Wordpress Config Security

BRAVO WP ultimate security - Wordpress Plugin, Read full features to learn how to secure Wordpress site using Bravo.

Go Pro!

Wordpress Config Security By Bravo


The wp-config.php is the brain of Wordpress, We should protect the brain to set the body with a good health.
You should take this seriously, You should follow the next steps to be in a better level of security.

Wordpress wp-admin Dashboard >> Bravo Menu >> WPConfig Tweak
wordpress config security

Change Wordpress Database Prefix

As I mentioned at the Change Wordpress DB Prefix article, A lot of Wordpress users and all developers know the default 'wp_' DB prefix.
For this reason, You should change it to a unique one using the Bravo wizard.

Wordpress wp-admin Dashboard >> Bravo Menu >> WPConfig Tweak >> Themes and Plugins Editor
change wordpress db prefix

Themes and Plugins Editor

As a security measure it is recommended to disable the theme and plugin editors in WordPress, Why? to protect your files from injecting with malware, blackhat SEO links or inserting SHELL scripts.
Just one click to enable/disable editor.

Wordpress wp-admin Dashboard >> Bravo Menu >> WPConfig Tweak >> Database Table Prefix
wordpress disable file editor

WPConfig File Permissions 'wp-config.php'

The permissions you as the owner will give to the file, read , write or both.
We highly recommend to change wp-config.php permissions to read-only '0400' or '0444'.

Wordpress wp-admin Dashboard >> Bravo Menu >> WPConfig Tweak >> WPConfig File Permissions 'wp-config.php'
wordpress config read only

Wordpress Automatic Updates

Keep your Wordpress core files, themes and/or plugins up to date. Always Wordpress and other themes and plugins developer receives problems and bugs in their codes, So we should update the code.
This action can be automatically if you enable the 'auto update' options using Bravo.

Wordpress wp-admin Dashboard >> Bravo Menu >> WPConfig Tweak >> Wordpress Automatic Updates
wordpress auto updates

Display Errors & Debug

Debug and error display is a dangerous tool for a public website, but it is a useful tool for developers.
So, If you do not need it, please disable it to prevent hackers from knowing what's errors and bugs in your code or files.

Do not worry, BRAVO will enable a local and secure debug you'll browse it under 'Log Watching' menu.

Wordpress wp-admin Dashboard >> Bravo Menu >> WPConfig Tweak >> Display Errors & Debug
wordpress disable debug

Authentication Unique Keys and Salts

We have talk about Authentication Unique Keys and Salts and we told you and readers what is the importance and why should we change it.
Please read the full article [read more].