Control WP Hardening (WebUI Method)
- Log into the cPFence WebUI and select the server to manage.
- Navigate to Tools & Utilities ➜ WP-AutoShield Bulk Tools.
- Open Enable WordPress Hardening to lock down
wp-includes,uploads, andwp-config.php; or pick Disable WordPress Hardening to roll it back. - Confirm the operation and let cPFence push the .htaccess rules to every site (or only the sites you selected).
- Monitor the log stream to ensure each site applied the changes successfully.
Use this when onboarding new customers or when a developer requests temporary access to hardened paths.
Tip: Ensure autoshield_wp_hardening is set to ‘Off’ in the Settings page (if it’s currently on), or WP-AutoShield will automatically re-enable it during the next 6:10 AM run.
Command Line (CLI) Method
- SSH into the server.
- Enable the hardening profile:
cpfence --bulk-enable-wp-hardening - Disable it when troubleshooting:
cpfence --bulk-disable-wp-hardening
Remember to re-enable hardening once diagnostics are complete to keep uploads and includes protected.
Need Further Assistance?
Visit our Knowledgebase or contact our support team for help.
