• Hardening WordPress

    Read more
    • replace wp_ db prefix
    • rename folders wp-content, uploads, plugins, wp-admin, wp-include
    define('UPLOADS', 'media' ); // we renamed uploads and moved it level up
    define('WP_CONTENT_DIR', '/path/to/wordpress/dir/content'); // no host name, no trailing slash
    define('WP_CONTENT_URL', 'http://example.com/content');
    define('WP_PLUGIN_DIR', '/path/to/wordpress/dir/content/mod'); // no host name, no trailing slash
    define('WP_PLUGIN_URL', 'http://example.com/content/mod');
    • change cookie’s names
    define('USER_COOKIE', 'my_user_cookie' );
    define('PASS_COOKIE', 'my_pass_cookie' );
    define('AUTH_COOKIE', 'my_auth_cookie' );
    define('SECURE_AUTH_COOKIE', 'my_sec_cookie' );
    define('LOGGED_IN_COOKIE', 'my_logged_cookie' );
    define('TEST_COOKIE', 'my_test_cookie' );

    Sources:

    • https://wpcerber.com/turn-wordpress-into-fort-knox/
    • https://developer.wordpress.org/advanced-administration/security/hardening/