Hardening WordPress Best Practices

Manually Adding Extra Security Layers to your WordPress website

If you run a WordPress website you need to think about security and especially if you run a membership website this is a really important part you just can’t skip or put off till later, you need to do everything you can to prevent any user information getting hacked or worse, your administrator account because with that a hacker quickly takes over control and will change the admin login to lock you out from your own website that way to prevent you from making changes to your site via the WordPress dashboard.

If that happens, you can still manage to take back control over your admin account but you need to act fast and know what to do if you want to prevent even more damage from happening or any user information or business information being leaked and it’s really a race against the other person who managed to get access to your admin account…

I highly recommend you to prevent this scenario altogether by adding a few extra security layers manually and if you follow the step-by-step instructions that I made for you here in this blog post below you will make your WordPress website so safe that most hackers instantly lose interest and move on to the next one.

What is Security?

Security is not an absolute, it’s a continuous process and should be managed as such. Security is about risk reduction, not risk elimination, and risk will never be zero. It’s about employing the appropriate security controls that best help address the risks and threats as they pertain to your website.

Security also transcends the WordPress application. It’s as much about securing and hardening your local environment, online behaviors, and internal processes, as it is physically tuning and configuring your installation. Security is comprised of three domains: People, Process, and Technology. Each work in a synchronous harmony with each other, without the people, and their processes, the technology itself would be useless. Keep this in mind as you work through this guide, the threat landscape is constantly evolving and as such so should your security posture.

Website Hosts

If you have downloaded WordPress from you will need to self-host, and you will have a wide range of options. You will need to choose from shared hosts, managed hosts and a number of other variations. Each host will handle security differently, but each will be consistent in that the ultimate responsibility for your installation’s security will fall on the website owner (not the host).

We will not dive into the hardening of your host, as it is beyond the intent of this guide – which will focus on your WordPress installation. For more information though, we encourage you to jump over to the Hosting WordPress codex page.

How you decide to host your website is important, and should be done with care; the decision you make will dictate the specific security controls you will want to leverage. This means that you, the website owner, will be responsible for hardening your installation and why this guide is so important.


Click here to sign up now!

If you are somewhat familiar with the affiliate marketing networks it’s highly likely that you heard of JVZoo, maybe you are already an affiliate and promoting products via their service. If that’s the case you know that JVZoo is a great affiliate network which is reliable and already doing business online for years, knowing that you can expect the same quality of service from their hosting platform.

I’m running my websites on JVZooHost myself for years and from my experience with them I can honestly say that for the price you have to pay there isn’t anything else online that comes close to what JVZooHost has to offer, just take my example…

I only pay $9 per month for one shared hosting service and I have 3 separate WordPress installations running and another 2 domain aliases pointing to the same nine dollars monthly service and I have multiple sites checking my uptime performance showing that 99,99% of the time all my WordPress sites hosted on JVZooHost run without any problems.

Their support is really great and I needed their help multiple times because I broke something I couldn’t repair on my own, luckily they reply within the hour most of the time… Well, when I needed them hardest on a couple moments that it was really critical they managed to help me out on the same day except for one time when they made a few mistakes which started to get costly very fast and in the end I lost 2 months of work I had already done, I couldn’t do anything for 2 months at the time they tried to fix it and when they finally got things back working again and I was able to login to my WordPress dashboards I had to start all over new from the point that I got the first problem.

But they got it fixed on the server side and from that point till this day I haven’t got any issues with my websites anymore and got a 100% up-time. Because I’m using their hosting a long time and know my way around the hosting service Back Office, the Softaculous Software Suite, the email server and software and their cPanel you can expect from me that I’ve tried and tested every little thing just to see what happens so if you need any kind of support outside of their own I would be the next best person able to guide you with anything.

Get hosting via my link here at JVZooHost and use the coupon code – FREEMONTH – to get your first 30 days at no costs!

Security Concepts

There are basic concepts Information Security (InfoSec) concepts that you should be aware of as you embark on your journey of securing WordPress. These concepts are critical to helping you understand and implement the recommendations presented in this guide.

I strongly recommend you to read the complete documentation on to see what you will secure instantly by using the text files I provide for you to download (links will show up in the member area below when you log in and in the PDF file) so you can simply copy and paste the code into your htaccess file and skip going into every little detail right now to save yourself a lot of time and be done with it quickly.

Basically, I use all the options that will add some extra security layers to your WordPress installation manually and this way you will prevent any changes being made to the customizations afterward.

10 Reasons why you should Take Action right Now!

  1. First of all, it’s essential, it saves you a lot of time researching all this information or having to use multiple websites and open tabs to be able to complete the whole process
  2. I made this process safer for you because there’s only one online tool you need to use to generate a new line of code which is md5 protected so if someone would gain access to the file your original password doesn’t get compromised
  3. Most hackers are using scripts and software to scan the internet, looking for easy targets e.g. websites that are vulnerable because the site manager failed to do the most basic things making the site more secure
  4. You show hackers not to mess with your site and make hackers quickly lose interest
  5. You can sleep much better knowing that your members are safe
  6. By doing this manually you ensure that whatever happens when your site gets updated or you make changes in WordPress that your customized safety measures aren’t influenced in any way and your customizations will keep on working in most cases, whenever you do make any major changes to your website it’s always recommended to check if your manual customizations have survived.
  7. You don’t have to know any code or do a lot of complicated things, I made this process as easy as possible and I’ve kept the content as short as possible so you don’t have to read very much and be done with it in less than 30 minutes
  8. There’s also a PDF file available that you can download with the step-by-step instructions and links to the resources so you don’t have to come to this website and log into your account to access the content
  9. You’ll be done quickly!
  10. You can do this right now!

Doing just these few things that I’m going to explain to you today also shows to any hacker that you probably know what you are doing or you hire someone to secure your website and any professional hacker instantly knows that he or she will need to spend a lot of time to break into your admin account and they should also expect that getting access into one of your accounts doesn’t guarantee access to all of your accounts or access to any of your other websites, that would be a worse case scenario… Hackers will see that your site is too hard for them and will cost too much time which they don’t want or have to spend and quickly lose interest. This is why you should always use another password for every different account you make and never use the same login over and over because if one account gets compromised everything will be compromised.


Here’s what you need to do

Well, I’m giving you this information for free but you do need to have a WordPress user account here on my site (not an email subscription) and you have to log in to access the step-by-step instructions and the PDF file you can download… If you don’t have a user account yet you can create a new one here then come back here afterward, you can log in by using the form below (this prevents you from being redirected to another page when you use the regular login method)



Existing Users Log In


Small Biz / Entrepreneurship

Content Protection by
Posted in Members Only and tagged , , , , , , , , .

Ricardo Penders

Computers and Gadgets is what I'm really passionate about and because of my 20+ years of coding experience most technical stuff is easy for me to understand and I'm able to save a lot of time and money because of it but I didn't have any way to share that with people and pass on some of my knowledge.

That's why I started this blog... Coding and building websites is almost the same thing and I really love to experiment with code on my websites and share that with people online. This is how I started with Internet Marketing.

Now I'm teaching what I'm doing here on my website and would love to add your success story to my website.

Ricardo Penders CEO _SoHarD_dB_w@®Ez_ | The Rapid List Building System

Default Comments (0)

Leave a Reply

Facebook Comments (0)

G+ Comments (0)

Disqus Comments (0)