A quick video on how to implement Site Hardening


WordPress recommends certain best practises to secure your websites. MalCare allows users to implement those practises through its Site Hardening feature. There are three types of Site Hardening tools available: Essentials, Advance and Paranoid. Here’s how you can implement those:

Step 1: Log into BlogVault account and select a website.

Step 2: Click on the arrow in Security section, you will be directed to next page 

Step 3: In the next page, there is a Status update section. Underneath that there is a Site Hardening option. Select that. 

  • Under the option Essentials, you can:
    • Block PHP Execution in Untrusted Folders

    • Disable File Editors

  • Under the option Advanced, you can:
    • Block Plugin/Theme Installation

  • Under the option Paranoid, you can:
    • Change Security Keys 
    • Reset All Passwords

Step 4: After you select any of these, the next step is to Enter FTP Credentials of your web host. Remember to select SFTP in the FTP Type. 

Step 5: To find out your FTP credentials, see the questions and answers in the right side of the screen. 

Step 6: Following that, you will need to Select Folder with WP Installation. And then select Apply Fix.

  • And that’s it. The feature that you have selected will be applied to harden your site.