Secure a WordPress site.


I saw some sites were talking about the WordPress vulnerabilities and they were right and it made me worried a bit too. Today, I will tell you a simple but very effective way to protect your sites by closing two weak points found in WordPress. 

Alright, I found two files were browse-able and that was not any good news. I had to take a step to stop it and you will also know now what I did.

Which are those two files?

  1. xmlrpc.php
  2. readme.html

I was very able to browse those two files simply typing the following things in the address bar of my browser, https://novicecamp.com/xmlrpc.php or https://novicecamp.com/readme.html. 

Attackers could easily get information using those two files and try to do bad. I want to make it “access denied” for all. There are plugins available to do that but I would do it here manually and it is very easy for anyone. Please follow me.

I would simply add these following lines at the bottom of my .htaccess file from cPanel and then I will save it and I will go out of the cPanel.

Please copy these codes and paste them into your .htaccess file.

<files xmlrpc.php>
Order Allow,Deny
Deny from all
</files>

<files readme.html>
Order Allow,Deny
Deny from all
</files>

Note: I have talked a bit about the .htaccess file (where it is and how to edit it as well). Please read (Prevent username enumeration in WordPress) before you proceed.

Yes, I have done the things mentioned above and now I will type, https://novicecamp.com/readme.html and then https://novicecamp.com/xmlrpc.php in the address bar of any browser. Really! It shows “access denied”.  So, please make your “xmlrpc.php and readme.html” access denied as well.

All the best.

4 thoughts on “Secure a WordPress site.

  • March 5, 2019 at 5:06 pm
    Permalink

    great issues altogether, you just received a emblem new reader. What could you recommend about your submit that you made some days ago? Any positive?

    Reply
    • March 5, 2019 at 6:13 pm
      Permalink

      Hello Franchesca Lokuta, If you could point me about the post a bit more specifically, I was able to know.

      Reply
  • March 16, 2019 at 5:11 am
    Permalink

    With thanks! Valuable information!

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *