WordPress recommends certain best practices to secure your websites. MalCare allows users to implement those practices through its Site Hardening feature. There are three types of Site Hardening tools available: Essentials, Advance, and Paranoid. Here’s how you can implement those:


Step 1: Log into the BlogVault account and select a website.



Step 2: On the next page, click on the Review Security button under Security And Firewall section. It takes you to the security page.  




Step 3: In the Comprehensive Security section, click on the APPLY HARDENING button.


  • Under the option Essentials, you can:
    • Block PHP Execution in Untrusted Folders

    • Disable File Editors



  • Under the option Advanced, you can:
    • Block Plugin/Theme Installation



  • Under the option Paranoid, you can:
    • Change Security Keys 
    • Reset All Passwords



Step 4: After you select any of these, the next step is to Enter the FTP Credentials of your web host. You can use any of the FTP connection types to apply hardening for your site.



Step 4: To find out your FTP credentials, see the questions and answers on the right side of the screen. 



Step 5: Following that, you will need to Select the Folder with WP Installation. And then select Apply Fix.



  • And that’s it. The feature that you have selected will be applied to harden your site.