.htaccess, wp-config.php and WP Meta Info Management in All In One WP Security & Firewall

Posted OnSep 29, 2014     CategoryPlugins, Users & Security     Comments1 comment

In this section of the guide to the All In One WP Security & Firewall plugin, we will take a look at General Settings, where you can manage the .htaccess file, wp-config.php file, WP Meta Info and Import/Export.

Step 1) Login to the WordPress Dashboard.

Step 2) On the left-hand sidebar of the Dashboard navigate to WP Security -> Settings.

km-wp-all-in-one-settings-01

This feature displays the first things that should be done to tighten security on your site.

The options for this feature are shown below.

  • General Settings

    A. WP Security Plugin It is recommended that you make a back-up copy of your .htaccess file, database and wp-config.php file before enabling any security features.
    B. Disable Security Features If you think that a plugin on your site is broken due to a security feature you enabled, then click the Disable All Security Features button to turn off the security features of this plugin.
    C. Disable All Firewall Rules Click the Disable All Firewall Rules button to disable all firewall rules currently active in this plugin. This will also delete these rules from the .htaccess file. Use this option if you think one of the firewall rules is causing an issue on your site.

    km-wp-all-in-one-settings-02a

  • .htaccess File

    The .htaccess file is a key component of your website’s security and it can be modified to implement various levels of protection. It is important to keep a back-up copy!

    A. Save the current .htaccess file Click the Backup .htaccess file button to make a back-up copy of the .htaccess file in case you need to use the original file in the future.
    B. Restore from a backed up .htaccess file Should the occasion arise where you need to restore the .htaccess file from back-up, click the Select Your .htaccess File button, browse to locate and select the appropriate file. Click the Restore .htaccess File button to complete the restoration process.
    C. View contents of the currently active .htaccess file This option displays the contents of your current .htaccess file in read-only mode.

    km-wp-all-in-one-settings-02b

  • wp-config.php File

    The wp-config.php file is one of the most important files in your WordPress installation. It is a primary configuration file and contains crucial things such as details of your database and other critical components. It is important to keep a back-up copy!

    A. Save the current wp-config.php file Click the Backup wp-config.php File button to make a back-up copy of the wp-config.php file in case you need to use the original file in the future.
    B. Restore from a backed up wp-config.php file Should the occasion arise where you need to restore the wp-config.php file from back-up, click the Select Your wp-config.php file button, browse to locate and select the appropriate file. Click the Restore wp-config.php File button to complete the restoration process.
    C. View contents of the currently active wp-config.php file This option displays the contents of your current wp-config.php file in read-only mode.

    km-wp-all-in-one-settings-02c

  • WP Meta Info

    The WordPress Generator automatically adds some meta information inside the head tags of every page on your site’s front end.

    For example:

    km-wp-all-in-one-settings-02d

    The above meta information shows which version of WordPress your site is currently running and thus can help hackers or crawlers see if you have an older version of WordPress or one with a known security issue.

    This feature will allow you to remove the this meta information from your site’s pages.

    Place a check mark in the Check this if you want to remove the meta info produced by the WP Generator from all pages check box.

    Click the Save Settings button.

    km-wp-all-in-one-settings-02e

  • Once the appropriate check box contains a check mark as outlined above and the Save Settings button has been clicked, your security points score should now be 5/5.

    km-wp-all-in-one-settings-02ee

  • Import/Export

    This section allows you to export or import your All In One WP Security & Firewall settings.

    This can be handy if you want to save time by applying the settings from one site to another site.

    Note: If a setting relies on the current domain URL then it may not work correctly when imported into a different domain. You many need to make adjustments to the file prior to importing.

    km-wp-all-in-one-settings-02f

The next step in the guide will focus on the User Accounts feature.

 


1 comment

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Send this to friend