Enhance WordPress security by setting recommended file permissions, securing .htaccess, and disabling sensitive endpoints.
| Author: | Deep Rahman (profile at wordpress.org) |
| WordPress version required: | 5.2 |
| WordPress version tested: | 6.8.3 |
| Plugin version: | 1.0.2 |
| Added to WordPress repository: | 19-03-2025 |
| Last updated: | 17-04-2025 |
| Rating, %: | 0 |
| Rated by: | 0 |
| Plugin URI: | https://deeprahman.com/wp-secure-setup |
| Total downloads: | 607 |
 Click to start download |
|
Securing Setup helps protect your WordPress installation by:
1. Allowing users to set recommended file permissions for directories and subdirectories.
2. Automatically modifying the .htaccess file to:
– Protect the debug.log file from being accessed via the web.
– Restrict execution of specific file types (e.g., .png, .jpg), ensuring only selected file types are processed by the web server.
3. Disabling sensitive WordPress endpoints such as:
– system.multicall from XML-RPC.
– The users endpoint in the REST API.
The plugin is user-friendly and includes an easy-to-access settings page.
You can view or contribute to the plugin’s source code on GitHub:
[GitHub Repository]https://github.com/deeprahman/sswp)
Features
- Set directory and subdirectory permissions for enhanced security.
- Automate
.htaccessfile modifications. - Disable potentially vulnerable endpoints.
- Tested with the latest version of WordPress.
Notes
After activation, the plugin adds a submenu named File Permission under the Tools menu, where you can configure settings.