WordPress Security: How to rename the directory wp-content?
One step forward in wordpress security+ great plugin
WordPress is the most popular blogging and CMS system , which makes it a favorite target for hackers . Moreover, open source are amazing BUT everyone has access to its code .
This facilitates further discovery of a security hole from some attackers , not to mention how automated attacks are carried out.
That is open source , however , it is not the only drawback in terms of safety . WordPress has gained popularity and has evolved with enormous pace.
Relatively quickly became a huge blogging platform with multiple functionalities.
But then it turned out that something lame and its developers began one by one to patch security holes with each update.
So even if you follow the best practices (always updating to the latest version to use only trusted plugins and also periodically update them) we can not be sure that our WordPress website is ” safe .”
Therefore is not a bad idea to introduce a few changes in the structure of our website in order to confuse hackers who want to harm us .
If you’ve worked with WordPress, you probably know that most key elements such as images, themes and plugins are stored in the wp-content.
But do you know how you can change the name of this directory so that everything continues to run smoothly, but you are a bit more protected ?
You have probably wondered why we want to change the name of this directory ?
One of the main advantages is that our website will not look as WordPress . Which leads to greater security.
Important: Make sure you read the ” important note ” to the end of the article , before you make any modifications to your wordpress!
Rename wp-content directory
In our case we will rename the wp-content directory of stuff.
Remember which plugins are active, you can activate them again after completion.
After renaming the folder, all enabled themes and plugins will be disabled and will not appear in the plugins directory as WordPress can not find them in the default directory wp-content.
Several corrections in wp-config
Well before We make adjustments copy the file wp-config.php as backup. So in case something goes wrong, we can restore the file.
First add the following code before require_once (ABSPATH. ‘wp-settings.php’);
“define (‘WP_CONTENT_FOLDERNAME’, ‘stuff’); define (‘WP_CONTENT_DIR’, ABSPATH . WP_CONTENT_FOLDERNAME);”
Its purpose is to indicate to WordPress, that wp-content changed to stuff, then redirect to the new directory. After adding the above code, plugins and themes we will again be displayed. You can activate them again.
As you may have noticed, not all is as it should. Add the following code to set the new url address:
define('WP_SITEURL', 'http://' . $_SERVER['HTTP_HOST'] . '/'); define('WP_CONTENT_URL', WP_SITEURL . WP_CONTENT_FOLDERNAME);
This file modification should be taken with caution and preferably at a new website .
Otherwise you may need to change tone of things on your site before it start working again .
BONUS: Increased security with wordpress Hide my WP
Fortunately there is an easier way to hide completely and comprehensive, that you are using WordPress. This can be done with this popular plugin.
Broadly speaking, Hide My WP change the names of all known directories linking at our site to WordPress, without changing our files, folders or database.
The plug is designed to increase the security of our wordpress system also allows to create and more comfortable and beautiful URL to our articles and pages.
Hide My WP controls access to PHP files and according to developers protect your site from almost 90% of SQL-Injection and XSS attacks caused by direct access to PHP files. This means that if you use this plugin, you can install unsafe plugins with a considerable degree of concern less. And yet – be careful!
BONUS 2: You can download this pluggin for FREE – Click Here !