Skip to content


Accessible for the Community (paid), Developer and Business plan users.

On the Hardening > General page you can manage the settings such as:

  1. Disable the theme editor - This could protect you from potential automated attacks that involve the theme editor
  2. Remove readme.html from the WordPress root folder- This will attempt to stop basic readme.html scans
  3. Block readme.txt access
  4. Disable user enumeration - block hackers from getting your WordPress usernames
  5. Hide WordPress version - removes the WordPress version in the tag in the HTML output
  6. Block WordPress application password feature - Disables the application passwords feature introduced in WordPress 5.6
  7. Restrict XML-RPC Access - restricts access to xmlrpc.php by only allowing authenticated users to access it
  8. Restrict WP REST API Access - Restricts access to the WP Rest API by only allowing authenticated users to access it