Configuring the WordPress Better WP Security

The WordPress Better WP Security plugin is a great way to secure your WordPress site from those who may want to attack or hack your site. You can monitor user logins, database backups, intrusion detections, and more. This article will explain how to install, configure, and use the basic options in the WordPress Better WP Security plugin.

Installing the Better WP Security plugin

  1. Log into the WordPress Dashboard. Go to Plugins > Add New.
  2. Install the WordPress Better WP Security plugin

    In the search box, search for “security“.

  3. Activate the WordPress Better WP Security plugin

    Activate the plugin.

    Security link in the navigation WordPress Better WP Security plugin

    You will see the Security link in the navigation to the left once the plugin is activated.

  4. Crate database backup WordPress Better WP Security plugin

    On the Welcome screen, click the Create Database Backup link. If you do not want a backup created, you can click No, thanks. I already have a backup.

  5. Allow core file changes WordPress Better WP Security plugin

    Next, you can allow the Better WP Security plugin to change core files or not. To allow the plugin to control the core files, select Allow this plugin to change WordPress core files button.

  6. Secure the site with the WordPress Better WP Security plugin

    Finally, click Secure My Site From Basic Attacks.

    The WordPress Better WP Security plugin Dashboard

    Now you will be taken to the plugin Dashboard. Below is a brief explanation of the option within the Better WP Security plugin.

Basic options in the Better WP Security

Below is a table with a brief explanation of the WordPress Better WP Security plugin.

Better WP Security options
Dashboard The Dashboard is the basic interface for your Better WP Security plugin. You can see the status of your security on the front page of the dashboard.
Admin User The User section allows the administrator user name to be changed. you can also change user ID’s in this area.
Away Mode Away mode allows you to set your WordPress site to be inaccessible for certain time periods. This is similar to maintenance mode with other plugins.
Ban Users The Ban feature allows you to ban IP addresses from accessing your WordPress site through the plugin itself.
Content Directory Gives you the option of changing your WordPress directory through the plugin.
Database Backup You can set up a cron job that runs a database backup on a regular interval.
Database Prefix The Database table prefix is a way the database tables are named within your WordPress database. The Table prefix can be changed here.
Hide Backend The login, admin, and register url’s can be changed to a non standard url or slug in this section. This makes the login areas difficult to find for visitors and bots.
Intrusion Detection The Detect section handles error pages through the Better WP Security plugin.
Login Limits Here you can configure login options like Max user login attempts, Login period, email notifications and other user login related configurations.
SSL Enables forced SSL for the frontend and user logins.
System Tweaks These are system tweaks that allow you to protect files, directory browsing, suspicious query’s and more.
View Logs Allows you to view logs of login attempts, old data, and errors.

Thoughts on “Configuring the WordPress Better WP Security

  • I’ve got this plugin installed and it’s randomly reporting that thousands of files have been deleted (all the files in the WP installation). They’re not actually gone or changed in any way. On the next pass I get a report that all the same files have been added.

    I’ve been using Better WP Security for quite a while, and never had this issue until I moved my sites to inmotion. It happens on all 25+ sites I have hosted here.

    • Hello Bill,

      Thank you for contacting us. I spent quite some time testing this and even let Better WP Security run for several days, but am not getting any “file deleted” reports.

      We are happy to help you troubleshoot, but will need some additional information. Have you reviewed the server logs for errors around the time of the reported missing files? You can view your error logs in cPanel, or directly on the server at any time.

      Often, 3rd party Themes/plugins can have incompatibilities (especially lately with the many security updates WordPress has pushed out), Common WordPress Troubleshooting Techniques can help rule them out.

      Also, with debugging turned on, it is much easier to locate any errors within your WordPress site as well as any plugins and themes that may be causing errors.

      Thank you,
      John-Paul

Leave a Reply