WP Toolkit can enhance the security of WordPress installations (for
example, by turning off XML-RPC pingbacks, checking the security of
the wp-content folder, and so on).
We call individual improvements you can make to the installation’s security
“measures”. We consider certain measures to be critical. For that
reason, WP Toolkit applies them automatically to all newly
created installations.
On the installation’s card next to “Security”, you can see the following security messages:
-
- “Fix security” means that not all critical security measures were applied.
- We strongly recommend that you apply them all.
-
- “Check security” means that all critical security measures were applied,
- while some recommended measures were not.
- “View settings” means that all security measures (critical and recommended) were applied.
Note: Some security measures, once applied, can be reverted. Some
cannot. We recommend that you back up a WordPress installation
before securing it.
You can secure WordPress installations individually or multiple installations at
a time.
To secure an individual WordPress installation:
- Go to WordPress, choose the installation you want to secure, and then, on the installation card,
click the message next to “Security” (for example, “Fix security”). - Wait for WP Toolkit to display the security measures you can
apply. - Select the security measures you want to apply, and then click
Secure.
All selected measures will be applied.
To secure multiple WordPress installations:
- Go to WordPress and then click Security.
- You will see the list of your WordPress installations. For every
installation, you can see how many critical (indicated by the
