How to Secure Your WordPress Sites with cPFence?

WordPress is a powerful platform, but it can become vulnerable if not properly secured. With cPFence, you can safeguard your WordPress installations against malware, unauthorized changes, and other security threats. This guide explains how to use cPFence’s WordPress Integrity Check and related tools to enhance the security of your sites.

WordPress Integrity Check

The WordPress Integrity Check feature in cPFence is designed to detect unauthorized changes, unexpected files, or checksum mismatches in WordPress core files. It ensures that your websites are protected against potential malicious activity.

Easy-to-Use CLI Commands

cPFence provides simple CLI commands to manage the WordPress Integrity Check feature. Here are the key commands:

  • Enable WordPress Integrity Check: Safeguard your WordPress sites by enabling this feature. (Recommended)
    cpfence --enable-integrity-check
  • Disable WordPress Integrity Check: Turn off the integrity check if not required.
    cpfence --disable-integrity-check
  • Enable Automatic File Quarantine: Automatically move unexpected files to quarantine for review.
    cpfence --enable-auto-file-action
  • Disable Automatic File Quarantine: Turn off automatic quarantine for detected files.
    cpfence --disable-auto-file-action
  • Set Integrity Check Frequency: Choose how often the integrity check runs. Options are daily or hourly.
    cpfence --set-check-frequency [daily|hourly]

Excluding Trusted Websites or Files

To fine-tune the Integrity Check, you can exclude specific websites or files:

  • Exclude Specific Websites:
    Add the paths of websites to be excluded in the file:
    /opt/cpfence/user-config/cpfowl/exclude_integrity_check_sites.txt
  • Exclude Specific Files:
    Add filenames to be excluded from detection or quarantine in the file:
    /opt/cpfence/user-config/cpfowl/exclude_integrity_check_files.txt

Example Configurations

  • Enable Integrity Check with automatic file quarantine and daily checks:
    
    cpfence --enable-integrity-check
    cpfence --enable-auto-file-action
    cpfence --set-check-frequency daily
    
  • Disable Integrity Check entirely:
    cpfence --disable-integrity-check

Best Practices for Securing WordPress

In addition to enabling the Integrity Check, follow these tips for optimal security:

  • Keep WordPress core, themes, and plugins up to date.
  • Use strong passwords and enable two-factor authentication (2FA).
  • Install a reputable WordPress security plugin, such as Wordfence, for extra protection.
  • Remove unused or outdated plugins and themes.
  • Regularly back up your website files and databases.

Need Further Assistance?

If you encounter any issues or need additional help, feel free to reach out to our support team via your client portal.

  • wordpress
  • 2 A felhasználók hasznosnak találták ezt
Hasznosnak találta ezt a választ?

Kapcsolódó cikkek

How to Perform and Export Wordpress Vulnerability Scans with cPFence?

cPFence provides powerful tools for identifying and analyzing Wordpress vulnerabilities. With the...

How to Generate a List of All WordPress Sites on Your Server?

cPFence provides an easy way to generate a comprehensive list of all WordPress sites on your...

How to Clean an Infected WordPress Site?

Has your WordPress site been infected, and cPFence reported malware or other issues? Don’t worry;...