Security
How Web60 protects your site and what you can do to stay secure.
How Web60 keeps your website secure
Learn how Web60 protects your website with SSL certificates, daily backups, firewalls, and regular monitoring.
3 min readSecurity scan - check and harden your website
Learn how to use the Security card in Advanced Settings to scan your WordPress site for common vulnerabilities and apply recommended hardening measures with one click.
3 min readUnderstanding your website security settings
Web60 protects your site with automatic security features. Here is what we handle and what you can do to keep your website safe.
4 min readHow to protect your site with advanced security settings
Learn how to use the Security card in Advanced Settings to scan, harden, and protect your WordPress site against common attacks.
3 min readWhat is XML-RPC and should I block it?
XML-RPC is an older WordPress feature that attackers often exploit. Learn what it does, whether you need it, and how to block it from your Web60 dashboard.
4 min readHow to password-protect your entire website
Learn how to add a browser-level password prompt to your entire website using Basic Auth in your Web60 dashboard.
4 min readHow to block specific IP addresses from your website
Learn how to block unwanted visitors by their IP address using the IP Block List in your Web60 admin panel.
4 min readWhy you cannot edit wp-config.php directly
Learn why Web60 protects the wp-config.php file and how to manage all the same settings safely through your dashboard.
3 min readRemove default WordPress files (readme.html and license.txt)
Learn why you should remove readme.html and license.txt from your WordPress site and how Web60 makes it easy.
3 min readHide your WordPress version number
Learn how to remove WordPress version numbers from your site's source code, RSS feeds, and asset URLs to reduce your attack surface.
3 min readDisable the WordPress file editor
Learn how disabling the built-in WordPress theme and plugin editor protects your site from accidental damage and attackers.
3 min readAdd security headers to your website
Learn what HTTP security headers are, which ones Web60 adds to your site, and how they protect your visitors.
4 min readBlock author enumeration on your WordPress site
Learn what author enumeration is, why attackers use it, and how to block it on your Web60 website.
3 min readSecurity features included with every Web60 website
An overview of the security measures Web60 provides to protect your website from threats.
4 min readWordPress login protection on Web60
How Web60 protects your WordPress login page from brute-force attacks and unauthorised access.
3 min readHow to set up two-factor authentication (2FA)
Protect your Web60 account with two-factor authentication using an authenticator app like Google Authenticator or Authy.
3 min readWhat to do if your website is hacked
Steps to take if you suspect your WordPress website has been compromised or infected with malware.
4 min readHow to use and regenerate 2FA recovery codes
Recovery codes let you sign in to your Web60 account if you lose access to your authenticator app. Learn how to store and regenerate them.
3 min readHow to check your login activity
See a history of every sign-in to your Web60 account, including the date, method, IP address, and browser used.
2 min read