Restrict Access To WordPress Login Page

In this tutorial we're going to create a WordPress plugin that can be used to help improve the security of your site by restricting access to the login page by a querystring password override. With th...

Change WordPress Database Prefix

As WordPress is an open source application all the database table names are known to everyone. If someone knows the name of your database table it makes it easier for them to guess a SQL injection scr...

Redirect Users After Login In WordPress

WordPress comes with the ability to create different users for your website. Each of these users can have different roles and different capabilities to perform tasks on your website. You can have user...

Disable Auto Updates In WordPress

In the past when there is a new WordPress version release the site admin would have to log into the admin area and manually update their website. As of WordPress 3.7 the core development team have cr...

Hide WordPress Update Notice To All But Admins

When you have built your site on an open source project like WordPress one of the benefits you get is continuous updates and improvements to the core code. WordPress aims to release a couple of versio...

Validate Requests In WordPress Using Nonce

There are loads requests that you can perform in WordPress from either forms or links that will do things like updating database values or deleting posts. If you are deleting a post or updating any va...

Restrict Admin Area To Only Admin Users

When you create a new user in the Wordpress user manager they will be able to login to your site by going to the default Wordpress login page /wp-login.php. Depending on the role you have assigned to...

Move Wp-Content Folder To Different Location

Ever since Wordpress version 2.6 you can actually move your wp-content directory to a different location. The wp-content directory will store all your theme files, plugin files and images. Why Move Th...

Disable Changing The Wordpress Theme

The problem with having a multi-author blog is that you have a lot of users which have access to the admin area of your Wordpress site. When they have access to your admin site they have access to cha...

Disable File Edits In Wordpress Admin

If a user has access to your Wordpress admin area then they will have access to all the files which are currently installed on Wordpress this includes all plugins and themes. If they have access to pl...

Disable Wordpress Version Update Message

Every couple of months Wordpress will release a new version of Wordpress which improves on the previous version. You should always keep your Wordpress version up to date as it will fix problems on th...

Secure wp-config.php File With htaccess

Your wp-config.php file stores all of your config variables for your Wordpress site. If someone has access to this file they will be able to see your database username and password. When you first in...

Block Wordpress Admin By IP

Wordpress security is a massive problem, because of Wordpress being such a popular blogging platform it is used by millions of sites around the world. If someone is able to get access to your Admin ar...

Create Wordpress Database Error Page

In today's tutorial we are going to learn how you can display a page on your Wordpress install if your website has a database error. Wordpress Files In Wordpress it has a couple of default file names...

Secure Your WordPress Site

No matter how big or small your website is you will always have people trying to hack your site. These people will use bots to find your login pages and use a brute force tactic to gain access into yo...