Many people want to power up their wordpress site by securing them. There is a possibility that your blog may get hacked by some hacking methods and you do not know how to secure your blog. In this tutorial you will learn one such trick to boost security for you wordpress site.
Requirements:
- WordPress Site
- cPanel Access
I do not tell that you will entirely secure your wordpress site, but this is one such method that helps keep your blog secure from brute force attacks. This is possible by installing WordPress files to a different directory or subdirectory but your wordpress installtion is kept in the root folder itself. This will not affect your blog and seo in any way, but just secures your login url so that your blog can be secured from bruteforce and other such attacks.
Note for multisite
This process is not applicable to and does not work if you have enabled MultiSite.
How to Move WordPress Files to Different Folder but Keep Installation in Root
1. Login to your hosting cPanel and go to file manager.
2. Create a new folder to store the core wordpress files. Here in this tutorial i am going to create folder named “hidewp” inside my root folder.
3. Now login to your wordpress dashboard. Goto Settings -> General. On the right side you will find many fields. In that search for WordPress address (URL) and Site address (URL).
In the WordPress address (URL) type the address of the folder you created. Here my address will be http://geekplugins.org/hidewp/
In the Site address (URL) type the address of the site url. In my case it is http://geekplugins.org/. See the screenshot.
4. Click save changes. Your site will now encounter a file not found error message. This is because you have not yet changed the files and the file path in index file. (Do not worry about the error message and do not try to see your blog at this point.)
5. Now select all the wordpress core files including .htaccess and index.php files and move them to the folder/directory you created. Here in my case i will move all my files to hidewp folder.
6. Copy the index.php and .htaccess files (Do not move) to root directory. In my case i will copy both the files from “hidewp” folder to root folder.
7. Open index.php file which is in the root folder(not the one in folder you created). Make the following changes.
Change the line that says:
require(‘./wp-blog-header.php’);
to the following, using your directory name for the WordPress core files:
require(‘./hidewp/wp-blog-header.php’);
Change hidewp to the folder/directory name you created.
8. You are now completely done! Login to your new location which is http://geekplugins.org/hidewp/wp-admin in my case.
This is how you can secure your blog from brute force and other similar attacks. Let us know if this trick helped you.
{ 2 comments… read them below or add one }
Nice tutorials !
this isnt wokring . i have installed on localhost to experiment. i have done all the steps mentioned but i am getting a page like i have not moved template files . so i restarted apache ,now still some link in sidebar are not working and template files are not getting picked up.
what i did wrong?