You can easily install WordPress onto your website with just a few clicks in the admin panel. But there are some security concerns you should be aware of.
A secure WordPress installation is a key to keeping your website secure from hackers, bots, and other nefarious activities. Unfortunately, many newbies don’t know how to secure their WordPress websites properly while installing.
That’s why I’m going to cover all the things involved in securing a WordPress site — from setting up a strong password to renaming your database, table, and username.
You must use a reliable and secure hosting service for the security of your website. I personally recommend Bluehost.
In this guide, I’m going to show you how to install and configure WordPress safely for your business and get rid of unnecessary security threats.
I’ll show you this using cPanel and Plesk.
Install WordPress Securely Using cPanel
cPanel is the widely used and most popular hosting control panel. If your hosting uses cPanel, then follow the steps below:
Step #1: Log in to cPanel
The login interface and method can be different according to your hosting provider. If you use Hostgator, it might be different from Hostinger.
You’ll get the login information after signing up (purchasing) the hosting plan via email.
Step #2: Find out WordPress Manager
WordPress Manager lets you install it with just a few clicks. You’ll get it under the Software section. Scroll down your page or use the search bar.
Or you’ll get it in the Softaculous Apps Installer.
Step #3: Go to WordPress Management
Click on the WordPress Manager by Softaculous and go to the WordPress Management section. Now click on the Install button.
Step #4: Setting up Configuration
This is the most important part of our installation. We have to configure all information properly for better security.
- Choose Protocol — https:// (if you want your website will be like https://bloggerzia.com); or https://www (for like https://www.bloggerzia.com)
- Choose Domain — select the domain where you want to install WordPress
- In Directory — keep it blank; (if you use any name here, your WordPress will install in this sub-folder. Then your blog will be like https://bloggerzia.com/blog/)
- Choose the version you want to install — always use the latest version.
Site settings & Admin account:
- Site Name — write your website name here like Blogger Zia
- Site Description — you may keep this blank; or use your blog’s slogan
- Admin Username — change the name admin to an unguessable one
- Admin Password — use a strong password; (try to keep at least 16 characters with a combination of uppercase, lowercase, and special character)
- Admin Email — use your active email address; (you’ll get all notifications here)
- Database Name — change the default name with an unguessable one; it should be between 5-7 characters
- Table Prefix — change it; (you may keep the name between 8-10 characters)
You may keep unchanged for other options. Now scroll down and click on the Install. Your setup will be completed within a few minutes.
Install WordPress Securely Using Plesk
Plesk is becoming popular day by day. It’s becoming popular for its clean interface, easy-to-use navigation, and security. It gives you more flexibility than cPanel.
Step #1: Log in to Plesk
First, log in to your Plesk account. You’ll see your added domains here.
Step #2: Go to WordPress Toolkit
From the left navigation menu, go to the WordPress option. Click on the Install button under the Installation section from the upper menu.
Step #3: Setting up Configuration
Now you’re just one step away to install WordPress. You have to be aware here. Follow my instruction below:
- Installation path — choose https:// and your domain name; keep last field blank to install WordPress to the root folder
- Website title — give a name of your website; like Blogger Zia
- Plugin/theme set — none; you don’t need to select anything here
- Website language — default is English; you may select your desired one
- Version — choose the latest version of WordPress
- Username — use a username; this is your admin username
- Password — use a strong password to login to you WordPress dashboard
- Email — use your active email address to get all notifications
- Database name — change the default name to an unguessable one
- database table prefix — you may change the default name; recommend to keep underscore (_) at the end
- Database user name — you may change it; WordPress will automatically use this name to connect with your database
- Database user password — use a strong password
You may keep unchanged other. Finally, hit the Install… wait a minute… you’re good to go.
I would recommend installing WordPress on a secure server. This will help you protect your blog against hacking.
If you’re looking for a hosting company, I’d recommend Bluehost. They’re one of the most reliable companies out there and also recommended by the WordPress community.
Read more about Bluehost
I hope you enjoyed this tutorial. If you did, please consider sharing it with your friends. Thanks for reading!