high availability Globally Distributed Anycast Network (GDAN) ensures that websites can efficiently service their global audiences while mitigating DDoS attacks.</p> </div> </div> <section class="elementor-section elementor-inner-section elementor-element elementor-element-ee8aa33 elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="ee8aa33" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-03e77ff" data-id="03e77ff" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-5fc7b36 elementor-widget elementor-widget-menu-anchor" data-id="5fc7b36" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="implement-ssl-https"></div> </div> </div> <div class="elementor-element elementor-element-54482c1 elementor-widget elementor-widget-heading" data-id="54482c1" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">6</h2> </div> </div> <div class="elementor-element elementor-element-bcfc216 elementor-widget elementor-widget-heading" data-id="bcfc216" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">Implement SSL & HTTPS</h2> </div> </div> </div> </div> </div> </section> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-57a2cea elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="57a2cea" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-017b07d" data-id="017b07d" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-414b142 elementor-widget elementor-widget-text-editor" data-id="414b142" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>SSL certificates has become imperative for WordPress in recent years, not only for securely transmitting information to and from your website, but also to increase visibility and rankings.</p><p>At a basic level, SSL allows a website to be accessed over HTTPS, which encrypts the data sent between visitors and web servers to keep it safe. Since 2014, SSL has been a ranking signal for SEO and Google has now started to <a href="https://blog.sucuri.net/2017/05/non-https-websites-blocklisted-for-passwords-without-ssl.html" target="_blank" rel="noopener">flag non-HTTPS websites</a> that transmit password and credit card data.</p><p>We’ve put together a free guide on <a href="https://sucuri.net/guides/how-to-install-ssl-certificate" target="_blank" rel="noopener">how to add SSL to your website</a> and a tutorial on <a href="https://blog.sucuri.net/2019/03/how-to-add-ssl-move-wordpress-from-http-to-https.html" target="_blank" rel="noopener">how to move your WordPress site to https</a>. If you need assistance, you can <a href="https://sucuri.net/live-chat/" target="_blank" rel="noopener">reach out to us</a> and learn how we can help you activate SSL/HTTPS via our cloud-based WAF.</p> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-595bdb5 elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="595bdb5" data-element_type="section" data-settings="{"background_background":"gradient"}"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-032419d" data-id="032419d" data-element_type="column" data-settings="{"background_background":"classic"}"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-851f83b elementor-widget elementor-widget-heading" data-id="851f83b" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">Protection your WordPress website deserves.</h2> </div> </div> <div class="elementor-element elementor-element-290d0b5 elementor-widget elementor-widget-text-editor" data-id="290d0b5" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p style="text-align: center;">Sucuri offers DDoS Protection, WAF, SSL Support & Monitoring with its Platform Plans.</p> </div> </div> <div class="elementor-element elementor-element-19c3f96 elementor-align-center elementor-mobile-align-center elementor-widget elementor-widget-button" data-id="19c3f96" data-element_type="widget" data-gatrack="Button_Click, WPSecurity_Guide_Get_Protected" data-widget_type="button.default"> <div class="elementor-widget-container"> <div class="elementor-button-wrapper"> <a class="elementor-button elementor-button-link elementor-size-md" href="https://sucuri.net/website-security-platform/signup/"> <span class="elementor-button-content-wrapper"> <span class="elementor-button-text">Get Protected</span> </span> </a> </div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-dbbce82 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="dbbce82" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-4432189" data-id="4432189" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-705c27d elementor-widget elementor-widget-menu-anchor" data-id="705c27d" data-element_type="widget" data-widget_type="menu-anchor.default"> <div class="elementor-widget-container"> <div class="elementor-menu-anchor" id="WPFAQ"></div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-6d9f949 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="6d9f949" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-44251bc" data-id="44251bc" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-9ebe241 elementor-widget elementor-widget-faq_content" data-id="9ebe241" data-element_type="widget" data-widget_type="faq_content.default"> <div class="elementor-widget-container"> <div class="sucuri-widget-faq-content"> <h2>WordPress Security FAQ</h2> <div class="faq-content-single"> <ul> <li> <label for="question1" style="color: transparent; position: absolute;">How do I increase WordPress security?</label> <input type="checkbox" name="question1" id="question1" aria-labelledby="question"> <i></i> <h4>How do I increase WordPress security?</h4> <p><p>WordPress website owners can increase their security by practicing strong password security and access control, and by leveraging 2FA. You should keep all software and third-party components up to date with the latest security patches to prevent vulnerabilities, and employ proactive WordPress security principles for an effective defense strategy.