NEW feature in >wp-cli to secure any WordPress instance in just 60 seconds.
One command to rule them all đ¤
80% of the attacks to WordPress instances could be mitigated by simply applying common security best practices [1].
wp secure all exactly does that for you. Via wp secure all common best practices are applied proactively, and you are ready to go.
Whatâs covered by secure all?
The security vulnerabilities identified in 2012 [2] are still the security vulnerabilities of today [1].
wp secure all made it its mission to fix this grievance and make security the defacto standard.
By executing wp secure all security best practices such as:
Fix permissions
Set the correct permissions of all files & directories in your WordPress installation.
Set security headers
We add HSTS (Strict-Transport-Security), X-XSS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy.
Disable file editor
Prevents hackers from using file editor on your WordPress Dashboard.
Prevent PHP execution on sensitive locations
To extend security, you can block direct access to PHP files in plugins, themes, wp-includes and uploads.
Block access to sensitive stuff
Prevent hackers from accessing sensitive files and directories.
And many more âŚ
See the README for an overview of all features.
Read More