> Edit files
> File Manager or FTP
Install WordPress either manually or using the application installer that is bundled with the Control Panel.
Create a sub-directory to install WordPress into and then follow the instructions here:
When selecting the installation options refer to the video.
INSTALLATION USING APPLICATION INSTALLER
Follow instructions in this Guide.
In directory ( Installation directory )
We will be changing the default installation directory ‘wp’.
Many people just remove the default ‘wp’ directory and leave this option blank to install in the root of the domain.
We will create out own custom sub-directory and install WordPress there. Later we will make changes so that WordPress appears to be installed in the domain root.
In this guide I changed it to ‘secret’ – not recommended – just what I used for this demonstration.
Table prefix ( Database Table prefix )
Most people leave the default prefix of ‘wp-‘
We will be changing this to something else. I have again used ‘secret’ changing the prefix to ‘secret-‘
Admin Username ( administration login account name )
Most people leave this set to the default ‘admin’
You need to change it to something that is not related to you or the website. Again for this demonstration I have used ‘secret’
I have generated a 16 character random password using a combination of letters, numbers and special characters.
WordPress reports on the strength of your password when you enter it. You should aim for a score of 100/100
Go ahead and complete the WordPress installation.
We now have a new installation of WordPress in the sub-directory.
Now we want to make WordPress appear to be installed in the root of the domain.
Log in to WordPress and go to SETTINGS | GENERAL
Site Address ( URL )
Edit this field removing the sub-directory
Go to SETTINGS | PERMLINKS
Change to your preferred settings.
Next use File Manager or an FTP client and connect to the site.
Navigate to the new sub-directory and copy the index.php into the root domain.
Edit index.php and edit the last line which points to where to load WordPress. Edit the page adding the sub-directory.
SUMMARY OF SECURITY MEASURES IMPLEMENTED
- Installed WordPress into a custom hidden sub-directory
- Changed prefix on WordPress tables
- Changed default admin account name
- Implemented a strong password for admin account
We have also moved the WordPress file system to a location where it would not normally be located. This improves security by changing the location of sensitive system files from the default.
It is also a much cleaner way of organising the file system.