</p><p>We also encourage website owners to prevent attacks and protect their WordPress websites from hackers with a web application firewall (WAF) that automatically blocks website attacks and hacks.</p></p> </li> <li> <label for="question2" style="color: transparent; position: absolute;">What WordPress plugins should I use?</label> <input type="checkbox" name="question2" id="question2" aria-labelledby="question"> <i></i> <h4>What WordPress plugins should I use?</h4> <p><p>The <a href="https://sucuri.net/wordpress-security-plugin/">Sucuri Security WordPress plugin</a> offers a variety of helpful security features, including activity auditing, file integrity monitoring, remote malware scanning, and blocklist monitoring to identify and protect your website from threats.</p><p>Other useful plugins include backup, auditing, and utility plugins which address a variety of security functions.</p></p> </li> <li> <label for="question3" style="color: transparent; position: absolute;">How can I protect my WordPress site from malware?</label> <input type="checkbox" name="question3" id="question3" aria-labelledby="question"> <i></i> <h4>How can I protect my WordPress site from malware?</h4> <p><p>One of the easiest ways to protect your WordPress website from hackers is to employ the use of a WordPress firewall (WAF), which can block malicious traffic from ever reaching your server.</p></p> </li> <li> <label for="question4" style="color: transparent; position: absolute;">How do I remove malware from my WordPress site?</label> <input type="checkbox" name="question4" id="question4" aria-labelledby="question"> <i></i> <h4>How do I remove malware from my WordPress site?</h4> <p><p>We’ve put together a helpful guide on <a href="https://sucuri.net/guides/how-to-clean-hacked-wordpress/">how to clean a WordPress hack</a> to help website owners walk through the process of identifying and cleaning up malware from a compromised website. This guide also includes post-hack instructions to help you protect your site from future infections.</p><p>If you need assistance, our security analysts are here to help. We remove malware from thousands of WordPress websites every week.</p></p> </li> <li> <label for="question5" style="color: transparent; position: absolute;">How do I secure my WordPress site with HTTPS?</label> <input type="checkbox" name="question5" id="question5" aria-labelledby="question"> <i></i> <h4>How do I secure my WordPress site with HTTPS?</h4> <p><p>SSL certificates do not protect your website, but they help defend data in transit between the host (web server or firewall) and the client (web browser). SSL works as a barrier to prevent data visibility or modification by intruders.</p><p>To install an SSL certificate on a WordPress website, you’ll need to either purchase one from a certificate authority, such as GoDaddy, or use a free certificate from Let’s Encrypt.</p><p>We’ve written an extensive guide that instructs you on <a href="https://sucuri.net/guides/how-to-install-ssl-certificate/">how to add a Let’s Encrypt SSL certificate</a> to your WordPress website and encrypt its data with HTTPS.</p><p>Sucuri offers free SSL on the firewall to ensure that visitors reach your website via HTTPS by default.</p></p> </li> </ul> </div> </div> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-9e029df elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="9e029df" data-element_type="section" data-settings="{"background_background":"gradient"}"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-c5240c0" data-id="c5240c0" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <section class="elementor-section elementor-inner-section elementor-element elementor-element-60e9b07 elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="60e9b07" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-5012a75" data-id="5012a75" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-84bafbb elementor-widget elementor-widget-heading" data-id="84bafbb" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">Ready to protect WordPress?</h2> </div> </div> </div> </div> <div class="elementor-column elementor-col-25 elementor-inner-column elementor-element elementor-element-6e04a17" data-id="6e04a17" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-b0e37eb elementor-align-right elementor-mobile-align-center elementor-widget elementor-widget-button" data-id="b0e37eb" data-element_type="widget" data-gatrack="Button_Click, WPSecurity_Guide_Get_Started_Now" data-widget_type="button.default"> <div class="elementor-widget-container"> <div class="elementor-button-wrapper"> <a class="elementor-button elementor-button-link elementor-size-sm" href="https://sucuri.net/website-security-platform/signup/"> <span class="elementor-button-content-wrapper"> <span class="elementor-button-text">Get Started Now</span> </span> </a> </div> </div> </div> </div> </div> <div class="elementor-column elementor-col-25 elementor-inner-column elementor-element elementor-element-d769fe1" data-id="d769fe1" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-13ca46e elementor-align-left elementor-mobile-align-center elementor-widget elementor-widget-button" data-id="13ca46e" data-element_type="widget" data-gatrack="Button_Click, WPSecurity_Guide_Get_Started_Learn_More" data-widget_type="button.default"> <div class="elementor-widget-container"> <div class="elementor-button-wrapper"> <a class="elementor-button elementor-button-link elementor-size-sm" href="https://sucuri.net/malware-detection-scanning/"> <span