Tutorial by Examples

The file editor that ships with WordPress is a security risk. If an attacker gains admin access to your WordPress website they will be easily able to insert malicious code into theme and plugin files. It is also a risk with clients who don't know what they're doing. Once misplaced colon in the file ...

The most sensitive information of a WordPress install is stored in the wp-config.php file. If a hacker gets access to this file then they have total control of your website. By default wp-config.php is stored in the WordPress install folder. To make this file harder to steal you can move it out of ...

When you install WordPress to your server, the installation script will place a prefix in front of all the WordPress MySQL table names. This prefix is set to 'wp_' by default. The WordPress posts table will be called wp_posts for example. By changing the table prefix you can create some security by ...