security

hide theme files for admin beneath root

Question

The purpose is to give full admin rights, but not to the proprietary theme files. Our website is on /root/public_html/ We want to move only the themefolder /root/public_html/wp-content/themes/ beneath the accessible files to /root/themes/

htaccess, security, theme-development, user-access Christel 3 years 0 Answers 53 views

How to Prevent Brute Force Attack on WordPress

Question

my site went down for 1hr. and after then continuously. So I asked my hosting what the problem is with my website. they say I am in under brute force attack. told me to hire someone. I Limit Login Attempts by using a WordPress plugin. I want to know what other solutions I need to do

Remove special characters in a URL

Question

I need a help to prevent special characters in URL & it should redirect to 404 error page, if anyone specifically entered characters. I tried couple of ways through .htaccess but none of them worked. Expected URL: http://www.

htaccess, security, url-rewriting Karthick 3 years 0 Answers 57 views

WordPress malware

Question

wordfence is showing this file as malware in my wordpress website " Unknown file in WordPress core: wp-admin/e9e6c70243f58b4144b87db4e3541ed9 ". i deleted this file multiple times but after refresh it comes again.why and how can i fix that?

security, virus Razu 3 years 0 Answers 48 views

404 redirect wp-login and wp-admin after changing login url

Question

I've successfully changed the login page to a custom url, using this codes: This one into wp-config.php define('WP_ADMIN_DIR', 'secret-folder'); define( 'ADMIN_COOKIE_PATH', SITECOOKIEPATH . WP_ADMIN_DIR); This one into functions.php add_f

htaccess, login, security, wp-admin, wp-config Antoder 3 years 0 Answers 55 views

wp-config.php being written by attacker

Question

I have an up-to-date Wordpress install, and I've tried to do due diligence when it comes to security. However I'm having a recurring problem. I've put my config at the level above my install location. However every so often something writes a new wp-config.php to the

installation, security Rob Pridham 3 years 0 Answers 61 views

Attach to wp-login.php and xmlrpc.php

Question

I am receiving many requests to my wp-login.php and xmlrpc file, now I just set up an htaccess to prevent requests to xmlrpc, but how do you suggest me to block wp-login? thanks

hacks, htaccess, security, wp-login-form, xml-rpc Sam Provides 3 years 0 Answers 43 views

get_posts() SQL Injection

Question

I'm working on a custom search page and I usually use wpdb->prepare when crafting custom queries. But this time I went with get_posts to create the below query. But I'm wondering if I have to worry about SQL Injection with it. Should I? Or does get_posts() have that security built in? I

get-posts, security, wpdb Taurian 3 years 0 Answers 50 views

My site appears to be hacked?

Question

I recently found some random posts have been made from one of our user's account without the user's consent. We checked vividly with the security plugins but didn't found anything. While we checked our Server Logs we found something like

security SkyRar 3 years 0 Answers 55 views

Securing WordPress running on Azure platform

Question

We have a static website hosted on Microsoft Azure. Our marketing team wanted a easy way to update it so WordPress was installed on Azure, the site was created, marketing team updates it. A WordPress plug-in exports their updates as HTML which is shown on the static website. By not allowing WordP

cloud, security p_s 3 years 0 Answers 50 views

1 2 … 12

Register Now

Login

Lost Password

Add question

Login

Register Now