class="elementor-button-content-wrapper"> <span class="elementor-button-text">Learn More</span> </span> </a> </div> </div> </div> </div> </div> </div> </section> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-bfd72e3 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="bfd72e3" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-0ad0e40" data-id="0ad0e40" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-b6a1940 elementor-widget elementor-widget-heading" data-id="b6a1940" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">Sucuri Resource Library</h2> </div> </div> <div class="elementor-element elementor-element-2a2f112 elementor-widget elementor-widget-text-editor" data-id="2a2f112" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>Say on top emerging website security threats with our helpful guides, email, courses, and blog content.</p> </div> </div> <section class="elementor-section elementor-inner-section elementor-element elementor-element-3a89cb4 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="3a89cb4" data-element_type="section"> <div class="elementor-container elementor-column-gap-extended"> <div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-9ef1db1" data-id="9ef1db1" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-d267a2e elementor-widget elementor-widget-image" data-id="d267a2e" data-element_type="widget" data-widget_type="image.default"> <div class="elementor-widget-container"> <a href="https://sucuri.net/webinars/how-to-clean-hacked-wordpress-site/" title="Webinar"> <img loading="lazy" decoding="async" width="545" height="324" src="https://sucuri.net/wp-content/uploads/2023/01/22-sucuri-resource-webinar-1.png" class="attachment-medium_large size-medium_large wp-image-8969" alt="" srcset="https://sucuri.net/wp-content/uploads/2023/01/22-sucuri-resource-webinar-1.png 545w, https://sucuri.net/wp-content/uploads/2023/01/22-sucuri-resource-webinar-1-300x178.png 300w" sizes="(max-width: 545px) 100vw, 545px" /> </a> </div> </div> <div class="elementor-element elementor-element-8253219 elementor-view-default elementor-widget elementor-widget-icon" data-id="8253219" data-element_type="widget" data-widget_type="icon.default"> <div class="elementor-widget-container"> <div class="elementor-icon-wrapper"> <a class="elementor-icon" href="https://sucuri.net/webinars/how-to-clean-hacked-wordpress-site/" title="Webinar"> <svg aria-hidden="true" class="e-font-icon-svg e-fas-arrow-right" viewBox="0 0 448 512" xmlns="http://www.w3.org/2000/svg"><path d="M190.5 66.9l22.2-22.2c9.4-9.4 24.6-9.4 33.9 0L441 239c9.4 9.4 9.4 24.6 0 33.9L246.6 467.3c-9.4 9.4-24.6 9.4-33.9 0l-22.2-22.2c-9.5-9.5-9.3-25 .4-34.3L311.4 296H24c-13.3 0-24-10.7-24-24v-32c0-13.3 10.7-24 24-24h287.4L190.9 101.2c-9.8-9.3-10-24.8-.4-34.3z"></path></svg> </a> </div> </div> </div> <div class="elementor-element elementor-element-d80bc31 elementor-widget elementor-widget-heading" data-id="d80bc31" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h4 class="elementor-heading-title elementor-size-default">Webinar</h4> </div> </div> <div class="elementor-element elementor-element-7666845 elementor-widget elementor-widget-text-editor" data-id="7666845" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>Learn how to identify issues if you suspect your WordPress site has been hacked.</p> </div> </div> </div> </div> <div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-726a7bb" data-id="726a7bb" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-1a7b2c3 elementor-widget elementor-widget-image" data-id="1a7b2c3" data-element_type="widget" data-widget_type="image.default"> <div class="elementor-widget-container"> <a href="https://info.sucuri.net/wordpress-security-course" title="Email Course"> <img loading="lazy" decoding="async" width="545" height="324" src="https://sucuri.net/wp-content/uploads/2023/01/22-sucuri-resource-email-courses-1.png" class="attachment-medium_large size-medium_large wp-image-8967" alt="" srcset="https://sucuri.net/wp-content/uploads/2023/01/22-sucuri-resource-email-courses-1.png 545w, https://sucuri.net/wp-content/uploads/2023/01/22-sucuri-resource-email-courses-1-300x178.png 300w" sizes="(max-width: 545px) 100vw, 545px" /> </a> </div> </div> <div class="elementor-element elementor-element-39c59ea elementor-view-default elementor-widget elementor-widget-icon" data-id="39c59ea" data-element_type="widget" data-widget_type="icon.default"> <div class="elementor-widget-container"> <div class="elementor-icon-wrapper"> <a class="elementor-icon" href="https://info.sucuri.net/wordpress-security-course" title="Email Course"> <svg aria-hidden="true" class="e-font-icon-svg e-fas-arrow-right" viewBox="0 0 448 512" xmlns="http://www.w3.org/2000/svg"><path d="M190.5 66.9l22.2-22.2c9.4-9.4 24.6-9.4 33.9 0L441 239c9.4 9.4 9.4 24.6 0 33.9L246.6 467.3c-9.4 9.4-24.6 9.4-33.9 0l-22.2-22.2c-9.5-9.5-9.3-25 .4-34.3L311.4 296H24c-13.3 0-24-10.7-24-24v-32c0-13.3 10.7-24 24-24h287.4L190.9 101.2c-9.8-9.3-10-24.8-.4-34.3z"></path></svg> </a> </div> </div> </div> <div class="elementor-element elementor-element-d5eb6fe elementor-widget elementor-widget-heading" data-id="d5eb6fe" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h4 class="elementor-heading-title elementor-size-default">Email Course</h4> </div> </div> <div class="elementor-element elementor-element-c6cd005 elementor-widget elementor-widget-text-editor" data-id="c6cd005" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>Join our email series as we offer actionable steps and basic security techniques for WordPress site owners.