Course Content
Introduction to WordPress Security
WordPress is a platform for easily creating websites and blogs. It is open-source, free, and user-friendly, becoming one of the most popular platforms worldwide. People use WordPress to build personal websites, blogs, online stores, and more. It offers a wide range of plugins and themes that allow users to customize their sites according to their needs.
0/1
Critical Installation and Security Settings
0/1
Automated and Manual Backups
0/1
Security Functions
0/1
Implementation of SSL and HTTPS
0/1
WordPress security
About Lesson

Deleting files like debug.log, license.txt, readme.html, and upgrade.php from the WordPress system can improve the site’s data security. These files contain potential details that can be exploited to compromise the system’s security:

  1. debug.log

    • This file logs PHP errors in WordPress and contains additional information about the site. The file is located at wp-content/debug.log, and deleting it creates difficulty in externally accessing internal site details.
  2. license.txt and readme.html

    • These files contain information about software licenses and other details. The files are located in the root directory of the site. Removing these files significantly reduces forgotten details and prevents potential attackers from obtaining additional information about the site.
  3. upgrade.php

    • This file, located in the site’s root directory, can serve as a starting point for attacks if accessed again. Deleting the file prevents potential intrusions through this file.
  4. install.php

    • After successfully installing the WordPress system and verifying that everything works as expected, there is no need to keep the installation file on the site’s server. It interferes with the site’s security, as it is a file that provides direct access to the system’s installation processes. The file is located in a directory named wp-admin; enter and delete it from the directory.