How To Update WordPress Security Keys and Salts

Alerts usually pop up on websites asking you to allow the usage of cookies while you are scrolling through website pages. We advise you to be mindful of this because cookies track the pages you are looking at within a website, for sales strategy purposes.  

Cookies can also be a security risk as it stores login information for websites. That’s why security keys (secret keys) and salts are made to encrypt the cookies to prevent hackers from getting sensitive information from it.  

Security keys and salts can be added to your WordPress website. Follow the instructions below on how to set it up.

1. Log in to cPanel or connect to FTP.
2. Click the File Manager button under Files category. Skip this step if you are using FTP.
   
   
   
    
3. Access your WordPress website files and right-click on wp-config.php file.
   
   
    
   TIP:
    

   • The main domain’s website files are in public_html folder
   • An addon domain’s website files are in the addon directory.
   • A subdomain’s website files are in the subdomain’s directory.
   
    
4. Click Edit.
   
   
   
    
5. Click Edit on the pop-up.
   
   
   
    
6. Replace the values in between the single quotes (‘) on the lines underlined in the screenshot.
   
   
   
   
   You can make up random characters or generate it from the WordPress Key Generator.
    

   TIP: Make the keys as long and as complicated as it can be so that it’s hard for someone to decrypt it. There’s no need to remember the keys after this process.

   
    
7. Click the Save Changes button.
   
   
   
   
   Updating of security keys and salts logs out all users in your WordPress website. You can repeat this process every time you feel someone is hacking your website.  

Please do not hesitate to contact our 24/7 Singapore or Australia Support Team if you have further questions.