Wp security scan, scan wordpress files security

Improve your wordpress files and folders security with wp security scan.

Long time ago, i have posted about wordpress security part 1, and part 2, how to secure your blog posts and i am constantly doing all the tips to improve the security of my blog.

Though the most important is change your passwords, which is cPanel and wordpress dashboard regularly.

And don’t forget to hide your real admin login name! see my post about how to change wordpress admin name.

Other than those tips above, i also still use wp security scan to scan my wordpress files and folders regularly. (I deactivate the plugin if after scanning, and activate it again when i need to scan).

Wp Security scan, what does this plugin do?

What i love about this plugin is, it is extremely easy to use.

After you install it (previous post: how to install wordpress wp plugin), you will have some options and features to use.

Wp security scan plugin will tell you about most essential things you should check to secure your blog.

Example if you still have “Admin” as a login name, this plugin will notify you to change it.

Features of wp security scan, and the video tutorial:

Video tutorial: (i use video from “how to secure your blog” post, so watch only the part of reviewing wp security scan, it works with wp 3+)

1. After wp security scan installation is done, and after it is activated, you will see “Security” tab in your left sidebar of admin dashboard.

wp security scan

Here you will see 5 links:

-Security

-Scanner

-Password tool

-Database

-Support.

2. The option which can scan your wordpress files permission is “Scanner” button, after you click that link, you should see your files permission.

wp security scan
If all is fine, it should be all green.

Those files and folders are including:

-Root directory

-wp-includes.

-htaccess

-wp-admin/index.php

-wp-admin/js

-wp-content/themes

-wp-content/plugins

-wp-admin

-wp-content

I use wp security scan, do you?

Share the knowledge
Share on Google+0Tweet about this on TwitterShare on Facebook0Pin on Pinterest0Share on Reddit0Email this to someonePrint this page

Comments

  1. says

    Hi Kimi,

    Excellent video! I’ve installed the Wp security scan plugin and need to add an htaccess to wp-admin.
    I see on the video a code to add to the htaccess file on wp-admin, but I can’t copy and paste from it.
    It’d be great to have a transcription in text of the videos. Meantime, would you mind to re-copy here the code you’ve added to the htaccess file to wp-admin?
    Can the code I saw on the video affect in some way eventual upgrades of WordPress new versions, plugins or theme?
    My IP is dynamic, the code I saw on the video, doesn’t affect also the access via IP. Is this correct?

    Thank you in advance and hope you’re OK!

    Gera

    • says

      Hi Gera

      The best will be, adding this code inside the htaccess file inside wp-admin

      the xxx.xxx.xxx is your dynamic IP

      But if you’re not sure about it, then don’t use it LOL

      Actually, this will be the best also to secure wp-admin, which only allow people with the associated IP to access your wp-admin, in this case, you :)

      It will not affect any upgrades/themes/plugins

      Thanks for commenting, I am OK; just a bit busy with kids summer holiday :)

      Kimi.

      • says

        Hi Kimi,

        No problem I’m complicated recently too.

        Thanks for the code. Unfortunately I can’t use it because my IP address is dynamic and it changes every 12 hours or faster. I’d be changing this file at least two times per day ;-)

        Have a great week!

        Gera