Yes, you will fall at the mid-ocean, trust me!
Well, most of the bloggers just maintain a simple blog so usually they donâ€™t need to worry. They just need to keep a regular backup. But if you are planning to run a business site in wordpress and if that site is your everything, never ever use one click installer to install wordpress! Youâ€™d be better off installing it manually which may take you a few minutes longer to install.
Here you can get an idea about manually installing wordpress:
If you want to install manually, download wordpress from here. Then you can upload this through ftp. You can use several ftp client such as â€“ filezilla, coreftp, fireftp (a firefox add-on) etc. You can know about uses of filezilla here.
Why you shouldnâ€™t?
- Big WordPress Security Risks
- Exporting and importing content with WordPressâ€™s built in export tools
- They use old scripts. Updated versions of WordPress or any script are not immediately released on those services. They install an outdated version of WordPress. Itâ€™s not a good start with outdated one.
- They bypasses almost all settings used for installing
- Sometimes it has issues while you want to upgrade.
- Suppose first created database is wpdb1 and the next one is wpdb2 and so on. Malicious hackers know this is how theyâ€™re created and it gives them more ammo.
- Created a file named fantversion.php (or something similar), which is common for all auto installers. This is a security risk if crackers know how to break into it.
- The auto created database name and the database username is same in most cases.
So what if you have already installed?
- First of all, keep a backup of whole site and the database.
- Download latest wordpress from WP rep. (see above for link)
- Delete wp_admin and wp_includes folder via ftp.
- Extract the zip and upload only wp_admin and wp_includes folder via ftp.
- Change (alter) the database name, db username and password.
- Put the changed db name, db username and db password in wp-config.php.
- Get new auth key, salt etc from https://api.wordpress.org/secret-key/1.1/salt
- Copy and replace the keys in wp-config.php
- Uninstall the plugins that come with default one-click installation
It should work.
WordPress is a 15min install when completely secured and optimized through htaccess. So itâ€™s your decision what will be your route. I just showed you some examples, if you do a little research over google you will get lots of ideas about it.
Hope you will enjoy!