</p> </div> </div> </div> </div> <div class="elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-ab0f8b7" data-id="ab0f8b7" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-c55add5 elementor-widget elementor-widget-image" data-id="c55add5" data-element_type="widget" data-widget_type="image.default"> <div class="elementor-widget-container"> <a href="https://sucuri.net/reports/2017-hacked-website-report/" title="Report"> <img loading="lazy" decoding="async" width="545" height="324" src="https://sucuri.net/wp-content/uploads/2023/01/22-sucuri-resource-report-1.png" class="attachment-medium_large size-medium_large wp-image-8968" alt="" srcset="https://sucuri.net/wp-content/uploads/2023/01/22-sucuri-resource-report-1.png 545w, https://sucuri.net/wp-content/uploads/2023/01/22-sucuri-resource-report-1-300x178.png 300w" sizes="(max-width: 545px) 100vw, 545px" /> </a> </div> </div> <div class="elementor-element elementor-element-9ce1f9e elementor-view-default elementor-widget elementor-widget-icon" data-id="9ce1f9e" data-element_type="widget" data-widget_type="icon.default"> <div class="elementor-widget-container"> <div class="elementor-icon-wrapper"> <a class="elementor-icon" href="https://sucuri.net/reports/2017-hacked-website-report/" title="Report"> <svg aria-hidden="true" class="e-font-icon-svg e-fas-arrow-right" viewBox="0 0 448 512" xmlns="http://www.w3.org/2000/svg"><path d="M190.5 66.9l22.2-22.2c9.4-9.4 24.6-9.4 33.9 0L441 239c9.4 9.4 9.4 24.6 0 33.9L246.6 467.3c-9.4 9.4-24.6 9.4-33.9 0l-22.2-22.2c-9.5-9.5-9.3-25 .4-34.3L311.4 296H24c-13.3 0-24-10.7-24-24v-32c0-13.3 10.7-24 24-24h287.4L190.9 101.2c-9.8-9.3-10-24.8-.4-34.3z"></path></svg> </a> </div> </div> </div> <div class="elementor-element elementor-element-0c40dca elementor-widget elementor-widget-heading" data-id="0c40dca" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h4 class="elementor-heading-title elementor-size-default">Report</h4> </div> </div> <div class="elementor-element elementor-element-6ef93df elementor-widget elementor-widget-text-editor" data-id="6ef93df" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>Based on our data, the three most commonly infected CMS platforms were WordPress, Joomla! and Magento.</p> </div> </div> </div> </div> </div> </section> </div> </div> </div> </section> </div> <div data-elementor-type="footer" data-elementor-id="10539" class="elementor elementor-10539 elementor-location-footer" data-elementor-post-type="elementor_library"> <section class="elementor-section elementor-top-section elementor-element elementor-element-861d687 elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="861d687" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-fc1f30f" data-id="fc1f30f" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-a32286d elementor-widget elementor-widget-footer_section" data-id="a32286d" data-element_type="widget" data-widget_type="footer_section.default"> <div class="elementor-widget-container"> <div class="sucuri-footer-revamp parent"> <div class="footer-menu-logo-container"> <div class="footer-menu-logo-internal"> <div class="image-container"> <img src="https://sucuri.net/wp-content/uploads/2022/12/sucuri_logo_dark.svg" alt="Sucuri Logo"> </div> <div class="social-media-container"> <p>Let’s Connect</p> <div class="social-media-wrapper"> <a aria-label="Visit our Twitter profile" href="https://twitter.com/sucurisecurity/"> <svg xmlns="http://www.w3.org/2000/svg" width="23" height="21" viewBox="0 0 23 21" fill="none"><path d="M18.1138 0.210449H21.6407L13.9356 8.92748L23 20.7894H15.9016L10.3427 13.5952L3.98206 20.7894H0.453113L8.69443 11.4656L0 0.210449H7.27646L12.3012 6.78621L18.1117 0.210449H18.1138ZM16.876 18.6998H18.8303L6.21564 2.19025H4.11853L16.876 18.6998Z" fill="#00FFCE"></path></svg> </a> <a aria-label="Visit our Facebook profile" href="https://www.facebook.com/SucuriSecurity"> <svg xmlns="http://www.w3.org/2000/svg" width="23" height="23" viewBox="0 0 23 23" fill="none"><path d="M21.7287 0H1.27126C0.567177 0 0 0.567177 0 1.27126V21.7287C0 22.4328 0.567177 23 1.27126 23H12.2823V14.1012H9.28996V10.6395H12.2823V8.07738C12.2823 5.10459 14.1012 3.48129 16.7415 3.48129C18.0128 3.48129 19.108 3.57908 19.4209 3.6182V6.72789H17.5825C16.1352 6.72789 15.8614 7.41241 15.8614 8.40986V10.6199H19.3036L18.8537 14.0816H15.8614V22.9804H21.7287C22.4328 22.9804 23 22.4133 23 21.7092V1.27126C23 0.567177 22.4328 0 21.7287 0Z" fill="#00FFCE"></path></svg> </a> <a aria-label="Visit our Instagram profile" href="https://www.instagram.com/sucurisecurity/"> <svg xmlns="http://www.w3.org/2000/svg" width="23" height="23" viewBox="0 0 23 23" fill="none"><path d="M22.9218 6.76701C22.8631 5.55442 22.6675 4.71344 22.3937 3.97024C22.1003 3.20748 21.7092 2.58163 21.0638 1.93622C20.4184 1.29082 19.7925 0.89966 19.0298 0.606292C18.3061 0.312925 17.4651 0.136905 16.233 0.0782313C15.0008 0.0195578 14.6097 0 11.5 0C8.3903 0 7.97959 0 6.767 0.0782313C5.53486 0.136905 4.71343 0.332483 3.97024 0.606292C3.20748 0.89966 2.58163 1.29082 1.93622 1.93622C1.29081 2.58163 0.899655 3.20748 0.606288 3.97024C0.31292 4.69388 0.117341 5.53486 0.0782256 6.76701C0.0195522 7.99915 0 8.39031 0 11.5C0 14.6097 -5.6684e-06 15.0204 0.0782256 16.233C0.136899 17.4456 0.332478 18.2866 0.606288 19.0298C0.899655 19.7925 1.29081 20.4184 1.93622 21.0638C2.58163 21.7092 3.20748 22.1003 3.97024 22.3937C4.69388 22.6675 5.53486 22.8631 6.767 22.9218C7.99915 22.9804 8.3903 23 11.5 23C14.6097 23 15.0008 23 16.233 22.9218C17.4456 22.8631 18.2866 22.6675 19.0298 22.3937C19.7925 22.1003 20.4184 21.7092 21.0638 21.0638C21.7092 20.4184 22.1003 19.7925 22.3937 19.0298C22.6871 18.3061 22.8631 17.4651 22.9218 16.233C22.9804 15.0009 23 14.6097 23 11.5C23 8.39031 23 7.99915 22.9218 6.76701ZM20.8486 16.1548C20.79 17.2696 20.6139 17.8759 20.4575 