Rock Solid Wordpress Security - Secure Web Development

Secure and protect your website from hackers and save time, resources and stress.
4.1 (60 ratings)
Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
3,088 students enrolled
Start Learning Now
  • Lectures 23
  • Length 1.5 hours
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works


Find online courses made by experts from around the world.


Take your courses with you and learn anywhere, anytime.


Learn and practice real-world skills and achieve your goals.

About This Course

Published 12/2014 English

Course Description

Save Time, Money, and Stress!

Find Out What Hackers Don't Want You to Know!

Rock Solid Wordpress Security is changing the security landscape for thousands of Wordpress sites! 

Updated: We are currently in the process of updating this course (February, 14, 2017).

Secure your Wordpress website today for free!


Secure your Wordpress website today!

Having a website is essential to your online identity. Chances are you chose to use Wordpress as a website platform due to its ease and flexibility. Along with the popularity of the Wordpress platform, as with anything else, come risks, security risks. Not everyone on the Internet has good intentions, not everyone wants to see you succeed, there are even a select few that take pride in tearing down what others have created.

Secure your Wordpress login and admin area!

Don't fall victim to those looking to destroy your site, and don't think for just a moment that just because you aren't some big name that everyone is playing nice. It is the age of the Internet, and Internet security for your website, especially your Wordpress login area, has never been more important.

Use the simple steps in this course to secure Wordpress!

There is good news! In just a few, simple steps I will show you how to secure your Wordpress installation so you never have to worry about hackers again. I am addressing Wordpress security with a no-costno-code approach so anyone can secure their site. You can rest easy knowing that your site will be there in the morning, just the way you left it, from this point forward.

Wordpress Security Best Practices

This course is regularly updated to reflect the Wordpress security best practices based on the most current Wordpress version and recent security threats.

What are the requirements?

  • Students should have a certain understanding of how Wordpress operates, but no technical skill is required, it will be covered within the course.

What am I going to get from this course?

  • Secure your Wordpress website using proven security methods.
  • Secure your Wordpress installation from hackers and malicious code.
  • Modify the permissions of key administrative folder and files so they cannot be accessed by just anybody.
  • Deny access to certain parts of their website.
  • Use built in server tools to further secure their website by changing common defaults.
  • Rest easy knowing your site is secure.

Who is the target audience?

  • Anyone who has a Wordpress website and is looking to secure their installation.
  • Wordpress users that are concerned or unsure if their site is protected.
  • Wordpress users that have been targeted by hackers and want full protection.
  • Anyone thinking about using Wordpress as a website platform that wants to start out the right way and be protected.

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.


Section 1: Welcome and Expectations!

This video describes exactly what you will learn by taking this course. What can you expect to have once it is completed? What new skills will you attain along the way? Listen to the short video to find out!


With well over a decade of Internet experience, I have seen my fair share of hacks and hack attempts. At one point, in 2010, one of my most popular websites was irreversibly hacked, that changed my entire outlook on website security.


Internet security is a true beast to tame, looking back at just 2014 you'll recall that some big names where in the news because they were hacked. Home Depot, Target, Xbox Live, and Sony were all hacked... the bottom line, nothing is ever 100% bullet-proof. In this course we'll do everything possible and reasonable to secure you Wordpress website.

Section 2: Understanding the Risks of a Default Wordpress Installation

In this video we will discuss some of the risks associated with maintaining a nearly default installation of Wordpress and the typical methods that hackers employ to compromise your site.

2 questions

Just a quick question about hacked sites.

1 page

Use this checklist to help you work through securing your Wordpress website(s).


There are a few common errors people make when installing Wordpress that leaves their site open to be hacked more easily, don't make these common mistakes. If you have, we will correct them in the upcoming videos


It is vitally important that you keep your site up to date. Updates are released for a variety of reason, one of which is security updates. When a security update is available it is important that you update all elements of your site including Wordpress itself, plugins, and theme files. With that said, it is recommended that you remove any unused plugins and themes.


When you are adding content to your site and decide to change your theme or add a plugin be sure to only add from trusted sources. Adding a plugin or a theme from an untrusted source can contain malicious code that will allow a hacker to gain entry to your site through a back door.

2 questions

Some assumptions we should not make.

Section 3: Securing Your Site - Close the Door!

