Skip to step 1
You’re going to need two lots of login details before you start:
- your hosting account’s username and password so that you can log into cPanel, and
- your WordPress login details so that you can log into WordPress itself.
Stop now and find them if you don’t have either of those: you cannot secure your website without them.
These instructions were written on 25 July 2014 and assume that your website is hosted by Digital Red. Wherever www.mysite.com is mentioned, you should replace that with your own domain name (so if we were updating this website, www.mysite.com would be replaced by www.digitalred.com).
If you don’t know where to find either your hosting account login details or your WordPress login details, call Daniel on 020 3411 4445. If your website isn’t hosted by Digital Red already, you can still follow these instructions if you use WordPress and cPanel.
Note: You can click on any of the screenshots below to open a life-size version.
What’s involved in getting Wordpress protected ?
Your choice of about 3 to 4 hours of your time, or £60! You can either ask Daniel to do everything for you, or you can do it yourself.
To make the changes yourself, follow ALL of the steps below:
- Step 1 – Backup before you do anything
- Step 2 – Update WordPress, Plugins and Themes
- Step 3 – Thin out WordPress (delete unused Plugins)
- Step 4 – Password protect the wp-admin folder and wp-login.php
- Step 5 – Disable the XML-RPC function in WordPress
- Step 6 – Installing security plugins, deleting extra users, changing passwords
Too much for you to take in? Daniel can do it all for you.