18.2866C20.2423 18.8146 20.0077 19.2058 19.5969 19.6165C19.1862 20.0272 18.8146 20.2619 18.267 20.477C17.8563 20.6335 17.25 20.8291 16.1352 20.8682C14.9226 20.9269 14.551 20.9269 11.5 20.9269C8.44897 20.9269 8.05782 20.9269 6.86479 20.8682C5.75 20.8095 5.1437 20.6335 4.73299 20.477C4.20493 20.2619 3.81377 20.0272 3.40306 19.6165C2.99234 19.2058 2.75765 18.8342 2.54252 18.2866C2.38605 17.8759 2.19047 17.2696 2.15136 16.1548C2.09268 14.9422 2.09269 14.5901 2.09269 11.5196C2.09269 8.44898 2.09268 8.09694 2.15136 6.88435C2.21003 5.76956 2.38605 5.16327 2.54252 4.75255C2.75765 4.22449 2.99234 3.83333 3.40306 3.44218C3.81377 3.03146 4.18537 2.79677 4.73299 2.58163C5.1437 2.42517 5.75 2.22959 6.86479 2.19048C8.07738 2.1318 8.44897 2.1318 11.5 2.1318C14.551 2.1318 14.9226 2.1318 16.1352 2.19048C17.25 2.24915 17.8563 2.42517 18.267 2.58163C18.7951 2.79677 19.1862 3.03146 19.5969 3.44218C20.0077 3.85289 20.2423 4.22449 20.4575 4.75255C20.6139 5.16327 20.8095 5.76956 20.8486 6.88435C20.9073 8.09694 20.9073 8.46854 20.9073 11.5196C20.9073 14.5706 20.9073 14.9422 20.8486 16.1548Z" fill="#00FFCE"></path><path d="M11.5002 5.59375C8.23405 5.59375 5.59375 8.23406 5.59375 11.5002C5.59375 14.7664 8.23405 17.4067 11.5002 17.4067C14.7664 17.4067 17.4067 14.7664 17.4067 11.5002C17.4067 8.23406 14.7664 5.59375 11.5002 5.59375ZM11.5002 15.314C9.38796 15.314 7.66687 13.5929 7.66687 11.4807C7.66687 9.36841 9.38796 7.64732 11.5002 7.64732C13.6125 7.64732 15.3335 9.36841 15.3335 11.4807C15.3335 13.5929 13.6125 15.314 11.5002 15.314Z" fill="#00FFCE"></path><path d="M17.6406 3.98975C16.8778 3.98975 16.252 4.6156 16.252 5.37835C16.252 6.14111 16.8778 6.7474 17.6406 6.7474C18.4033 6.7474 19.0096 6.12155 19.0096 5.37835C19.0096 4.63515 18.3838 3.98975 17.6406 3.98975Z" fill="#00FFCE"></path></svg> </a> <a aria-label="Visit our LinkedIn profile" href="https://www.linkedin.com/company/sucuri-security"> <svg xmlns="http://www.w3.org/2000/svg" width="23" height="23" viewBox="0 0 23 23" fill="none"><path d="M0.445161 23H4.89677V7.04375H0.445161V23ZM2.67097 0C1.1871 0 0 1.15 0 2.5875C0 4.025 1.1871 5.175 2.67097 5.175C4.15484 5.175 5.34194 4.025 5.34194 2.5875C5.34194 1.15 4.15484 0 2.67097 0ZM12.4645 9.4875V7.04375H8.0129V23H12.4645V14.8063C12.4645 10.2063 18.5484 9.91875 18.5484 14.8063V23H23V13.225C23 5.4625 14.5419 5.75 12.4645 9.4875Z" fill="#00FFCE"></path></svg> </a> <a aria-label="Visit our YouTube profile" href="https://www.youtube.com/SucuriSecurity"> <svg xmlns="http://www.w3.org/2000/svg" width="30" height="21" viewBox="0 0 30 21" fill="none"><path d="M28.5264 3.64516C28.2012 2.42561 27.2041 1.45838 25.9469 1.12195C23.6708 0.533203 14.5667 0.533203 14.5667 0.533203C14.5667 0.533203 5.4625 0.533203 3.18646 1.12195C1.92922 1.43735 0.953767 2.40458 0.606942 3.64516C-2.64865e-06 5.85296 0 10.4999 0 10.4999C0 10.4999 -2.64865e-06 15.1257 0.606942 17.3546C0.932091 18.5741 1.92922 19.5414 3.18646 19.8778C5.4625 20.4665 14.5667 20.4665 14.5667 20.4665C14.5667 20.4665 23.6708 20.4665 25.9469 19.8778C27.2041 19.5414 28.1796 18.5952 28.5264 17.3546C29.1333 15.1257 29.1333 10.4999 29.1333 10.4999C29.1333 10.4999 29.1333 5.87399 28.5264 3.64516ZM11.597 14.6842V6.2735L19.2054 10.4788L11.597 14.6842Z" fill="#00FFCE"></path></svg> </a> <a aria-label="Visit our Threads profile" href="https://www.threads.net/@sucurisecurity"> <svg xmlns="http://www.w3.org/2000/svg" width="21" height="23" viewBox="0 0 21 23" fill="none"><path d="M10.6248 23H10.618C7.11116 22.977 4.4152 21.8452 2.60353 19.6372C0.99262 17.6717 0.160232 14.9366 0.132812 11.5096V11.4933C0.162191 8.06342 0.993599 5.33121 2.60549 3.36471C4.4152 1.15479 7.11312 0.023 10.6189 0H10.6326C13.3217 0.0191667 15.5712 0.694792 17.3172 2.01058C18.9595 3.24683 20.116 5.01017 20.7535 7.24979L18.7558 7.79508C17.6746 4.00008 14.9385 2.06042 10.6238 2.03071C7.77413 2.05179 5.61972 2.92771 4.21935 4.6345C2.90907 6.233 2.23239 8.54258 2.20595 11.5C2.23239 14.4574 2.90907 16.767 4.22033 18.3655C5.6207 20.0742 7.77609 20.9511 10.6248 20.9693C13.1935 20.9501 14.8925 20.3646 16.3046 19.0095C17.9175 17.4637 17.8891 15.5662 17.372 14.4114C17.0685 13.731 16.5171 13.1656 15.7719 12.7343C15.5839 14.03 15.1628 15.0784 14.5145 15.87C13.6469 16.9261 12.4189 17.503 10.8618 17.5854C9.68471 17.6477 8.54972 17.3765 7.67033 16.8178C6.62935 16.1575 6.02024 15.1503 5.95463 13.9773C5.89098 12.8369 6.35418 11.7875 7.25707 11.0237C8.11884 10.2954 9.33216 9.867 10.7658 9.7865C11.7538 9.72614 12.7455 9.77177 13.7233 9.92258C13.5999 9.2115 13.356 8.64608 12.9888 8.23879C12.4864 7.67721 11.7079 7.39258 10.6787 7.38587H10.6503C9.82376 7.38587 8.69955 7.60821 7.98566 8.65088L6.26506 7.52004C7.22476 6.12663 8.77985 5.35804 10.6503 5.35804H10.6934C13.8212 5.37721 15.6848 7.25075 15.8708 10.5215C15.9766 10.5656 16.0823 10.6116 16.1852 10.6576C17.6443 11.3285 18.7117 12.3453 19.2738 13.5997C20.0543 15.3439 20.1268 18.1901 17.7579 20.4595C15.9462 22.194 13.7487 22.978 10.6317 22.999L10.6248 23ZM11.607 11.7971C11.37 11.7971 11.1301 11.8038 10.8833 11.8172C9.08539 11.9159 7.96509 12.7238 8.02776 13.8709C8.09338 15.0746 9.44968 15.6333 10.7541 15.5643C11.9527 15.502 13.5137 15.0439 13.7761 12.0089C13.0628 11.8633 12.3357 11.7923 11.607 11.7971Z" fill="#00FFCE"></path></svg> </a> </div> </div> </div> </div> <div class="sucuri-footer-revamp child"> <div class="footer-menu-revamp-container"> <div class="outer-item"> <a class="link-parent" href="https://sucuri.net/website-security/"> Products </a> <div class="inner-repeater-wrapper"> <a class="link-child" href="https://sucuri.net/website-firewall/"> Website Firewall </a> <a class="link-child" href="https://sucuri.net/website-security-platform/"> Website Security Platform </a> <a