It may simply be overstated in today's age, but a truly secure password is the first step at thwarting an attack. If an attacker is using a brute force method to try to gain access to your site, and you have yet to implement the other protections described in this course, your only line of defense is a solid password. Set that up now, then we'll move on to the rest. Here you will learn some secrets to creating a solid password.

1 page

Use this document as a reference for creating a rock solid password.

1 question

These rock solid passwords really rock!


In this video I will be installing Wordpress with just about every security vulnerability we discussed. Keep in mind this is only being done this way so we have an example to work with, DO NOT install Wordpress like this on your server. If there is one site on a shared host with vulnerabilities, it is bad news for the rest of the sites as well.


This is probably one of the most common errors among Wordpress users, you simply must avoid common login names such as the following for users with any level of control on your site:

  • admin
  • administrator
  • webmaster
  • your public email address
  • your.real.nickname

Instead, choose a relatively difficult to guess name, and then have Wordpress display your full name instead. Note that the full name field does not need to contain your real full name either.

If you've already made this mistake, we will go over how to change this site wide using phpMyAdmin.


Most hack attempts to your site will generally assume one thing - that your database prefix is wp_, which is the Wordpress default. A simple way to foil a large majority of hack attempts and cross site scripting attacks is to change this prefix setting. The best and easiest time to make this change is during the install, after the install it becomes a bit more complicated, but still reasonable. You'll need to change the setting in one file and in several places within the database, and we'll cover how to do both in this video.


A lot of the changes we make have the potential to impact your site in a very negative way if you make a mistake. For this reason, we will make sure we know how to make a current backup of your database and how to restore that database. Now, should anything unintended happen, we'll be able to simply restore your data. We will look at how to do this manually and through the use of a plugin. It is highly recommended that your first database backup be a manual backup made via phpMyAdmin.


While actually moving the default location of the admin folder would prove quite a burden, there are some 120+ references to these files within Wordpress. There are however a couple simpler and just as effective solutions. In this video we will look at how we can secure the admin login area more effectively using a couple excellent plugins which require additional fields and visually entered data.

2 questions

Just a couple questions for enquiring minds.

Section 4: Additional Options

Here we will discuss several options for using the .htaccess file(s) to protect or restrict access to vital files and folders on your website.

2 pages

This document will help you create or modify your .htaccess files.


Have you been looking at your traffic patterns and seeing a lot of 404 errors from the same IP addresses. Chances are these are bots searching for known vulnerable URLs and URL patterns so they can attack your site via SQL injection. In this video we will take a look at how to effectively eliminate this as a threat using the tools we already have!

1 page

A robots.txt files tells search engine crawlers like Google where they can and cannot index content for inclusion in their search results. You may think granting them full access will help your SEO efforts, but there are certain places you simply should not allow them access to, and not limiting their access is, as you may have guessed, a security threat.


In this video we take a closer look at the Wordfence plugin.


In this video we introduce and take a close look at the iThemes security plugin.


I'm constantly asked this question... Are premium security plugins worth the cost? Watch the video to find out my answer.


Your site should be fully secure now that you've reach this video. However, if you have a more complicated setup and need additional help, please post in the discussion area or send me a message. I try to respond to messages within 24 hours. Also, if you found this site to be of value consider leaving a review, or post a discussion thread with any comments to help make the course better! Finally, thank you so much for securing your site with me!

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Jason Rybka, Swift Developer, Web Developer, Internet Security Consultant

I've been developing web sites and programming since 1999, I know about a dozen different programming languages and I am an expert in Internet Security.

I am fluent in the following languages; Ajax, Applescript, HTML 5, CSS 3, PHP, Java, Javascript, jQuery, Python, Ruby, Objective-C, Swift, and XML.

Out of all the languages I know the newcomer Swift is one of my favorites. I began studying the language the day the documents where released to the world by Apple and I have yet to stop. In my courses I apply the concepts I've learned in a language that is clear and understandable to even non-programmers. I understand learning a new language sometimes has a high learning curve and I minimize this obstacle by adapting proven teaching methods and reinforcement messages to make sure my students fully understand the material.

In 2010 I fulfilled my dream and became a successful full time web designer and app developer creating my own small business XBSJASON TECH SERVICES. I spend my time developing web sites, creating Enterprise applications, making custom code solutions, and evaluating and advising on security thresholds for clients in the New Jersey, New York metro area.

I love being creative and solving problems, programming and web design allow for this passion quite nicely. I also love teaching, I think information and knowledge is power, and we should never stop learning new things.

Ready to start learning?
Start Learning Now