WordPress powers over 40% of all websites \u2014 which makes it a prime target for hackers. If you\u2019re hosting with cPanel and using WordPress, security should be your top priority.<\/p>\n\n\n\n
At Hosting Marketers, we give you the tools (LiteSpeed, CloudLinux, CPGuard, Cloudflare) \u2014 but here\u2019s what you<\/strong> need to do inside your site to keep everything locked tight.<\/p>\n\n\n\n Older PHP versions are slow, vulnerable, and unsupported.<\/p>\n\n\n\n This file contains your database access and encryption keys.<\/p>\n\n\n\n Use cPanel File Manager or SSH. This setting allows only the file owner (you) to read it \u2014 nobody else.<\/p>\n\n\n\n If you\u2019re using Apache or LiteSpeed<\/strong>, your This is the most critical step. Over 70% of hacked WordPress sites were running outdated code.<\/p>\n\n\n\n Permissions that are too loose can allow attackers to upload or edit files.<\/p>\n\n\n\n Use File Manager or SSH to apply permissions.<\/p>\n<\/blockquote>\n\n\n\n With Hosting Marketers, you have CPGuard<\/strong> and ClamAV<\/strong> available via cPanel.<\/p>\n\n\n\n These headers add protection against XSS, clickjacking, and data leaks:<\/p>\n\n\n\n Even with Hosting Marketers’ secondary drive backups, it\u2019s smart to:<\/p>\n\n\n\n Hackers often exploit the Theme Editor<\/strong> to inject code.<\/p>\n\n\n\n Add this to We already protect your server with LiteSpeed<\/strong>, CloudLinux<\/strong>, CPGuard<\/strong>, and Cloudflare<\/strong> \u2014 but on your site, you can also install:<\/p>\n\n\n\n Only use one security plugin at a time to avoid conflicts.<\/p>\n<\/blockquote>\n\n\n\n Securing your WordPress site is not just about installing a plugin. It\u2019s about maintaining updates, locking down sensitive files, using correct permissions, and staying vigilant.<\/p>\n\n\n\n At Hosting Marketers, we\u2019ve already done the heavy lifting server-side. Now, make sure your WordPress is just as strong on the inside<\/strong>.<\/p>\n\n\n\n WordPress powers over 40% of all websites \u2014 which makes it a prime target for hackers. If you\u2019re hosting with cPanel and using WordPress, security should be your top priority. At Hosting Marketers, we give you the tools (LiteSpeed, CloudLinux, CPGuard, Cloudflare) \u2014 but here\u2019s what you need to do inside your site to keep […]<\/p>\n","protected":false},"author":1,"featured_media":1372,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[88,220],"tags":[223,225,222,228,226,227,229,212,221,224],"class_list":["post-1371","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-wordpress-security","tag-cpaneltips","tag-hostingmarketers","tag-htaccess","tag-malwarescanner","tag-phpupdate","tag-securewordpress","tag-webhostingtips","tag-websitesecurity","tag-wordpresssecurity","tag-wpconfig"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/hosting-marketers.com\/news\/wp-content\/uploads\/2025\/04\/ChatGPT-Image-Apr-15-2025-06_36_03-AM.png?fit=1536%2C1024&ssl=1","jetpack_shortlink":"https:\/\/wp.me\/p9Yxzd-m7","jetpack-related-posts":[{"id":429,"url":"https:\/\/hosting-marketers.com\/news\/2013\/12\/18\/time-zone-how-to-change-it-on-shared-cpanel-servers\/","url_meta":{"origin":1371,"position":0},"title":"Time Zone, how to change it on shared cpanel servers","author":"Admin","date":"December 18, 2013","format":false,"excerpt":"You cannot change it, not on a shared server, but it is possible to change it for your account by editing the PHP script or adding a line to the .htaccess file. You can change the time zone being displayed with a PHP script. (Unfortunately, I cannot tell you where\u2026","rel":"","context":"In "php time zones"","block_context":{"text":"php time zones","link":"https:\/\/hosting-marketers.com\/news\/category\/php-time-zones\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1367,"url":"https:\/\/hosting-marketers.com\/news\/2025\/04\/15\/12-essential-steps-to-secure-your-laravel-website-on-cpanel\/","url_meta":{"origin":1371,"position":1},"title":"12 Essential Steps to Secure Your Laravel Website on cPanel","author":"Admin","date":"April 15, 2025","format":false,"excerpt":"Laravel is a powerful and flexible PHP framework \u2014 but with that power comes responsibility. If you're running your Laravel application on a cPanel server, securing your environment is