class="link-child" href="https://sucuri.net/wordpress-security/"> WordPress Security </a> <a class="link-child" href="https://sucuri.net/website-backups/"> Website Backups </a> <a class="link-child" href="https://sucuri.net/website-security-platform/help-now/"> Hack Assistance </a> <a class="link-child" href="https://sucuri.net/website-security-platform/signup"> Pricing </a> </div> </div> <div class="outer-item"> <a class="link-parent" href="https://sucuri.net/ddos-protection/"> Solutions </a> <div class="inner-repeater-wrapper"> <a class="link-child" href="https://sucuri.net/ddos-protection/"> DDoS Protection </a> <a class="link-child" href="https://sucuri.net/malware-detection-scanning/"> Malware Detection </a> <a class="link-child" href="https://sucuri.net/website-malware-removal/"> Malware Removal </a> <a class="link-child" href="https://sucuri.net/intrusion-detection-system/"> Malware Prevention </a> <a class="link-child" href="https://sucuri.net/website-security-platform/blocklist-removal-and-repair/"> Blacklist Removal </a> <a class="link-child" href="https://sucuri.net/seo-spam-removal/"> SEO Spam Removal </a> <a class="link-child" href="https://sucuri.net/wordpress-security-plugin/"> Wordpress Security Plugin </a> </div> </div> <div class="outer-item"> <a class="link-parent" href="#"> USE CASES </a> <div class="inner-repeater-wrapper"> <a class="link-child" href="https://sucuri.net/developers/"> Developers </a> <a class="link-child" href="https://sucuri.net/ecommerce-website-security/"> Ecommerce </a> <a class="link-child" href="https://sucuri.net/custom/agency/"> Agency Plans </a> <a class="link-child" href="https://sucuri.net/custom/agency/"> Enterprise Services </a> <a class="link-child" href="https://sucuri.net/http-2-rapid-reset/"> HTTPS/2 </a> <a class="link-child" href="https://sucuri.net/virtual-patching/"> Virtual Patching </a> </div> </div> <div class="outer-item"> <a class="link-parent" href="https://docs.sucuri.net/"> Support </a> <div class="inner-repeater-wrapper"> <a class="link-child" href="https://docs.sucuri.net/"> Knowledge Base </a> <a class="link-child" href="https://sitecheck.sucuri.net/"> SiteCheck </a> <a class="link-child" href="https://sucuri.net/guides/"> Guides </a> <a class="link-child" href="https://labs.sucuri.net/"> Research Labs </a> <a class="link-child" href="https://abuse.sucuri.net/"> Report Abuse </a> <a class="link-child" href="https://status.sucuri.net/"> Status Report </a> </div> </div> <div class="outer-item"> <a class="link-parent" href="https://sucuri.net/company/"> Company </a> <div class="inner-repeater-wrapper"> <a class="link-child" href="https://sucuri.net/company/"> About Sucuri </a> <a class="link-child" href="https://sucuri.net/company/contact-us/"> Contact </a> <a class="link-child" href="https://blog.sucuri.net/"> Blog </a> <a class="link-child" href="https://sucuri.net/referral/"> Referral </a> <a class="link-child" href="https://sucuri.net/partners/"> Partners </a> <a class="link-child" href="https://sucuri.net/customers/"> Testimonials </a> </div> </div> <div class="outer-item"> <a class="link-parent" href="#"> Definitions </a> <div class="inner-repeater-wrapper"> <a class="link-child" href="https://sucuri.net/definitions/"> Firewall </a> <a class="link-child" href="https://sucuri.net/definitions/"> Bots </a> <a class="link-child" href="https://sucuri.net/definitions/"> Security </a> </div> </div> </div> </div> <div class="policy-container"> <div class="flex-menu"> <a href="https://sucuri.net/terms/">Terms of Use</a> <a href="https://sucuri.net/privacy/">Privacy Policy</a> <a href="https://sucuri.net/cookies/">Do Not Sell My Personal Information</a> <a href="https://sucuri.net/faq/">Frequently Asked Questions</a> </div> </div> <p class="copyright">© 2024 GoDaddy Mediatemple, Inc., d/b/a Sucuri. All rights reserved.</p> <div class="back-to-top-mobile"> <a title="Going Top" href="#top"> <svg xmlns="http://www.w3.org/2000/svg" width="42" height="42" viewBox="0 0 42 42" fill="none"> <circle cx="21" cy="21" r="20.5" fill="#02141B" stroke="white"/> <path d="M21 17.3202L29.0133 24.7468C29.0779 24.8079 29.1546 24.8562 29.2389 24.889C29.3232 24.9217 29.4135 24.9382 29.5046 24.9375C29.5956 24.9368 29.6856 24.9188 29.7694 24.8848C29.8531 24.8507 29.9289 24.8012 29.9924 24.739C30.0559 24.6769 30.1058 24.6033 30.1393 24.5227C30.1728 24.442 30.1891 24.3558 30.1874 24.2691C30.1856 24.1824 30.1659 24.0969 30.1292 24.0175C30.0925 23.9381 30.0397 23.8664 29.9738 23.8066L21.4802 15.9358C21.3517 15.8167 21.1794 15.75 21 15.75C20.8206 15.75 20.6483 15.8167 20.5198 15.9358L12.0262 23.8066C11.9603 23.8664 11.9075 23.9381 11.8708 24.0175C11.8341 24.0969 11.8144 24.1824 11.8126 24.2691C11.8109 24.3558 11.8272 24.442 11.8607 24.5227C11.8942 24.6033 11.9441 24.6768 12.0076 24.739C12.0711 24.8012 12.1469 24.8507 12.2306 24.8848C12.3144 24.9188 12.4044 24.9368 12.4954 24.9375C12.5865 24.9382 12.6768 24.9217 12.7611 24.889C12.8454 24.8562 12.9221 24.8079 12.9867 24.7468L21 17.3202Z" fill="#13EAC0"/> </svg> </a> </div> <div class="back-to-top"> <div class="circle"> <a class="circle-flex" title="Going Top" href="#top"> <svg xmlns="http://www.w3.org/2000/svg" width="42" height="42" viewBox="0 0 42 42" fill="none"> <circle cx="21" cy="21" r="20.5" fill="#02141B" stroke="white"/> <path d="M21 17.3202L29.0133 24.7468C29.0779 24.8079 29.1546 24.8562 29.2389 24.889C29.3232 24.9217 29.4135 24.9382 29.5046 24.9375C29.5956 24.9368 29.6856 24.9188 29.7694 24.8848C29.8531 24.8507 29.9289 24.8012 29.9924 24.739C30.0559 24.6769 30.1058 24.6033 30.1393 24.5227C30.1728 24.442 30.1891 24.3558 30.1874 24.2691C30.1856 24.1824 30.1659 24.0969 30.1292 24.0175C30.0925 23.9381 