WordPress recommends certain best practises to secure your websites. MalCare allows users to implement those practises through its Site Hardening feature. There are three types of Site Hardening tools available: Essentials, Advance and Paranoid. Here’s how you can implement those:


Step 1: Log into the Malcare account and select a website.



Step 2: On the next page, click on the Review Security button under Security And Firewall section. It takes you to the security page.  




Step 3: The security details page has 3 sections, the Ozone Layer, Cortex Layer,  and Carbon Layer. Under the Ozone layer, find the Login Protection section and click on the APPLY HARDENING button here.



  • Under the option Essentials, you can:
    • Block PHP Execution in Untrusted Folders

    • Disable File Editors



  • Under the option Advanced, you can:
    • Block Plugin/Theme Installation



  • Under the option Paranoid, you can:
    • Change Security Keys 
    • Reset All Passwords



Step 4: After you select any of these, the next step is to Enter the FTP Credentials of your web host. You can use any of the FTP connection types to apply hardening for your site.



Step 4: To find out your FTP credentials, see the questions and answers on the right side of the screen. 



Step 5: Following that, you will need to Select the Folder with WP Installation. And then select Apply Fix.



  • And that’s it. The feature that you have selected will be applied to harden your site.