Wordpress Security - Checklist 2022

You can use the checklist to check the website built on the Wordpress content management system. Lock down your site to prevent hackers and security vulnerabilities from affecting your website.

Change the Default “admin” username Change the Default “admin” username
Disable File Editing Disable File Editing
Disable PHP File Execution Disable PHP File Execution
Limit Login Attempts Limit Login Attempts
Two Factor Authentication Two Factor Authentication
Change the Default WordPress Database Prefix Change the Default WordPress Database Prefix
Protect WordPress Admin by password Protect WordPress Admin by password
Disable Directory Indexing & Browsing Disable Directory Indexing & Browsing
Disable XML-RPC Disable XML-RPC
Automatically log out Idle Users Automatically log out Idle Users
Add Security Question to Login Screen Add Security Question to Login Screen
The Latest Version of PHP The Latest Version of PHP
The Latest Version of WordPress, Plugins, and Themes The Latest Version of WordPress, Plugins, and Themes
HTTPS for Encrypted Connections (SSL Certificate) HTTPS for Encrypted Connections (SSL Certificate)
Hide WordPress Version Hide WordPress Version
The Latest HTTP Security Headers + Cloudflare DNS The Latest HTTP Security Headers + Cloudflare DNS
Set up a Wordpress backup (files + database) Set up a Wordpress backup (files + database)
DDoS Protection (Cloudflare) DDoS Protection (Cloudflare)
Routinely check for malware and signs of security breaches (security plugins, online scans,...) Routinely check for malware and signs of security breaches (security plugins, online scans,...)

Author of checklist

Pavel Zaněk

I'm Full Stack Web developer interested in online marketing - especially in the search engine optimization (SEO).

PavelZanek.cz

Public profile

Approved by Pavel Zaněk

Approved at 2 years ago (2022-03-04)

After logging in, you can import all tasks from this checklist into your checklist.