Installing WordPress

Several years ago we took the decision to embrace the use of open source platforms, in particular WordPress, accepting that these were going to become the way forward. With the mass availability of themes at very little cost it takes a lot to shy away from them and revert to the use of basic HTML mark-up for a general day to day website.

WordPress is a state-of-the-art semantic personal publishing platform with a focus on aesthetics, web standards, and usability. WordPress is both free and priceless at the same time. More simply, WordPress is what you use when you want to work with your blogging software, not fight it.

As WordPress is open source software it is regularly updated and is free, which of course is great news, but with that comes the associated problem that hackers have easy access to the source code and this makes WordPress sites open to hacking on a regular basis.

As an example of the sheer level of the problem of attacks against WordPress websites, the ever so popular Wordfence plug in, as we wrote this blog post on the 12^th December 2019, reported that in the previous 30 days it had blocked an outstanding 3,389,940,569 attacks against WordPress websites and backlisted 68,398 Malicious IP addresses.

With this in mind, once you have installed WordPress, we would recommend that you read our Blog Post ‘WordPress Sites – Security and Essential Plugins’ and consider installing what we recommend as the absolute minimum requirement when installing and configuring your WordPress site in order to protect it as much as possible from future hacking attempts that it will inevitably receive.

Installing WordPress via CPanel Softaculous Apps Installer

If you have the facility to do so we would recommend that you set up an SSL Certificate on your hosting account before you commence the installation of WordPress.

This next bit of advice catches an awful lot of people out, please take heed now otherwise you may have to move you WordPress installation, if it is not moved correctly you may even have to start over again with a completely fresh installation, losing any work that you have already done. If you do have to move your WordPress installation please do read our Blog post WordPress Site Migration before attempting to move it.

When installing via the Softaculous Apps Installer, in the ‘Software Set Up’ area, where it says ‘Choose Installation URL’ remove the ‘wp’ from the ‘in Directory’ field so the field is left empty, this will then install WordPress into the root of your directory and your site will show as you expect when a user enters your direct URL only.

Database

The WordPress Database is the ‘brain’ for your entire WordPress site because every single piece of information is stored within it thus making it a hacker’s favourite target. Spammers/Hackers will try to perform SQL injection attacks on your site, you will make it easier for the hackers to perform a mass attack by retaining the default database prefix ‘wp_’.

Therefore, when setting up the database we would recommend that you do not use the standard database prefix of ‘wp_’ use something random like ‘gb_7’.

Username and Roles

The standard username for the Administrator with all the powers to change anything on your site is ‘admin’ never use this username or allow it to be registered as a user!

At the point of installation/set up use an administrator username that is very random and one that is not easy to guess by anyone. (i.e. not your name…) Only ever use this administrator account for the installation, set up and subsequent configuration of your WordPress site, never use it to make any posts or write any pages on your WordPress site.

Once your site is set up and configured set up another user account with roles/privileges as an Editor (Somebody who can publish and manage posts including the posts of other users) or an Author (Somebody who can publish and manage their own posts) We would suggest the role of Editor for the site owner/administrator to use on a daily basis and Author for other people you wish to have full access to make posts on your WordPress site – An Author cannot write or edit pages whilst an Editor can. You can read more about WordPress roles here.

When you have set up your users and their privileges, go back to edit the Users Profile, set within the Users ‘Nickname’ the name you would wish to be displayed publicly and then, using the drop down box, set the ‘Display name publicly as’ to the Nickname you had entered.

Whilst we are talking about Usernames, it may be a good idea for you to have a read through our article on Usernames and Passwords.

Cookie	Duration	Description
cf_logged_in	2 Years	This Cloudflare cookie (https://www.cloudflare.com) maximises network resources, manages traffic, and protects our site from potentially malicious traffic.
CF_VERIFIED_DEVICE	2 Years	This Cloudflare cookie (https://www.cloudflare.com) maximises network resources, manages traffic, and protects our site from potentially malicious traffic.
sparrow_id	2 Years	This Cloudflare cookie (https://www.cloudflare.com) maximises network resources, manages traffic, and protects our site from potentially malicious traffic.
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
cookielawinfo-checkbox-functional	1 year	The cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-performance	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance".
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-others	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
_GRECAPTCHA	5 months	The cookie is set by the Google reCAPTCHA service and is set as a necessary cookie when executed for the purpose of providing its risk analysis, we use this service to assist in preventing spam by identifying if the user is an individual rather than a BOT when completing one of our online form(s).
CONSENT	23 months	The cookie is set by Google and is used to assist with the functionality of the Google reCAPTCHA service, we use this service to assist in preventing spam by identifying if the user is an individual rather than a BOT when completing one of our online form(s).
NID	5 months	The cookie is set by Google and is used to assist with the functionality of the Google reCAPTCHA service, we use this service to assist in preventing spam by identifying if the user is an individual rather than a BOT when completing one of our online form(s).

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_SF1MRV5YP7	2 years	This cookie is installed by Google Analytics.

Related Posts

Offices Open, We Are All Back to Work…

Happy New Year

Merry Christmas and a Happy New Year to all Our Clients and Colleagues