critical. At Hosting Marketers, we use LiteSpeed, CloudLinux, CPGuard, and Cloudflare, providing a robust foundation \u2014 but the app itself must\u2026","rel":"","context":"In "security"","block_context":{"text":"security","link":"https:\/\/hosting-marketers.com\/news\/category\/security\/"},"img":{"alt_text":"Laravel security is not optional \u2014 and at Hosting Marketers, we make sure you start with the best protection possible. By combining strong server-level firewalls with smart application-level hardening, your Laravel website can stay one step ahead of hackers.","src":"https:\/\/i0.wp.com\/hosting-marketers.com\/news\/wp-content\/uploads\/2025\/04\/ChatGPT-Image-Apr-15-2025-06_15_08-AM.png?fit=800%2C1200&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/hosting-marketers.com\/news\/wp-content\/uploads\/2025\/04\/ChatGPT-Image-Apr-15-2025-06_15_08-AM.png?fit=800%2C1200&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/hosting-marketers.com\/news\/wp-content\/uploads\/2025\/04\/ChatGPT-Image-Apr-15-2025-06_15_08-AM.png?fit=800%2C1200&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/hosting-marketers.com\/news\/wp-content\/uploads\/2025\/04\/ChatGPT-Image-Apr-15-2025-06_15_08-AM.png?fit=800%2C1200&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":518,"url":"https:\/\/hosting-marketers.com\/news\/2015\/04\/24\/cloudlinux\/","url_meta":{"origin":1371,"position":2},"title":"cloudlinux, php version selector and sites slowing down","author":"Admin","date":"April 24, 2015","format":false,"excerpt":"One of the software's we use on our servers is http:\/\/www.cloudlinux.com\/ this allows the customer to choose which version of PHP he wants on his account, this selection is done on the cpanel, it secures the site so if one site is hacked the server is not damaged and other\u2026","rel":"","context":"In "php version selector"","block_context":{"text":"php version selector","link":"https:\/\/hosting-marketers.com\/news\/category\/php-version-selector\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":51,"url":"https:\/\/hosting-marketers.com\/news\/2007\/07\/19\/using-mysql-in-a-hosting-environment\/","url_meta":{"origin":1371,"position":3},"title":"Using MySQL in a Hosting Environment","author":"Admin","date":"July 19, 2007","format":false,"excerpt":"Most of you know that MySQL is a database server that is heavy-duty.\u00c2\u00a0 It can be used with PHP and other assorted software languages and is a part of the family known as LAMP which stands for Linux, Apache, MySQL, and PHP. Hosting Marketers supports on its cpanel, MYSQL and\u2026","rel":"","context":"In "Hosting Marketers News"","block_context":{"text":"Hosting Marketers News","link":"https:\/\/hosting-marketers.com\/news\/category\/hosting-marketers-news\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1353,"url":"https:\/\/hosting-marketers.com\/news\/2025\/02\/24\/how-to-secure-your-wordpress-and-laravel-sites-on-a-hosting-marketers-shared-accounts\/","url_meta":{"origin":1371,"position":4},"title":"How to Secure Your WordPress and Laravel Sites on a Hosting Marketers Shared Accounts","author":"Admin","date":"February 24, 2025","format":false,"excerpt":"Website security is critical for protecting your data, preventing hacks, and ensuring your site runs smoothly. While your hosting provider has CSF Firewall to protect the server from external threats, securing your WordPress or Laravel site is your responsibility. Many hacks happen because of poor security practices\u2014such as outdated plugins,\u2026","rel":"","context":"In "security"","block_context":{"text":"security","link":"https:\/\/hosting-marketers.com\/news\/category\/security\/"},"img":{"alt_text":"How to Secure Your WordPress and Laravel Sites on a Hosting Server with CSF Firewall","src":"https:\/\/i0.wp.com\/hosting-marketers.com\/news\/wp-content\/uploads\/2025\/02\/security.jpg?fit=1024%2C1024&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/hosting-marketers.com\/news\/wp-content\/uploads\/2025\/02\/security.jpg?fit=1024%2C1024&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/hosting-marketers.com\/news\/wp-content\/uploads\/2025\/02\/security.jpg?fit=1024%2C1024&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/hosting-marketers.com\/news\/wp-content\/uploads\/2025\/02\/security.jpg?fit=1024%2C1024&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":138,"url":"https:\/\/hosting-marketers.com\/news\/2009\/11\/19\/register_globals-on-servers-with-suexec\/","url_meta":{"origin":1371,"position":5},"title":"register_globals