6 WordPress security tricks for your function.php file

WordPress started as a blogging tool but has evolved to a full content management solution and is used by millions of people. Because of the high number of people that are using WordPress as a content management system (CMS) for their websites and this makes it a easy target for hackers, mostly because a lot of WordPress users don’t update their sites (core, plugins & theme’s).
 
There are several good helpful plugins like Wordfence, Loginizer, iThemes Security and many more plugins which can help you to improve your WordPress security, but if you dont want to use plugins you can find a couple of useful security tricks below. You can add these lines of code to your WordPress theme function.php file.
 

Remove version number

Remove the WordPress version number from your code. This is a good trick but you should always update the WordPress core to the latest version!

 

Hide login errors

Hide the login errors/hints and replace them with a simple message.

 

Disable XML-RPC

If you dont want to access and publish to your blog remotely you should disable this. This will also completely disable the whole XML-RPC class.

 

Auto update wordpress

This will auto update your WordPress core (big and minor updates).

 

Auto update all plugins

Auto update all of your plugins.

 

Auto update all themes

Auto update all of your themes.

 

Some extra reading:

https://codex.wordpress.org/Hardening_WordPress
https://codeable.io/quick-wordpress-security-tips/
https://www.codeinwp.com/blog/secure-your-wordpress-website/
 

No comments found for “6 WordPress security tricks for your function.php file”
Leave a Reply

Your email address will not be published. Required fields are marked *