When you log in to WordPress, you have the option to remain logged in long-term. To achieve this, WordPress stores your login data in cookies instead of in a PHP session. Malicious individuals can hijack your cookies through various means, leaving your website vulnerable.
To make it harder for attackers to use cookie data, you can take advantage of SALT keys. WordPress SALT keys encrypt your password, making it harder to guess. What’s more, it’s next to impossible for hackers to simply ‘unscramble’ the result in order to get at the original password.
Upload salt-shaker folder to the /wp-content/plugins/ directory.
Activate the plugin through the Plugins menu in WordPress.
Navigate to Tools > Salt Shaker menu to configure the plugin.
Screenshots
Plugin Settings.
FAQ
Nothing happens?
Make sure that wp-config.php file has the salt keys. If for any reason the keys aren’t there; you can always generate a set of keys from this link https://api.wordpress.org/secret-key/1.1/salt/ and add it to your wp-config.php file. Once that’s done, the plugin will be able to shake them based on your settings.
The plugin isn’t working or have a bug?
Post detailed information about the issue in the support forum and we will work to fix it.
Custom wp-config.php location?
You can use this filter to define the file location salt_shaker_salts_file. Example: In this example, the new location of the config file is in a folder that’s outside WordPress location in a folder called wpsecret. Make sure to replace it with your secret location 😉