on servers with SuExec","author":"Admin","date":"November 19, 2009","format":false,"excerpt":"First of all allowing register_globals on, on a server is real stupid, it is a security risk that no hosting company should accept, but sometimes for old scripts it is necessary to have it on, in this case should be enabled on the customer account on the .htaccess file or\u2026","rel":"","context":"In "Hosting Marketers News"","block_context":{"text":"Hosting Marketers News","link":"https:\/\/hosting-marketers.com\/news\/category\/hosting-marketers-news\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/hosting-marketers.com\/news\/wp-json\/wp\/v2\/posts\/1371","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hosting-marketers.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hosting-marketers.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hosting-marketers.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hosting-marketers.com\/news\/wp-json\/wp\/v2\/comments?post=1371"}],"version-history":[{"count":2,"href":"https:\/\/hosting-marketers.com\/news\/wp-json\/wp\/v2\/posts\/1371\/revisions"}],"predecessor-version":[{"id":1374,"href":"https:\/\/hosting-marketers.com\/news\/wp-json\/wp\/v2\/posts\/1371\/revisions\/1374"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hosting-marketers.com\/news\/wp-json\/wp\/v2\/media\/1372"}],"wp:attachment":[{"href":"https:\/\/hosting-marketers.com\/news\/wp-json\/wp\/v2\/media?parent=1371"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hosting-marketers.com\/news\/wp-json\/wp\/v2\/categories?post=1371"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hosting-marketers.com\/news\/wp-json\/wp\/v2\/tags?post=1371"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\n\n\n\n1. Use a Secure PHP Version<\/h2>\n\n\n\n
Recommended:<\/h3>\n\n\n\n
\n
How to Check:<\/h3>\n\n\n\n
\n
\n\n\n\n2. Lock Down
wp-config.php<\/code><\/h2>\n\n\n\nFile Permission on File Manager<\/h3>\n\n\n\n
wp-config.php to 400\n<\/code><\/pre>\n\n\n\n
\n\n\n\n3. Harden
.htaccess<\/code> File<\/h2>\n\n\n\n.htaccess<\/code> file is your firewall.<\/p>\n\n\n\nAdd these rules:<\/h3>\n\n\n\n
# Block access to wp-config.php\n<Files wp-config.php>\n order allow,deny\n deny from all\n<\/Files>\n\n# Block access to .htaccess itself\n<Files .htaccess>\n order allow,deny\n deny from all\n<\/Files>\n\n# Prevent directory browsing\nOptions -Indexes\n\n# Protect uploads folder (except images)\n<Directory \/wp-content\/uploads\/>\n <FilesMatch \"\\.(php|php5|php7|php8)$\">\n Order deny,allow\n Deny from all\n <\/FilesMatch>\n<\/Directory>\n\n# Disable XML-RPC (unless you use Jetpack)\n<Files xmlrpc.php>\n Order allow,deny\n Deny from all\n<\/Files>\n<\/code><\/pre>\n\n\n\n
\n\n\n\n4. Keep WordPress Core, Themes, and Plugins Updated<\/h2>\n\n\n\n
Update Guide:<\/h3>\n\n\n\n
\n
\n\n\n\n5. Use Correct File Permissions<\/h2>\n\n\n\n
File\/Folder<\/th> Recommended Permission<\/th><\/tr><\/thead> wp-config.php<\/code><\/td>400<\/code><\/td><\/tr>All folders<\/td> 755<\/code><\/td><\/tr>All files<\/td> 644<\/code><\/td><\/tr>wp-content\/uploads<\/code><\/td>755<\/code><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n\n
\n\n\n\n6. Scan for Malware (Available via cPanel)<\/h2>\n\n\n\n
\n
\n\n\n\n7. Add Security Headers (Optional via .htaccess)<\/h2>\n\n\n\n
Header set X-Frame-Options \"DENY\"\nHeader set X-XSS-Protection \"1; mode=block\"\nHeader set X-Content-Type-Options \"nosniff\"\nHeader set Referrer-Policy \"no-referrer-when-downgrade\"\nHeader set Content-Security-Policy \"default-src 'self'\"\n<\/code><\/pre>\n\n\n\n
\n\n\n\n8. Backup Frequently (And Keep Copies Off-Site)<\/h2>\n\n\n\n
\n
\n\n\n\n9. Disable File Editing in WP Admin<\/h2>\n\n\n\n
wp-config.php<\/code>:<\/p>\n\n\n\ndefine('DISALLOW_FILE_EDIT', true);\n<\/code><\/pre>\n\n\n\n
\n\n\n\n10. Use a Security Plugin (Optional but Helpful)<\/h2>\n\n\n\n
\n
\n
\n\n\n\nFinal Tips from Hosting Marketers<\/h2>\n\n\n\n
\n
\/wp-login.php<\/code> to something custom (via plugin)<\/li>\n\n\n\n
\n\n\n\nConclusion<\/h2>\n\n\n\n
\n","protected":false},"excerpt":{"rendered":"