9 Assumptions for WordPress Security Series

[This post is part of WordPress Security series.]

Welcome to the 0 post of the series. It is post number zero, because it essentially outlines what you must know before the real thing starts. Before we start with describing several ways of securing WordPress, techniques, hacks and things to take care of, here’s what I assume. Call it the Requirements for WordPress Security.


  1. First of all, it is assumed that you are using self-hosted WordPress.org. Though most of the security tips and techniques apply to WordPress.com as well, but not all. So therefore, let’s just assume you are using WordPress.org. If you are interested in knowing the difference between WordPress.com and WordPress.org, read this.
  2. It is assumed that you know your way around cPanel, Plesk or whatever control panel is at your disposal.
  3. It is assumed that you are using WordPress to manage your website and not some other blogging platform like Tumblr or Blogger.
  4. I assume that you will be implementing security tips and techniques yourself and not having someone to do these for you. Not that it is must, but it is assumed.
  5. Similarly, assumption is that you have direct contact to your web host. Just in case, you may need to contact them for information, configure server, etc. Not that it is a must, but certainly one that you must have in case of emergency.
  6. It is assumed that you know your way around WordPress admin panel. If you unfamiliar with the dashboard, you can always take a some time to explore it. It is intuitively easy to navigate through and become second-nature.
  7. As such you know how to download and install WordPress plugins and themes.
  8. It is assumed that you know how to navigate, edit, delete, download and upload files via FTP. This is important because more often than not, we will be using FTP to make changes to critical files like wp-config.php and .htaccess.
  9. Whenever we will refer to WordPress, we will be talking about the self-hosted version of the CMS. It is also assumed that WordPress version is 4.2.1. Since WordPress updates come regularly, fix bugs and fills security holes, it is possible that, depending on the time you’re reading this, that a mentioned technique/tip/hack may have been solved and added to the core. Such a thing makes our technique meaningless, if it is solved by default. So always know we are talking about WordPress 4.2.1.

Needless of mention that you must have a computer with Internet connection. This should cover about 98% of stuff you must know/need in order to begin with the series.

[This post is part of WordPress Security series.]

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *