The WordPress is not flexible at all when it come to media upload location. The default path is a standard format which appear like this, for any attachments (images, archives etc): <img class="alignnone size-full" src="http://domain.com/wp-content/uploads/2016/11/106658.jpg" alt="" width="640" height="390" alt="" /> Viewing such a link, it’s pretty obliviously it’s a WordPress site, and the link points […]

This feature helps to control different aspects regarding the comments area of a post/custom post type. New wp-comments-post.php As default the form data is being sent and processed at: https://-domain-name-/wp-comments-post.php This makes it easy to recognise as WordPress form. Boots always search for such file ( wp-comments-post.php ) and automatically submit spam messages. Though this […]

An author URL display all posts associated to a particular author. This feature help to change the default /author/ endpoint to something customized. The /author/ slug is common to WordPress, is an easy way for a hacker boot to attempt and identify the site as using WordPress. As default the author url format is: https://-domain-name-/author/author-name/ […]

The /search/ is the default slug used to display the results for the search page. This feature help to change the default /search/ endpoint to something customized. As default the search url format is: https://-domain-name-/search/search-word/ By using the option “find” the default url becomes: https://-domain-name-/find/search-word/ Block default search url After changing the default author, the […]

The WordPress REST API is an easy-to-use set of HTTP endpoints which allows access a site data in simple JSON format. That including users, posts, taxonomies and more. Retrieving or updating is as simple as sending a HTTP request. A REST API can be consumed everywhere. On mobile applications, on front-end (web apps) or any […]

This functionality is available for PRO version. The Registration module controls the URL for the registration process and the activation URL on a MultiSite. New register-me.php As default, the register-me.php is being used for the registration process, This is the place where users can register a site or / and a ursername. This functionality provides […]

Any WordPress instance include specific files located within root install directory. You may think this is not a big deal as any site contain such file. The problem is they use a format which makes your WordPress easy traceable:

As default the WordPress url’s format include an ending slash. There are situations when this slash is not being append. Turning on this option, all links will get a slash if not included as default. This is also useful when someone try to view a directory content. On majority of servers, when try to open […]

Using the WordPress as CMS to manage your website it turns into a magnet for all brute force attempts to login, from boots and hackers. On CODEX there’s a dedicated page for such topic Brute Force Attacks it’s a very sensible area of your website and should get the appropriate attention from everyone. There are […]