WordPress powers over 43% of all websites, making it the #1 target for cyberattacks. From forceful login attempts to backdoor file injections, hackers constantly look for weak spots on unprotected WordPress sites.
But here’s the good news: you don’t need dozens of security plugins or deep technical knowledge to protect your site. If your web host supports Softaculous, you already have access to a built-in tool called WordPress Manager, and it gives you the power to lock down your site with a few clicks.
Why Use WordPress Manager Instead of Plugins?
Too many plugins slow down your website, and ironically, they can introduce new vulnerabilities if they’re outdated or poorly coded.
WordPress Manager by Softaculous provides a safer alternative by letting you:
- Apply critical security fixes directly from your control panel
- Understand each security measure before enabling it
- Revert changes instantly if needed
- Avoid plugin conflicts and bloat
Common WordPress Security Threats (That You Can Prevent)
|
Threat |
What Can Happen |
|
Weak admin usernames |
Brute-force attacks gain access to your dashboard |
|
Poor file permissions |
Hackers inject malicious code into your files |
|
Exposed XML-RPC |
Site can be used in DDoS attacks |
|
Editable theme/plugin files |
Hackers modify your code if your admin is compromised |
|
Open directory browsing |
Hackers view and steal sensitive data |
|
Public access to system files |
.htaccess, wp-config, and other files can be exploited |
All of these threats can be blocked in just a few clicks using WordPress Manager’s built-in security features.
How to Access WordPress Manager by Softaculous
There are two easy ways to access WordPress Manager:
OPTION 1:
STEP 1: Log in to your cPanel.
There are three methods to log into your cPanel.
- Method 1: Log in to your cPanel directly.
- Method 2: Log in to your cPanel through your Customer Portal.
Through your Customer Portal;
- Log in to your Customer Portal.
- Click on "Log in to cPanel".
- Method 3: Log in using the details sent to your Email.
Through your Email;
- When you purchase a hosting plan, your cPanel login details (including username, password, and cPanel URL) are automatically sent to your registered email address. Simply check your inbox (or spam folder), locate the email, and use the provided credentials to access your cPanel.
STEP 2: Navigate to the left-side, and click on WordPress Manager by Softaculous.
OPTION 2:
STEP 1: Log in to cPanel (Refer to the steps above if you need guidance on accessing your cPanel.)
STEP 2: Locate the Software section and click on Softaculous Apps Installer.
STEP 3: Click in Installation.
Alternatively, you can select the “All Installations” icon from the menu in the upper-right corner.
STEP 4: Click the WordPress icon next to the website you want to manage.
Here’s a preview of the options available in WordPress Manager:
- Change default “admin” username.
- Restrict access to files and directories.
- Block access to xmlrpc.php, .htaccess, and .htpasswd.
- Turn off pingbacks to prevent DDoS abuse.
- Disable file editing inside WordPress.
- Block author scans (used to expose login usernames).
- Disable directory browsing.
- Prevent PHP execution in vulnerable folders (wp-includes, uploads).
- Block access to sensitive system files.
- Enable bot protection (to block malicious traffic).
NOTE: If you’re unsure about a security setting or your site behaves oddly after applying one, you can easily revert any change from WordPress Manager. And if you ever need guidance, contact LyteHosting support, we’re available 24/7 and ready to help.
