WordPress Toolkit can enhance the security of WordPress installations (for example, by turning off XML-RPC pingbacks, checking the security of the wp-content folder, and so on).
We call individual improvements you can make to the installation’s security “measures”. We consider certain measures to be critical. For that reason, WordPress Toolkit applies them automatically to all newly created installations.
On the installation’s card next to “Security”, you can see the following security messages:
- “Fix security” means that not all critical security measures were applied.
We strongly recommend that you apply them all. - “Check security” means that all critical security measures were applied,
while some recommended measures were not. - “View settings” means that all security measures (critical and recommended) were applied.
To secure an individual WordPress installation:
- Go to WordPress Toolkit, choose the installation you want to secure, and then, on the installation card, click the message next to “Security” (for example, “Fix security”).
- Wait for WordPress Toolkit to display the security measures you can apply.
- Select the security measures you want to apply, and then click Secure.
- All selected measures will be applied.