What is Site Hardening? How do I implement it?

Created by Aman Kedia, Modified on Wed, 4 Jan, 2023 at 7:00 PM by Bharath K


WordPress recommends certain best practices to secure your websites. MalCare allows users to implement those practices through its Site Hardening feature. There are three types of Site Hardening tools available: Essentials, Advance, and Paranoid. Here’s how you can implement those:


Step 1: Log into the BlogVault account and select a website.



Step 2: On the next page, click on the Review Security button under Security And Firewall section. It takes you to the security page.  




Step 3: The security details page has 3 sections, the Ozone Layer, Cortex Layer,  and Carbon Layer.

Under the Ozone layer, find the Login Protection section and click on the APPLY HARDENING button here.



  • Under the option Essentials, you can:
    • Block PHP Execution in Untrusted Folders

    • Disable File Editors



  • Under the option Advanced, you can:
    • Block Plugin/Theme Installation



  • Under the option Paranoid, you can:
    • Change Security Keys 
    • Reset All Passwords



Step 4: After you select any of these, the next step is to Enter the FTP Credentials of your web host. You can use any of the FTP connection types to apply hardening for your site.



Step 4: To find out your FTP credentials, see the questions and answers on the right side of the screen. 



Step 5: Following that, you will need to Select the Folder with WP Installation. And then select Apply Fix.



  • And that’s it. The feature that you have selected will be applied to harden your site.



Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article