Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Secure WordPress site

Rename database table prefix

Set table prefix in wp-config.php

$table_prefix  = 'wp_6yCX_';

Rename tables in database

RENAME table `wp_commentmeta` TO `wp_6yCX_commentmeta`;
RENAME table `wp_comments` TO `wp_6yCX_comments`;
RENAME table `wp_links` TO `wp_6yCX_links`;
RENAME table `wp_options` TO `wp_6yCX_options`;
RENAME table `wp_postmeta` TO `wp_6yCX_postmeta`;
RENAME table `wp_posts` TO `wp_6yCX_posts`;
RENAME table `wp_terms` TO `wp_6yCX_terms`;
RENAME table `wp_term_relationships` TO `wp_6yCX_term_relationships`;
RENAME table `wp_term_taxonomy` TO `wp_6yCX_term_taxonomy`;
RENAME table `wp_usermeta` TO `wp_6yCX_usermeta`;
RENAME table `wp_users` TO `wp_6yCX_users`;

Rename fields in tables

SELECT * FROM `wp_6yCX_options` WHERE `option_name` LIKE '%wp_%'
SELECT * FROM `wp_6yCX_usermeta` WHERE `meta_key` LIKE '%wp_%'

Remove version number

Remove generator tag and version parameter from enqued scripts in functions.php

// Remove generator tag
function remove_generator() {
  return '';
}

add_filter( 'the_generator', 'remove_generator' );
// remove version param from any enqueued scripts
function loader_src( $src ) {
  if ( strpos( $src, 'ver=' ) ) {
    $src = remove_query_arg( 'ver', $src );
  }

  return $src;
}

Change file and folder permission

find /path/to/your/wordpress/install/ -type d -exec chmod 755 {} \;
find /path/to/your/wordpress/install/ -type f -exec chmod 644 {} \;

Deny wp-config in /.htaccess

<files wp-config.php>
order allow,deny
deny from all
</files>

Deny PHP files in /wp-content/uploads/.htaccess

<Files *.php>
deny from all
</Files>

Disable file editing in functions.php

define( 'DISALLOW_FILE_EDIT', true );

Auto update Code, Plugins and Themes

define( 'WP_AUTO_UPDATE_CORE', true );
add_filter( 'auto_update_plugin', '__return_true' );
add_filter( 'auto_update_theme', '__return_true' );
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.