Blog članak

How to Harden WordPress with Two wp-config.php Settings

Use two simple wp-config.php settings to harden WordPress admin access and reduce risky file changes on production sites.

Sam tekst članka trenutačno je i dalje na engleskom, ali hrvatska navigacija, arhiva i povezani sadržaji ostaju dostupni.

Each WordPress installation in the root directory of the application has a file wp-config.php to which you need to add these two lines of code to the very bottom of the file:

// SECURE WP
define( 'FORCE_SSL_ADMIN', true );
define( 'DISALLOW_FILE_MODS', true );

FORCE_SSL_ADMIN provides an administrative interface by disabling it without using the SSL protocol, thus protecting data from accidental detection.

DISALLOW_FILE_MODS secures the system by disabling any system updates, including upgrades. By enabling this option, you significantly increase the security of the application, both from errors of administration users and from problems arising from add-ons or the WordPress system itself.

Povezane usluge

Ove su usluge usklađene s temom članka i daju čišći prijelaz od edukativnog sadržaja do konkretne implementacije.

Nastavite čitati

Prvo po zajedničkim kategorijama, a zatim po najjačem preklapanju u tagovima.

How to Harden WordPress with Two wp-config.php Settings

Savjetodavna područja vezana uz ovu temu

Povezani članci

How To Add HTTP Security Headers in WordPress

Kako voditi sigurnosne i accessibility reviewe s OWASP ZAP-om, WAVE-om i SSL Labsom

Zašto first-party analytics i consent pripadaju zajedno na malim service siteovima