WordPress is one of the easiest scripts that I have ever seen. When I first used it about 8 years back, it was pretty basic, yet one of the best content management solutions you could find. And then, the famous 5-minutes install was the talk on the web. But, the fact was that the 5-minutes did not account for the creation of the database and it was here that most people would get stuck.
Fast forward to now and you will find that WordPress has evolved from a blogging platform to a complete content management solution and yet they have retained the 5 minutes install that it was famous for when it started.
So if that headline got you thinking (assuming that you know the history of WordPress), then let me put it together once again for you. I am going to show you how to install a secured WordPress blog in 3 minutes and that would be without creating a database.
Now, you would be wondering as to what does, “without creating a database” mean?
To put it straight, what I am going to do is use the 1-click install options that comes with most Linux hosting services and install a WordPress Blog.
The biggest problem with such installations is the fact that they are not secured and prone to hacker attacks. This is primarily because of the fact that these installations have an insecure database name and associated username. These are predictable and can be easily hacked. It usually follows a specific pattern; specific to the hosting company and the fact that the database name and the username are the same add to the woes. What more can a hacker ask for?
It is hence that I am wary of installing a WordPress Blog using these 1-click installs.
But there is a way around it. It is by changing these credentials, which is pretty simple. And if you know how to do it, then using the 1-click install is the easiest way of installing a WordPress blog.
So, without further ado, let’s move on to see how to install a secured WordPress Blog in 3 minutes!
Install a Secured WordPress Blog in 3 Minutes
Let me first start with how to install the blog using the 1-click install. I use Bluehost for all my WordPress Blogs and I recommend them, if you don’t want to spend a lot of money. They are economical and extremely secure. Their support is unmatched and hence I recommend using them.
Bluehost uses the 1-click install option from Mojo Marketplace. They have some very economical, but amazing WordPress themes, plugins, graphics etc. and I am sure you will like the options you see there.
We start off by entering the 1-click install option. You can see it on your cpanel dashboard.
Once you click on the “Install WordPress” option, you are taken to the Mojo Marketplace dashboard from where you will find 2 options – install a fresh WordPress blog or, import an existing one. Don’t be mistaken with the import option. It is not to import a WordPress blog from a backup you have. Instead it is only to add a manually installed WordPress blog on your hosting, to the Mojo marketplace WordPress dashboard.
We start by clicking on “Install”.
On the Install page, we can select the domain that we want to install the blog on. If you want to install it in the parent directory of the domain, just leave the “directory” field blank. Else you can enter the name of the directory in the field.
On the next page, you should be able to see the login credentials to your WordPress Admin dashboard. You can copy them down and once you are okay to proceed, just click on “Install Now”. Don’t forget to check the box to agree that you have read the terms and conditions.
And that should install your WordPress blog.
Securing your WordPress Database
WordPress blogs are amongst the most hacked web properties. It is because of the single major reason that the WordPress script is Open source and that gives hackers an easy entry into understanding how the script works and find loopholes to hack it.
The WordPress guys keep updating the scripts regularly to take care off any security vulnerabilities and at the same time to add newer features. This takes care off some of the hacking menace.
While this could be one of the reasons for WordPress installations getting hacked, the biggest reason is insecure databases. Once hackers are able to enter the database of your WordPress install, then the rest is a cakewalk. Not only will this affect the single blog instead this will help the hackers get access to the rest of the blogs installed in the same server.
To some extent the security systems of the hosting service providers blocks a lot of these hacking attempts. But only to some extent. And we have seen that Bluehost has one of the most robust security systems that you would see in hosting service providers. You can get an unlimited hosting with Bluehost for only $3.95 per month. Click this link to secure your discount!
The 1-click WordPress installations that come with most hosting providers creates databases that are not secure and hence if you are using this option to install your WordPress blog (which is what we recommend if you don’t know how to create and setup a database), then you might want to ensure that you have secured your databases.
So we now move onto securing your database. You will first want to get into your MySQL Databases and locate the database for your WordPress Blog.
Once you are in your MySql database dashboard, you should see a database with a typical name ending in numbers and with a username which is the same as the database name. That is the database you are looking for. You can see that in the below screenshot.
Click on the “rename” and you will see a pop-up where you can enter the new name for the database. Remember to keep a note of the new name for the database. The name will be in the form of a prefix_suffix. You will get an option of changing the suffix and that is what you need to note down. The prefix remains the same for all databases in your account.
We can now move onto changing the username. When you scroll a little further down, you will find a list of users associated with your databases. You should find a username that is similar to the database name that we just changed. This is the one we are looking for. Click on the “rename” link and you should be able to change the username. Again, note that you can only change the suffix in this case as well. The prefix remains the same for all usernames in your account.
The 2 steps above will change the name of the database and the username for the database. And since we have created a secure name for these, we have taken care off the hacking menace.
But, now you will have to change these credentials in the configuration files in your WordPress blog. It is this configuration file that helps the scripts to communicate with the databases. You will find this in the wp-config file in your file manager.
Click over to the file manager using the option as shown in the screenshot below:
You should see a pop-up asking you to select the directory that you want to open. Select the option “Document Root for” and then the domain name, as in the below screenshot.
That should open the file manager and you should see a list of files and folders in it. Once you are in, you need to select the “wp-config” file and then click on “Code editor” in the top menu as in the image below.
Okay! So we are into the final step in installing a secured WordPress Blog in 3 minutes.
You would see a pop-up. Just click on “Edit” and you should see a new window opening with a lot of code in it. If you are not code-savvy, which is what I am assuming, else you would not have been reading this post, it would look like alien language for you. But don’t worry. It is pretty simple.
Just find the part where you see “define(‘DB_NAME’ ” (without the double quotes). This is the name of the database. You can edit it by replacing the information with the single quotes with the new database name you had created a little while back. Just beneath this you would find the username as well after “define(‘DB_USER’ ” (without the double quotes) and change the information with the username you created above. You can see these in the images below.
After you have finished editing the file, save it and close it. You should see the save button on the top right corner of your screen.
In order to check if your blog is functioning right, just open the url in your browser and if your homepage loads, then we have successfully setup our secured WordPress Blog.
For the detailed step-by-step guide, you can see the below video where you show you the above steps in detail and time it to show you that we can do it in about 3 minutes flat. It is that simple.
I hope you enjoyed this video and the post. If you liked it don’t forget to share it with your friends by clicking one of the share buttons below. You can subscribe to my channel for more informative videos.
We use Bluehost for most of our hosting needs because they are one of the most secure hosting providers. You can get an unlimited shared hosting plan to host unlimited domains for as low as $3.95/month. Use this link to secure your discounted price.