30.0397 23.8664 29.9738 23.8066L21.4802 15.9358C21.3517 15.8167 21.1794 15.75 21 15.75C20.8206 15.75 20.6483 15.8167 20.5198 15.9358L12.0262 23.8066C11.9603 23.8664 11.9075 23.9381 11.8708 24.0175C11.8341 24.0969 11.8144 24.1824 11.8126 24.2691C11.8109 24.3558 11.8272 24.442 11.8607 24.5227C11.8942 24.6033 11.9441 24.6768 12.0076 24.739C12.0711 24.8012 12.1469 24.8507 12.2306 24.8848C12.3144 24.9188 12.4044 24.9368 12.4954 24.9375C12.5865 24.9382 12.6768 24.9217 12.7611 24.889C12.8454 24.8562 12.9221 24.8079 12.9867 24.7468L21 17.3202Z" fill="#13EAC0"/> </svg> <span> <p style="margin-top:0px !important; margin-bottom:0px !important;">back to top <svg xmlns="http://www.w3.org/2000/svg" width="20" height="10" viewBox="0 0 20 10" fill="none"> <path d="M10 1.57018L18.0133 8.99675C18.0779 9.0579 18.1546 9.10624 18.2389 9.13898C18.3232 9.17171 18.4135 9.1882 18.5046 9.18748C18.5956 9.18676 18.6856 9.16885 18.7694 9.13478C18.8531 9.10071 18.9289 9.05117 18.9924 8.98901C19.0559 8.92685 19.1058 8.85332 19.1393 8.77266C19.1728 8.692 19.1891 8.60582 19.1874 8.51911C19.1856 8.4324 19.1659 8.34688 19.1292 8.26749C19.0925 8.18811 19.0397 8.11644 18.9738 8.05663L10.4802 0.185786C10.3517 0.066655 10.1794 -3.93758e-07 10 -4.01598e-07C9.82063 -4.09439e-07 9.64833 0.0666549 9.51977 0.185786L1.02623 8.05663C0.960287 8.11644 0.907457 8.18811 0.870792 8.26749C0.834127 8.34688 0.814355 8.4324 0.812622 8.51911C0.810888 8.60582 0.827226 8.692 0.860693 8.77266C0.894159 8.85332 0.944088 8.92685 1.00759 8.98901C1.07109 9.05117 1.14691 9.10071 1.23065 9.13478C1.31438 9.16885 1.40439 9.18676 1.49544 9.18748C1.5865 9.1882 1.6768 9.17171 1.76112 9.13898C1.84544 9.10624 1.92211 9.0579 1.98669 8.99675L10 1.57018Z" fill="#13EAC0"/> </svg> </p> </span> </a> </div> </div> </div> </div> </div> </div> </div> </div> </section> </div> <script src="https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit" async defer></script> <script type='text/javascript'> // Define a function to be called when reCAPTCHA script is loaded function onRecaptchaLoad() { // Your code that uses grecaptcha var recaptchaElement = document.getElementsByClassName('g-recaptcha')[0]; if (recaptchaElement) { grecaptcha.render(recaptchaElement, { sitekey: '6LetGjkUAAAAAJZdUKrKJtingLJw5x0mY-O2VGf_', }); } else { console.error('reCAPTCHA element not found'); } } </script> <script type='text/javascript'> const lazyloadRunObserver = () => { const lazyloadBackgrounds = document.querySelectorAll( `.e-con.e-parent:not(.e-lazyloaded)` ); const lazyloadBackgroundObserver = new IntersectionObserver( ( entries ) => { entries.forEach( ( entry ) => { if ( entry.isIntersecting ) { let lazyloadBackground = entry.target; if( lazyloadBackground ) { lazyloadBackground.classList.add( 'e-lazyloaded' ); } lazyloadBackgroundObserver.unobserve( entry.target ); } }); }, { rootMargin: '200px 0px 200px 0px' } ); lazyloadBackgrounds.forEach( ( lazyloadBackground ) => { lazyloadBackgroundObserver.observe( lazyloadBackground ); } ); }; const events = [ 'DOMContentLoaded', 'elementor/lazyload/observe', ]; events.forEach( ( event ) => { document.addEventListener( event, lazyloadRunObserver ); } ); </script> <link rel='stylesheet' id='e-sticky-css' href='https://sucuri.net/wp-content/plugins/elementor-pro/assets/css/modules/sticky.min.css?ver=3.25.2' type='text/css' media='all' /> <script type="text/javascript" defer="defer" src="https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js" id="slick-js-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/themes/sucuriwp/js/navigation.js?ver=1628779856" id="sucuriwp-navigation-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/themes/sucuriwp/js/skip-link-focus-fix.js?ver=1628779856" id="sucuriwp-skip-link-focus-fix-js"></script> <script type="text/javascript" defer="defer" src="https://sucuri.net/wp-content/themes/sucuriwp/js/script.min.js" id="sucuriwp-js-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.25.2" id="e-sticky-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.2.1" id="smartmenus-js"></script> <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/components/prism-core.min.js?ver=1.23.0" id="prismjs_core-js"></script> <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/autoloader/prism-autoloader.min.js?ver=1.23.0" id="prismjs_loader-js"></script> <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/normalize-whitespace/prism-normalize-whitespace.min.js?ver=1.23.0" id="prismjs_normalize-js"></script> <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/line-numbers/prism-line-numbers.min.js?ver=1.23.0" id="prismjs_line_numbers-js"></script> <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/toolbar/prism-toolbar.min.js?ver=1.23.0" id="prismjs_toolbar-js"></script> <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/copy-to-clipboard/prism-copy-to-clipboard.min.js?ver=1.23.0" id="prismjs_copy_to_clipboard-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.25.2" id="elementor-pro-webpack-runtime-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.25.4" id="elementor-webpack-runtime-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.25.4" id="elementor-frontend-modules-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18" id="wp-hooks-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6" id="wp-i18n-js"></script> <script type="text/javascript" id="wp-i18n-js-after"> /* <![CDATA[ */ wp.i18n.setLocaleData( { 'text direction\u0004ltr': [ 'ltr' ] } ); /* ]]> */ </script> <script type="text/javascript" id="elementor-pro-frontend-js-before"> /* <![CDATA[ */ var ElementorProFrontendConfig = {"ajaxurl":"https:\/\/sucuri.net\/wp-admin\/admin-ajax.php","nonce":"fd6938db46","urls":{"assets":"https:\/\/sucuri.net\/wp-content\/plugins\/elementor-pro\/assets\/","rest":"https:\/\/sucuri.net\/wp-json\/"},"settings":{"lazy_load_background_images":true},"popup":{"hasPopUps":false},"shareButtonsNetworks":{"facebook":{"title":"Facebook","has_counter":true},"twitter":{"title":"Twitter"},"linkedin":{"title":"LinkedIn","has_counter":true},"pinterest":{"title":"Pinterest","has_counter":true},"reddit":{"title":"Reddit","has_counter":true},"vk":{"title":"VK","has_counter":true},"odnoklassniki":{"title":"OK","has_counter":true},"tumblr":{"title":"Tumblr"},"digg":{"title":"Digg"},"skype":{"title":"Skype"},"stumbleupon":{"title":"StumbleUpon","has_counter":true},"mix":{"title":"Mix"},"telegram":{"title":"Telegram"},"pocket":{"title":"Pocket","has_counter":true},"xing":{"title":"XING","has_counter":true},"whatsapp":{"title":"WhatsApp"},"email":{"title":"Email"},"print":{"title":"Print"},"x-twitter":{"title":"X"},"threads":{"title":"Threads"}},"facebook_sdk":{"lang":"en_US","app_id":""},"lottie":{"defaultAnimationUrl":"https:\/\/sucuri.net\/wp-content\/plugins\/elementor-pro\/modules\/lottie\/assets\/animations\/default.json"}}; /* ]]> */ </script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.25.2" id="elementor-pro-frontend-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3" id="jquery-ui-core-js"></script> <script type="text/javascript" id="elementor-frontend-js-before"> /* <![CDATA[ */ var elementorFrontendConfig = {"environmentMode":{"edit":false,"wpPreview":false,"isScriptDebug":false},"i18n":{"shareOnFacebook":"Share on Facebook","shareOnTwitter":"Share on Twitter","pinIt":"Pin it","download":"Download","downloadImage":"Download image","fullscreen":"Fullscreen","zoom":"Zoom","share":"Share","playVideo":"Play Video","previous":"Previous","next":"Next","close":"Close","a11yCarouselWrapperAriaLabel":"Carousel | Horizontal scrolling: Arrow Left & Right","a11yCarouselPrevSlideMessage":"Previous slide","a11yCarouselNextSlideMessage":"Next slide","a11yCarouselFirstSlideMessage":"This is the first slide","a11yCarouselLastSlideMessage":"This is the last slide","a11yCarouselPaginationBulletMessage":"Go to slide"},"is_rtl":false,"breakpoints":{"xs":0,"sm":480,"md":768,"lg":1025,"xl":1440,"xxl":1600},"responsive":{"breakpoints":{"mobile":{"label":"Mobile Portrait","value":767,"default_value":767,"direction":"max","is_enabled":true},"mobile_extra":{"label":"Mobile Landscape","value":880,"default_value":880,"direction":"max","is_enabled":false},"tablet":{"label":"Tablet Portrait","value":1024,"default_value":1024,"direction":"max","is_enabled":true},"tablet_extra":{"label":"Tablet Landscape","value":1200,"default_value":1200,"direction":"max","is_enabled":true},"laptop":{"label":"Laptop","value":1366,"default_value":1366,"direction":"max","is_enabled":false},"widescreen":{"label":"Widescreen","value":2400,"default_value":2400,"direction":"min","is_enabled":false}},"hasCustomBreakpoints":true},"version":"3.25.4","is_static":false,"experimentalFeatures":{"e_font_icon_svg":true,"additional_custom_breakpoints":true,"e_nested_atomic_repeaters":true,"e_optimized_control_loading":true,"e_onboarding":true,"e_css_smooth_scroll":true,"theme_builder_v2":true,"home_screen":true,"landing-pages":true,"nested-elements":true,"link-in-bio":true,"floating-buttons":true},"urls":{"assets":"https:\/\/sucuri.net\/wp-content\/plugins\/elementor\/assets\/","ajaxurl":"https:\/\/sucuri.net\/wp-admin\/admin-ajax.php","uploadUrl":"https:\/\/sucuri.net\/wp-content\/uploads"},"nonces":{"floatingButtonsClickTracking":"52632e2bd9"},"swiperClass":"swiper-container","settings":{"page":[],"editorPreferences":[]},"kit":{"active_breakpoints":["viewport_mobile","viewport_tablet","viewport_tablet_extra"],"global_image_lightbox":"yes","lightbox_enable_counter":"yes","lightbox_enable_fullscreen":"yes","lightbox_enable_zoom":"yes","lightbox_enable_share":"yes","lightbox_title_src":"title","lightbox_description_src":"description"},"post":{"id":9115,"title":"WordPress%20Security%3A%20How%20to%20Secure%20%26%20Protect%20WordPress%20%282024%20Guide%29","excerpt":"WordPress is the most popular website platform, making it a target. Learn basic WordPress security techniques and actionable steps to reduce the risk of a compromise.","featuredImage":"https:\/\/sucuri.net\/wp-content\/uploads\/2023\/02\/2022_Sucuri_Guide_Wordpress-Security-Guide-1024x481.png"}}; /* ]]> */ </script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.25.4" id="elementor-frontend-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.25.2" id="pro-elements-handlers-js"></script> <script> // Define the container ID const containerId = 'firewall-container'; // Get the container element const container = document.getElementById(containerId); // Function to toggle the state function toggleRadioButtonsInContainer() { if (container) { // Check if the radio buttons are inside the container const firewallInput = container.querySelector('#firewall'); const platformInput = container.querySelector('#platform'); if (firewallInput && platformInput) { // Make the 'firewall' radio button checked and set aria-checked to true firewallInput.checked = true; firewallInput.setAttribute('aria-checked', 'true'); // Make the 'platform' radio button unchecked and set aria-checked to false platformInput.checked = false; platformInput.setAttribute('aria-checked', 'false'); } else { console.warn('Radio buttons not found inside the container.'); } } else { console.warn(`Container with ID '${containerId}' not found.`); } } // Call the function to toggle the state toggleRadioButtonsInContainer(); </script> </body> </html>

CINXE.COM

WordPress Security: How to Secure & Protect WordPress (2024 Guide)